Warning: Permanently added '[localhost]:11446' (ECDSA) to the list of known hosts. 2022/09/13 14:23:44 fuzzer started 2022/09/13 14:23:44 dialing manager at localhost:36597 syzkaller login: [ 43.916291] cgroup: Unknown subsys name 'net' [ 44.018549] cgroup: Unknown subsys name 'rlimit' 2022/09/13 14:23:59 syscalls: 2215 2022/09/13 14:23:59 code coverage: enabled 2022/09/13 14:23:59 comparison tracing: enabled 2022/09/13 14:23:59 extra coverage: enabled 2022/09/13 14:23:59 setuid sandbox: enabled 2022/09/13 14:23:59 namespace sandbox: enabled 2022/09/13 14:23:59 Android sandbox: enabled 2022/09/13 14:23:59 fault injection: enabled 2022/09/13 14:23:59 leak checking: enabled 2022/09/13 14:23:59 net packet injection: enabled 2022/09/13 14:23:59 net device setup: enabled 2022/09/13 14:23:59 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/13 14:23:59 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/13 14:23:59 USB emulation: enabled 2022/09/13 14:23:59 hci packet injection: enabled 2022/09/13 14:23:59 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220913) 2022/09/13 14:23:59 802.15.4 emulation: enabled 2022/09/13 14:23:59 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/13 14:23:59 fetching corpus: 36, signal 22131/25695 (executing program) 2022/09/13 14:24:00 fetching corpus: 86, signal 43172/47866 (executing program) 2022/09/13 14:24:00 fetching corpus: 136, signal 52443/58314 (executing program) 2022/09/13 14:24:00 fetching corpus: 186, signal 60318/67249 (executing program) 2022/09/13 14:24:00 fetching corpus: 236, signal 66491/74477 (executing program) 2022/09/13 14:24:00 fetching corpus: 286, signal 73875/82592 (executing program) 2022/09/13 14:24:00 fetching corpus: 336, signal 80773/90191 (executing program) 2022/09/13 14:24:01 fetching corpus: 386, signal 86796/96838 (executing program) 2022/09/13 14:24:01 fetching corpus: 436, signal 92513/103108 (executing program) 2022/09/13 14:24:01 fetching corpus: 485, signal 95498/106829 (executing program) 2022/09/13 14:24:01 fetching corpus: 535, signal 98024/110088 (executing program) 2022/09/13 14:24:01 fetching corpus: 585, signal 100774/113541 (executing program) 2022/09/13 14:24:01 fetching corpus: 635, signal 104679/117928 (executing program) 2022/09/13 14:24:01 fetching corpus: 685, signal 108116/121789 (executing program) 2022/09/13 14:24:02 fetching corpus: 735, signal 111605/125711 (executing program) 2022/09/13 14:24:02 fetching corpus: 785, signal 113900/128503 (executing program) 2022/09/13 14:24:02 fetching corpus: 835, signal 117460/132313 (executing program) 2022/09/13 14:24:02 fetching corpus: 885, signal 120544/135636 (executing program) 2022/09/13 14:24:02 fetching corpus: 935, signal 123077/138467 (executing program) 2022/09/13 14:24:02 fetching corpus: 985, signal 125757/141332 (executing program) 2022/09/13 14:24:03 fetching corpus: 1035, signal 127886/143788 (executing program) 2022/09/13 14:24:03 fetching corpus: 1083, signal 130191/146269 (executing program) 2022/09/13 14:24:03 fetching corpus: 1133, signal 132192/148477 (executing program) 2022/09/13 14:24:03 fetching corpus: 1183, signal 133749/150351 (executing program) 2022/09/13 14:24:03 fetching corpus: 1233, signal 135887/152613 (executing program) 2022/09/13 14:24:03 fetching corpus: 1283, signal 137401/154448 (executing program) 2022/09/13 14:24:03 fetching corpus: 1333, signal 139021/156231 (executing program) 2022/09/13 14:24:03 fetching corpus: 1383, signal 140690/158069 (executing program) 2022/09/13 14:24:04 fetching corpus: 1433, signal 142530/159960 (executing program) 2022/09/13 14:24:04 fetching corpus: 1483, signal 144554/161966 (executing program) 2022/09/13 14:24:04 fetching corpus: 1533, signal 146427/163817 (executing program) 2022/09/13 14:24:04 fetching corpus: 1580, signal 147926/165393 (executing program) 2022/09/13 14:24:04 fetching corpus: 1630, signal 149249/166852 (executing program) 2022/09/13 14:24:04 fetching corpus: 1680, signal 150708/168389 (executing program) 2022/09/13 14:24:04 fetching corpus: 1730, signal 152375/169972 (executing program) 2022/09/13 14:24:05 fetching corpus: 1780, signal 153843/171414 (executing program) 2022/09/13 14:24:05 fetching corpus: 1830, signal 155599/172994 (executing program) 2022/09/13 14:24:05 fetching corpus: 1880, signal 156750/174121 (executing program) 2022/09/13 14:24:05 fetching corpus: 1930, signal 158311/175506 (executing program) 2022/09/13 14:24:05 fetching corpus: 1978, signal 159403/176542 (executing program) 2022/09/13 14:24:05 fetching corpus: 2027, signal 160300/177528 (executing program) 2022/09/13 14:24:05 fetching corpus: 2072, signal 161328/178512 (executing program) 2022/09/13 14:24:06 fetching corpus: 2122, signal 162533/179616 (executing program) 2022/09/13 14:24:06 fetching corpus: 2172, signal 163601/180644 (executing program) 2022/09/13 14:24:06 fetching corpus: 2222, signal 164803/181633 (executing program) 2022/09/13 14:24:06 fetching corpus: 2272, signal 165696/182507 (executing program) 2022/09/13 14:24:06 fetching corpus: 2322, signal 167758/184033 (executing program) 2022/09/13 14:24:06 fetching corpus: 2372, signal 169440/185304 (executing program) 2022/09/13 14:24:06 fetching corpus: 2422, signal 170329/186051 (executing program) 2022/09/13 14:24:07 fetching corpus: 2472, signal 171099/186734 (executing program) 2022/09/13 14:24:07 fetching corpus: 2522, signal 172799/187821 (executing program) 2022/09/13 14:24:07 fetching corpus: 2572, signal 173753/188558 (executing program) 2022/09/13 14:24:07 fetching corpus: 2622, signal 174805/189308 (executing program) 2022/09/13 14:24:07 fetching corpus: 2672, signal 176155/190158 (executing program) 2022/09/13 14:24:07 fetching corpus: 2722, signal 177451/190948 (executing program) 2022/09/13 14:24:07 fetching corpus: 2772, signal 178521/191657 (executing program) 2022/09/13 14:24:07 fetching corpus: 2821, signal 179254/192253 (executing program) 2022/09/13 14:24:07 fetching corpus: 2871, signal 180191/192833 (executing program) 2022/09/13 14:24:08 fetching corpus: 2921, signal 181324/193530 (executing program) 2022/09/13 14:24:08 fetching corpus: 2971, signal 181887/193949 (executing program) 2022/09/13 14:24:08 fetching corpus: 3021, signal 183227/194697 (executing program) 2022/09/13 14:24:08 fetching corpus: 3071, signal 184260/195259 (executing program) 2022/09/13 14:24:08 fetching corpus: 3121, signal 184863/195723 (executing program) 2022/09/13 14:24:08 fetching corpus: 3171, signal 185652/196200 (executing program) 2022/09/13 14:24:09 fetching corpus: 3221, signal 186899/196774 (executing program) 2022/09/13 14:24:09 fetching corpus: 3271, signal 187735/197192 (executing program) 2022/09/13 14:24:09 fetching corpus: 3321, signal 188628/197637 (executing program) 2022/09/13 14:24:09 fetching corpus: 3371, signal 189224/197993 (executing program) 2022/09/13 14:24:09 fetching corpus: 3420, signal 190413/198510 (executing program) 2022/09/13 14:24:09 fetching corpus: 3469, signal 191645/198961 (executing program) 2022/09/13 14:24:10 fetching corpus: 3518, signal 192852/199422 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/199814 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/199900 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/199988 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/200087 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/200169 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/200259 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/200347 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/200419 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/200493 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/200579 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/200661 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/200754 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/200843 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/200933 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201005 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201095 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201185 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201265 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201343 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201422 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201506 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201593 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201683 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201747 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201846 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201933 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201944 (executing program) 2022/09/13 14:24:10 fetching corpus: 3562, signal 193777/201944 (executing program) 2022/09/13 14:24:13 starting 8 fuzzer processes 14:24:13 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:24:13 executing program 1: keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000001d00), 0x0, 0x0, 0x0) 14:24:13 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)={0x28, 0x11, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0x8, 0x0, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x31, 0x0, 0x0, @u32}]}, 0x28}], 0x1}, 0x0) 14:24:13 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$nl_audit(0x10, 0x3, 0x9) r2 = dup2(r0, r1) r3 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000280)={'syztnl2\x00', r4, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}) [ 72.567804] audit: type=1400 audit(1663079053.285:6): avc: denied { execmem } for pid=289 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 14:24:13 executing program 4: keyctl$set_reqkey_keyring(0xe, 0x1) r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 14:24:13 executing program 5: add_key$fscrypt_v1(&(0x7f0000001a40), &(0x7f0000001a80), &(0x7f0000001ac0)={0x0, "12d54b53688692099c7d549632e4b347f2db02b2e8b5a125da60baa9082849736e2fed1c87ffcf325bc890b6cc769241388f67e0aa632e6e54b5ff17d962385c"}, 0x48, 0xffffffffffffffff) 14:24:13 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffe, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x7fffffff) sendfile(r0, r0, 0x0, 0x100000) 14:24:13 executing program 7: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) io_setup(0x7, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x420, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00') read$hiddev(r0, &(0x7f0000000040)=""/169, 0x200000e9) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x220) r1 = getpid() tgkill(r1, r1, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x4, 0xf9, 0x9, 0x9, 0x0, 0x10000, 0x4800, 0x7, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0xe9bb, 0x1, @perf_config_ext={0x7, 0x100}, 0x5000, 0x1, 0x3e02, 0xd, 0x100, 0x5, 0x1c00, 0x0, 0x6e}, r1, 0xd, 0xffffffffffffffff, 0x6) read(0xffffffffffffffff, &(0x7f0000000000), 0xfffffdef) [ 73.974496] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 73.976181] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 73.977766] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 73.979815] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 73.981035] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 73.983291] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 73.984343] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 73.985776] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 73.987944] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 73.989127] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 74.004207] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 74.005502] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 74.008608] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 74.009924] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 74.010964] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 74.012004] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 74.013950] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 74.015082] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 74.017067] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 74.021243] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 74.022578] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 74.023184] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 74.025099] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 74.026314] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 74.027336] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 74.028810] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 74.030483] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 74.032185] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 74.033179] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 74.034951] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 74.036105] Bluetooth: hci1: HCI_REQ-0x0c1a [ 74.039957] Bluetooth: hci4: HCI_REQ-0x0c1a [ 74.047032] Bluetooth: hci0: HCI_REQ-0x0c1a [ 74.048215] Bluetooth: hci2: HCI_REQ-0x0c1a [ 74.050289] Bluetooth: hci3: HCI_REQ-0x0c1a [ 74.107449] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 74.108210] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 74.112728] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 74.113894] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 74.116750] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 74.116937] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 74.120955] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 74.122286] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 74.124463] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 74.139112] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 74.140317] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 74.142475] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 74.145935] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 74.147556] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 74.149583] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 74.151529] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 74.152843] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 74.156026] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 74.163617] Bluetooth: hci6: HCI_REQ-0x0c1a [ 74.168266] Bluetooth: hci7: HCI_REQ-0x0c1a [ 74.182000] Bluetooth: hci5: HCI_REQ-0x0c1a [ 76.102371] Bluetooth: hci0: command 0x0409 tx timeout [ 76.102726] Bluetooth: hci1: command 0x0409 tx timeout [ 76.103210] Bluetooth: hci3: command 0x0409 tx timeout [ 76.104287] Bluetooth: hci2: command 0x0409 tx timeout [ 76.104771] Bluetooth: hci4: command 0x0409 tx timeout [ 76.229806] Bluetooth: hci5: command 0x0409 tx timeout [ 76.230276] Bluetooth: hci6: command 0x0409 tx timeout [ 76.230752] Bluetooth: hci7: command 0x0409 tx timeout [ 78.149808] Bluetooth: hci4: command 0x041b tx timeout [ 78.149862] Bluetooth: hci1: command 0x041b tx timeout [ 78.150728] Bluetooth: hci2: command 0x041b tx timeout [ 78.151176] Bluetooth: hci0: command 0x041b tx timeout [ 78.151954] Bluetooth: hci3: command 0x041b tx timeout [ 78.277819] Bluetooth: hci7: command 0x041b tx timeout [ 78.278664] Bluetooth: hci6: command 0x041b tx timeout [ 78.279833] Bluetooth: hci5: command 0x041b tx timeout [ 80.197729] Bluetooth: hci0: command 0x040f tx timeout [ 80.197938] Bluetooth: hci3: command 0x040f tx timeout [ 80.199506] Bluetooth: hci2: command 0x040f tx timeout [ 80.200615] Bluetooth: hci1: command 0x040f tx timeout [ 80.201388] Bluetooth: hci4: command 0x040f tx timeout [ 80.325801] Bluetooth: hci5: command 0x040f tx timeout [ 80.326613] Bluetooth: hci6: command 0x040f tx timeout [ 80.327399] Bluetooth: hci7: command 0x040f tx timeout [ 82.245805] Bluetooth: hci4: command 0x0419 tx timeout [ 82.246427] Bluetooth: hci1: command 0x0419 tx timeout [ 82.246739] Bluetooth: hci0: command 0x0419 tx timeout [ 82.248458] Bluetooth: hci2: command 0x0419 tx timeout [ 82.249260] Bluetooth: hci3: command 0x0419 tx timeout [ 82.373819] Bluetooth: hci7: command 0x0419 tx timeout [ 82.374276] Bluetooth: hci6: command 0x0419 tx timeout [ 82.374722] Bluetooth: hci5: command 0x0419 tx timeout 14:25:11 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)={0x28, 0x11, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0x8, 0x0, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x31, 0x0, 0x0, @u32}]}, 0x28}], 0x1}, 0x0) 14:25:11 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)={0x28, 0x11, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0x8, 0x0, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x31, 0x0, 0x0, @u32}]}, 0x28}], 0x1}, 0x0) 14:25:11 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)={0x28, 0x11, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0x8, 0x0, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x31, 0x0, 0x0, @u32}]}, 0x28}], 0x1}, 0x0) 14:25:11 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r0, 0x29, 0x50, 0x0, &(0x7f0000000080)) 14:25:12 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r0, 0x29, 0x50, 0x0, &(0x7f0000000080)) 14:25:12 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r0, 0x29, 0x50, 0x0, &(0x7f0000000080)) 14:25:12 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r0, 0x29, 0x50, 0x0, &(0x7f0000000080)) 14:25:12 executing program 2: accept4$packet(0xffffffffffffffff, 0x0, 0x0, 0x0) [ 133.051039] syz-executor.6 (3875) used greatest stack depth: 23304 bytes left [ 135.898621] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 135.901372] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 135.903552] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 135.909446] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 135.912147] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 135.913790] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 135.920853] Bluetooth: hci1: HCI_REQ-0x0c1a [ 135.963237] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 135.966010] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 135.968450] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 135.971093] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 135.976871] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 135.978030] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 135.980179] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 135.981413] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 135.983486] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 135.985588] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 135.996438] Bluetooth: hci3: HCI_REQ-0x0c1a [ 136.001406] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 136.004228] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 136.020789] Bluetooth: hci5: HCI_REQ-0x0c1a [ 137.797758] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 137.989805] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 137.991606] Bluetooth: hci1: command 0x0409 tx timeout [ 138.053719] Bluetooth: hci3: command 0x0409 tx timeout [ 138.053773] Bluetooth: hci5: command 0x0409 tx timeout [ 140.037846] Bluetooth: hci1: command 0x041b tx timeout [ 140.102897] Bluetooth: hci5: command 0x041b tx timeout [ 140.104222] Bluetooth: hci3: command 0x041b tx timeout [ 140.299410] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 140.301272] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 140.302294] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 140.309862] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 140.311336] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 140.312268] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 140.316551] Bluetooth: hci0: HCI_REQ-0x0c1a [ 140.558038] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 140.559927] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 140.567863] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 140.583890] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 140.585622] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 140.598035] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 140.601766] Bluetooth: hci4: HCI_REQ-0x0c1a [ 142.086734] Bluetooth: hci1: command 0x040f tx timeout [ 142.150748] Bluetooth: hci3: command 0x040f tx timeout [ 142.151269] Bluetooth: hci5: command 0x040f tx timeout [ 142.342739] Bluetooth: hci0: command 0x0409 tx timeout [ 142.662783] Bluetooth: hci4: command 0x0409 tx timeout [ 144.133772] Bluetooth: hci1: command 0x0419 tx timeout [ 144.197852] Bluetooth: hci5: command 0x0419 tx timeout [ 144.198960] Bluetooth: hci3: command 0x0419 tx timeout [ 144.389846] Bluetooth: hci0: command 0x041b tx timeout [ 144.710750] Bluetooth: hci4: command 0x041b tx timeout [ 146.438776] Bluetooth: hci0: command 0x040f tx timeout [ 146.758737] Bluetooth: hci4: command 0x040f tx timeout [ 148.486723] Bluetooth: hci0: command 0x0419 tx timeout [ 148.807143] Bluetooth: hci4: command 0x0419 tx timeout [ 171.260464] audit: type=1400 audit(1663079151.974:7): avc: denied { open } for pid=6090 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 171.262329] audit: type=1400 audit(1663079151.975:8): avc: denied { kernel } for pid=6090 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 171.271531] ------------[ cut here ]------------ [ 171.271565] [ 171.271570] ====================================================== [ 171.271576] WARNING: possible circular locking dependency detected [ 171.271583] 6.0.0-rc5-next-20220913 #1 Not tainted [ 171.271595] ------------------------------------------------------ [ 171.271600] syz-executor.0/6091 is trying to acquire lock: [ 171.271611] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 171.271677] [ 171.271677] but task is already holding lock: [ 171.271682] ffff88803d64d820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 171.271731] [ 171.271731] which lock already depends on the new lock. [ 171.271731] [ 171.271736] [ 171.271736] the existing dependency chain (in reverse order) is: [ 171.271742] [ 171.271742] -> #3 (&ctx->lock){....}-{2:2}: [ 171.271767] _raw_spin_lock+0x2a/0x40 [ 171.271796] __perf_event_task_sched_out+0x53b/0x18d0 [ 171.271819] __schedule+0xedd/0x2470 [ 171.271837] schedule+0xda/0x1b0 [ 171.271854] exit_to_user_mode_prepare+0x114/0x1a0 [ 171.271891] syscall_exit_to_user_mode+0x19/0x40 [ 171.271923] do_syscall_64+0x48/0x90 [ 171.271947] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 171.271978] [ 171.271978] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 171.272004] _raw_spin_lock_nested+0x30/0x40 [ 171.272031] raw_spin_rq_lock_nested+0x1e/0x30 [ 171.272054] task_fork_fair+0x63/0x4d0 [ 171.272085] sched_cgroup_fork+0x3d0/0x540 [ 171.272111] copy_process+0x3f9e/0x6df0 [ 171.272129] kernel_clone+0xe7/0x890 [ 171.272146] user_mode_thread+0xad/0xf0 [ 171.272164] rest_init+0x24/0x250 [ 171.272195] arch_call_rest_init+0xf/0x14 [ 171.272229] start_kernel+0x4c1/0x4e6 [ 171.272261] secondary_startup_64_no_verify+0xe0/0xeb [ 171.272286] [ 171.272286] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 171.272311] _raw_spin_lock_irqsave+0x39/0x60 [ 171.272339] try_to_wake_up+0xab/0x1920 [ 171.272364] up+0x75/0xb0 [ 171.272385] __up_console_sem+0x6e/0x80 [ 171.272413] console_unlock+0x46a/0x590 [ 171.272443] do_con_write+0xc05/0x1d50 [ 171.272462] con_write+0x21/0x40 [ 171.272480] n_tty_write+0x4d4/0xfe0 [ 171.272502] file_tty_write.constprop.0+0x49c/0x8f0 [ 171.272524] vfs_write+0x9c3/0xd90 [ 171.272556] ksys_write+0x127/0x250 [ 171.272587] do_syscall_64+0x3b/0x90 [ 171.272611] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 171.272643] [ 171.272643] -> #0 ((console_sem).lock){....}-{2:2}: [ 171.272668] __lock_acquire+0x2a02/0x5e70 [ 171.272699] lock_acquire+0x1a2/0x530 [ 171.272729] _raw_spin_lock_irqsave+0x39/0x60 [ 171.272756] down_trylock+0xe/0x70 [ 171.272779] __down_trylock_console_sem+0x3b/0xd0 [ 171.272810] vprintk_emit+0x16b/0x560 [ 171.272840] vprintk+0x84/0xa0 [ 171.272871] _printk+0xba/0xf1 [ 171.272902] report_bug.cold+0x72/0xab [ 171.272925] handle_bug+0x3c/0x70 [ 171.272948] exc_invalid_op+0x14/0x50 [ 171.272973] asm_exc_invalid_op+0x16/0x20 [ 171.273003] group_sched_out.part.0+0x2c7/0x460 [ 171.273022] ctx_sched_out+0x8f1/0xc10 [ 171.273040] __perf_event_task_sched_out+0x6d0/0x18d0 [ 171.273062] __schedule+0xedd/0x2470 [ 171.273080] schedule+0xda/0x1b0 [ 171.273097] exit_to_user_mode_prepare+0x114/0x1a0 [ 171.273133] syscall_exit_to_user_mode+0x19/0x40 [ 171.273164] do_syscall_64+0x48/0x90 [ 171.273188] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 171.273220] [ 171.273220] other info that might help us debug this: [ 171.273220] [ 171.273225] Chain exists of: [ 171.273225] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 171.273225] [ 171.273252] Possible unsafe locking scenario: [ 171.273252] [ 171.273256] CPU0 CPU1 [ 171.273260] ---- ---- [ 171.273264] lock(&ctx->lock); [ 171.273274] lock(&rq->__lock); [ 171.273285] lock(&ctx->lock); [ 171.273297] lock((console_sem).lock); [ 171.273307] [ 171.273307] *** DEADLOCK *** [ 171.273307] [ 171.273311] 2 locks held by syz-executor.0/6091: [ 171.273323] #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 171.273370] #1: ffff88803d64d820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 171.273421] [ 171.273421] stack backtrace: [ 171.273425] CPU: 0 PID: 6091 Comm: syz-executor.0 Not tainted 6.0.0-rc5-next-20220913 #1 [ 171.273448] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 171.273462] Call Trace: [ 171.273467] [ 171.273474] dump_stack_lvl+0x8b/0xb3 [ 171.273501] check_noncircular+0x263/0x2e0 [ 171.273533] ? format_decode+0x26c/0xb50 [ 171.273559] ? print_circular_bug+0x450/0x450 [ 171.273591] ? enable_ptr_key_workfn+0x20/0x20 [ 171.273617] ? perf_swevent_event+0x6c/0x550 [ 171.273653] ? format_decode+0x26c/0xb50 [ 171.273681] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 171.273714] __lock_acquire+0x2a02/0x5e70 [ 171.273755] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 171.273797] lock_acquire+0x1a2/0x530 [ 171.273828] ? down_trylock+0xe/0x70 [ 171.273855] ? rcu_read_unlock+0x40/0x40 [ 171.273894] ? vprintk+0x84/0xa0 [ 171.273928] _raw_spin_lock_irqsave+0x39/0x60 [ 171.273957] ? down_trylock+0xe/0x70 [ 171.273983] down_trylock+0xe/0x70 [ 171.274007] ? vprintk+0x84/0xa0 [ 171.274039] __down_trylock_console_sem+0x3b/0xd0 [ 171.274072] vprintk_emit+0x16b/0x560 [ 171.274108] vprintk+0x84/0xa0 [ 171.274141] _printk+0xba/0xf1 [ 171.274174] ? record_print_text.cold+0x16/0x16 [ 171.274215] ? report_bug.cold+0x66/0xab [ 171.274241] ? group_sched_out.part.0+0x2c7/0x460 [ 171.274262] report_bug.cold+0x72/0xab [ 171.274290] handle_bug+0x3c/0x70 [ 171.274315] exc_invalid_op+0x14/0x50 [ 171.274342] asm_exc_invalid_op+0x16/0x20 [ 171.274374] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 171.274398] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 171.274419] RSP: 0018:ffff88803482fc48 EFLAGS: 00010006 [ 171.274436] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.274450] RDX: ffff88801a6cd040 RSI: ffffffff81566027 RDI: 0000000000000005 [ 171.274464] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 171.274477] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88803d64d800 [ 171.274492] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 171.274512] ? group_sched_out.part.0+0x2c7/0x460 [ 171.274536] ? group_sched_out.part.0+0x2c7/0x460 [ 171.274559] ctx_sched_out+0x8f1/0xc10 [ 171.274582] __perf_event_task_sched_out+0x6d0/0x18d0 [ 171.274611] ? lock_is_held_type+0xd7/0x130 [ 171.274645] ? __perf_cgroup_move+0x160/0x160 [ 171.274667] ? set_next_entity+0x304/0x550 [ 171.274700] ? update_curr+0x267/0x740 [ 171.274735] ? lock_is_held_type+0xd7/0x130 [ 171.274770] __schedule+0xedd/0x2470 [ 171.274802] ? io_schedule_timeout+0x150/0x150 [ 171.274824] ? trace_rcu_dyntick+0x1a7/0x250 [ 171.274864] schedule+0xda/0x1b0 [ 171.274884] exit_to_user_mode_prepare+0x114/0x1a0 [ 171.274923] syscall_exit_to_user_mode+0x19/0x40 [ 171.274957] do_syscall_64+0x48/0x90 [ 171.274983] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 171.275016] RIP: 0033:0x7f26c7f0bb19 [ 171.275032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 171.275052] RSP: 002b:00007f26c5481218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 171.275072] RAX: 0000000000000001 RBX: 00007f26c801ef68 RCX: 00007f26c7f0bb19 [ 171.275086] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f26c801ef6c [ 171.275099] RBP: 00007f26c801ef60 R08: 000000000000000e R09: 0000000000000000 [ 171.275113] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f26c801ef6c [ 171.275126] R13: 00007fff1395c92f R14: 00007f26c5481300 R15: 0000000000022000 [ 171.275150] [ 171.383402] WARNING: CPU: 0 PID: 6091 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 171.384746] Modules linked in: [ 171.385225] CPU: 0 PID: 6091 Comm: syz-executor.0 Not tainted 6.0.0-rc5-next-20220913 #1 [ 171.386388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 171.388007] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 171.388785] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 171.391400] RSP: 0018:ffff88803482fc48 EFLAGS: 00010006 [ 171.392174] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.393201] RDX: ffff88801a6cd040 RSI: ffffffff81566027 RDI: 0000000000000005 [ 171.394228] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 171.395250] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88803d64d800 [ 171.396275] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 171.397314] FS: 00007f26c5481700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 171.398467] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.399327] CR2: 000055efb806a008 CR3: 000000001cf5c000 CR4: 0000000000350ef0 [ 171.400342] Call Trace: [ 171.400723] [ 171.401060] ctx_sched_out+0x8f1/0xc10 [ 171.401629] __perf_event_task_sched_out+0x6d0/0x18d0 [ 171.402390] ? lock_is_held_type+0xd7/0x130 [ 171.403049] ? __perf_cgroup_move+0x160/0x160 [ 171.403706] ? set_next_entity+0x304/0x550 [ 171.404340] ? update_curr+0x267/0x740 [ 171.404928] ? lock_is_held_type+0xd7/0x130 [ 171.405564] __schedule+0xedd/0x2470 [ 171.406114] ? io_schedule_timeout+0x150/0x150 [ 171.406805] ? trace_rcu_dyntick+0x1a7/0x250 [ 171.407480] schedule+0xda/0x1b0 [ 171.407990] exit_to_user_mode_prepare+0x114/0x1a0 [ 171.408727] syscall_exit_to_user_mode+0x19/0x40 [ 171.409434] do_syscall_64+0x48/0x90 [ 171.409990] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 171.410743] RIP: 0033:0x7f26c7f0bb19 [ 171.411296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 171.413881] RSP: 002b:00007f26c5481218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 171.414967] RAX: 0000000000000001 RBX: 00007f26c801ef68 RCX: 00007f26c7f0bb19 [ 171.415995] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f26c801ef6c [ 171.417012] RBP: 00007f26c801ef60 R08: 000000000000000e R09: 0000000000000000 [ 171.418022] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f26c801ef6c [ 171.419057] R13: 00007fff1395c92f R14: 00007f26c5481300 R15: 0000000000022000 [ 171.420075] [ 171.420421] irq event stamp: 650 [ 171.420909] hardirqs last enabled at (649): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 171.422266] hardirqs last disabled at (650): [] __schedule+0x1225/0x2470 [ 171.423477] softirqs last enabled at (530): [] __irq_exit_rcu+0x11b/0x180 [ 171.424709] softirqs last disabled at (521): [] __irq_exit_rcu+0x11b/0x180 [ 171.425933] ---[ end trace 0000000000000000 ]--- [ 171.618419] loop0: detected capacity change from 0 to 256 [ 171.621715] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 171.780293] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 172.974031] hrtimer: interrupt took 31399 ns 14:25:53 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:53 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r3 = fcntl$dupfd(r2, 0x406, 0xffffffffffffffff) getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000380)={0x0, @private, @local}, &(0x7f00000003c0)=0xc) r5 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r5) sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000000580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f0000000700)=ANY=[@ANYBLOB="18010000", @ANYRES16=0x0, @ANYBLOB="000428bd7000fddbdf25150000003000018008000100", @ANYBLOB="d15a977ba2c41d6b58a104e629b57519fc385063445d702f9490a768c19f1c4e2d0c02ef28ba8e", @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="140002007665f468315f766c616e0000000000000800030002000000752f07bf770215138dbce018000180140002006e6574706369300000000000000000000c00018008000100", @ANYRES32=0x0, @ANYBLOB="2000018008000100", @ANYRESOCT, @ANYBLOB="1400020073797a6b616c6c6572310000000000000c000180080003000300000038000180080003000200000008000300020000001400020076657468305f746f5f6272696467650008000100", @ANYRES32=0x0, @ANYBLOB="08000300030000004c0001801400020073697430000000000000000000000000080003000200000008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="14000200000000000000000000000000000000000800030003000000"], 0x118}, 0x1, 0x0, 0x0, 0x800}, 0x80) 14:25:53 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$nl_audit(0x10, 0x3, 0x9) r2 = dup2(r0, r1) r3 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000280)={'syztnl2\x00', r4, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}) 14:25:53 executing program 7: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) io_setup(0x7, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x420, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00') read$hiddev(r0, &(0x7f0000000040)=""/169, 0x200000e9) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x220) r1 = getpid() tgkill(r1, r1, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x4, 0xf9, 0x9, 0x9, 0x0, 0x10000, 0x4800, 0x7, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0xe9bb, 0x1, @perf_config_ext={0x7, 0x100}, 0x5000, 0x1, 0x3e02, 0xd, 0x100, 0x5, 0x1c00, 0x0, 0x6e}, r1, 0xd, 0xffffffffffffffff, 0x6) read(0xffffffffffffffff, &(0x7f0000000000), 0xfffffdef) 14:25:53 executing program 5: add_key$fscrypt_v1(&(0x7f0000001a40), &(0x7f0000001a80), &(0x7f0000001ac0)={0x0, "12d54b53688692099c7d549632e4b347f2db02b2e8b5a125da60baa9082849736e2fed1c87ffcf325bc890b6cc769241388f67e0aa632e6e54b5ff17d962385c"}, 0x48, 0xffffffffffffffff) 14:25:53 executing program 4: keyctl$set_reqkey_keyring(0xe, 0x1) r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 14:25:53 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffe, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x7fffffff) sendfile(r0, r0, 0x0, 0x100000) 14:25:53 executing program 1: keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000001d00), 0x0, 0x0, 0x0) 14:25:53 executing program 5: add_key$fscrypt_v1(&(0x7f0000001a40), &(0x7f0000001a80), &(0x7f0000001ac0)={0x0, "12d54b53688692099c7d549632e4b347f2db02b2e8b5a125da60baa9082849736e2fed1c87ffcf325bc890b6cc769241388f67e0aa632e6e54b5ff17d962385c"}, 0x48, 0xffffffffffffffff) 14:25:53 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$nl_audit(0x10, 0x3, 0x9) r2 = dup2(r0, r1) r3 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000280)={'syztnl2\x00', r4, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}) 14:25:54 executing program 4: keyctl$set_reqkey_keyring(0xe, 0x1) r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) [ 173.307131] loop0: detected capacity change from 0 to 256 [ 173.323276] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 14:25:54 executing program 1: keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000001d00), 0x0, 0x0, 0x0) 14:25:54 executing program 5: add_key$fscrypt_v1(&(0x7f0000001a40), &(0x7f0000001a80), &(0x7f0000001ac0)={0x0, "12d54b53688692099c7d549632e4b347f2db02b2e8b5a125da60baa9082849736e2fed1c87ffcf325bc890b6cc769241388f67e0aa632e6e54b5ff17d962385c"}, 0x48, 0xffffffffffffffff) 14:25:54 executing program 4: keyctl$set_reqkey_keyring(0xe, 0x1) r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 14:25:54 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$nl_audit(0x10, 0x3, 0x9) r2 = dup2(r0, r1) r3 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000280)={'syztnl2\x00', r4, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}) 14:25:54 executing program 1: keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000001d00), 0x0, 0x0, 0x0) [ 173.691582] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 14:25:54 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:54 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:54 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffe, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x7fffffff) sendfile(r0, r0, 0x0, 0x100000) 14:25:54 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:54 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:54 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:54 executing program 7: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) io_setup(0x7, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x420, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00') read$hiddev(r0, &(0x7f0000000040)=""/169, 0x200000e9) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x220) r1 = getpid() tgkill(r1, r1, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x4, 0xf9, 0x9, 0x9, 0x0, 0x10000, 0x4800, 0x7, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0xe9bb, 0x1, @perf_config_ext={0x7, 0x100}, 0x5000, 0x1, 0x3e02, 0xd, 0x100, 0x5, 0x1c00, 0x0, 0x6e}, r1, 0xd, 0xffffffffffffffff, 0x6) read(0xffffffffffffffff, &(0x7f0000000000), 0xfffffdef) 14:25:54 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r3 = fcntl$dupfd(r2, 0x406, 0xffffffffffffffff) getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000380)={0x0, @private, @local}, &(0x7f00000003c0)=0xc) r5 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r5) sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000000580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f0000000700)=ANY=[@ANYBLOB="18010000", @ANYRES16=0x0, @ANYBLOB="000428bd7000fddbdf25150000003000018008000100", @ANYBLOB="d15a977ba2c41d6b58a104e629b57519fc385063445d702f9490a768c19f1c4e2d0c02ef28ba8e", @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="140002007665f468315f766c616e0000000000000800030002000000752f07bf770215138dbce018000180140002006e6574706369300000000000000000000c00018008000100", @ANYRES32=0x0, @ANYBLOB="2000018008000100", @ANYRESOCT, @ANYBLOB="1400020073797a6b616c6c6572310000000000000c000180080003000300000038000180080003000200000008000300020000001400020076657468305f746f5f6272696467650008000100", @ANYRES32=0x0, @ANYBLOB="08000300030000004c0001801400020073697430000000000000000000000000080003000200000008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="14000200000000000000000000000000000000000800030003000000"], 0x118}, 0x1, 0x0, 0x0, 0x800}, 0x80) [ 174.310962] loop3: detected capacity change from 0 to 256 [ 174.327740] loop0: detected capacity change from 0 to 256 [ 174.352017] loop4: detected capacity change from 0 to 256 [ 174.358961] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 174.359790] loop5: detected capacity change from 0 to 256 [ 174.360180] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 174.365434] loop1: detected capacity change from 0 to 256 [ 174.397975] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 174.489355] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 174.491160] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 14:25:55 executing program 7: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) io_setup(0x7, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x420, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00') read$hiddev(r0, &(0x7f0000000040)=""/169, 0x200000e9) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x220) r1 = getpid() tgkill(r1, r1, 0x0) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x4, 0xf9, 0x9, 0x9, 0x0, 0x10000, 0x4800, 0x7, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0xe9bb, 0x1, @perf_config_ext={0x7, 0x100}, 0x5000, 0x1, 0x3e02, 0xd, 0x100, 0x5, 0x1c00, 0x0, 0x6e}, r1, 0xd, 0xffffffffffffffff, 0x6) read(0xffffffffffffffff, &(0x7f0000000000), 0xfffffdef) 14:25:55 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) [ 174.893171] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 14:25:55 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) [ 175.116923] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 175.124395] loop4: detected capacity change from 0 to 256 [ 175.139045] loop7: detected capacity change from 0 to 256 [ 175.149376] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 14:25:55 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) [ 175.188625] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 175.197354] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 175.244646] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 175.596851] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 175.742004] loop1: detected capacity change from 0 to 256 [ 175.933018] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 175.973145] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 14:25:56 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:56 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffe, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x7fffffff) sendfile(r0, r0, 0x0, 0x100000) 14:25:56 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:56 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:56 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:56 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:56 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:56 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r3 = fcntl$dupfd(r2, 0x406, 0xffffffffffffffff) getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000380)={0x0, @private, @local}, &(0x7f00000003c0)=0xc) r5 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r5) sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000000580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f0000000700)=ANY=[@ANYBLOB="18010000", @ANYRES16=0x0, @ANYBLOB="000428bd7000fddbdf25150000003000018008000100", @ANYBLOB="d15a977ba2c41d6b58a104e629b57519fc385063445d702f9490a768c19f1c4e2d0c02ef28ba8e", @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="140002007665f468315f766c616e0000000000000800030002000000752f07bf770215138dbce018000180140002006e6574706369300000000000000000000c00018008000100", @ANYRES32=0x0, @ANYBLOB="2000018008000100", @ANYRESOCT, @ANYBLOB="1400020073797a6b616c6c6572310000000000000c000180080003000300000038000180080003000200000008000300020000001400020076657468305f746f5f6272696467650008000100", @ANYRES32=0x0, @ANYBLOB="08000300030000004c0001801400020073697430000000000000000000000000080003000200000008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="14000200000000000000000000000000000000000800030003000000"], 0x118}, 0x1, 0x0, 0x0, 0x800}, 0x80) [ 176.166950] loop0: detected capacity change from 0 to 256 [ 176.168177] loop5: detected capacity change from 0 to 256 [ 176.198962] loop4: detected capacity change from 0 to 256 [ 176.205664] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 176.251597] loop1: detected capacity change from 0 to 256 [ 176.262463] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 176.283891] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 176.324387] loop7: detected capacity change from 0 to 256 [ 176.325347] loop3: detected capacity change from 0 to 256 [ 176.346584] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 176.350922] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 176.352782] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 14:25:57 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) [ 176.661771] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 14:25:57 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:57 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) [ 176.709405] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 176.871893] loop4: detected capacity change from 0 to 256 14:25:57 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffe, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x7fffffff) sendfile(r0, r0, 0x0, 0x100000) [ 176.886986] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 176.910220] loop5: detected capacity change from 0 to 256 [ 176.934438] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 176.966251] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 177.003366] loop7: detected capacity change from 0 to 256 [ 177.065619] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 177.076003] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 177.105761] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 177.258953] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 177.567652] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 14:25:58 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:58 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r3 = fcntl$dupfd(r2, 0x406, 0xffffffffffffffff) getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000380)={0x0, @private, @local}, &(0x7f00000003c0)=0xc) r5 = socket$inet6_udp(0xa, 0x2, 0x0) dup(r5) sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000000580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f0000000700)=ANY=[@ANYBLOB="18010000", @ANYRES16=0x0, @ANYBLOB="000428bd7000fddbdf25150000003000018008000100", @ANYBLOB="d15a977ba2c41d6b58a104e629b57519fc385063445d702f9490a768c19f1c4e2d0c02ef28ba8e", @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="140002007665f468315f766c616e0000000000000800030002000000752f07bf770215138dbce018000180140002006e6574706369300000000000000000000c00018008000100", @ANYRES32=0x0, @ANYBLOB="2000018008000100", @ANYRESOCT, @ANYBLOB="1400020073797a6b616c6c6572310000000000000c000180080003000300000038000180080003000200000008000300020000001400020076657468305f746f5f6272696467650008000100", @ANYRES32=0x0, @ANYBLOB="08000300030000004c0001801400020073697430000000000000000000000000080003000200000008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="14000200000000000000000000000000000000000800030003000000"], 0x118}, 0x1, 0x0, 0x0, 0x800}, 0x80) 14:25:58 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:58 executing program 7: keyctl$set_reqkey_keyring(0xe, 0x1) r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 14:25:58 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffe, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x7fffffff) sendfile(r0, r0, 0x0, 0x100000) 14:25:58 executing program 6: keyctl$set_reqkey_keyring(0xe, 0x1) r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 14:25:58 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffe, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x7fffffff) sendfile(r0, r0, 0x0, 0x100000) [ 177.872661] loop4: detected capacity change from 0 to 256 [ 177.879213] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 14:25:58 executing program 6: keyctl$set_reqkey_keyring(0xe, 0x1) r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 14:25:58 executing program 1: keyctl$set_reqkey_keyring(0xe, 0x1) r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 14:25:58 executing program 7: keyctl$set_reqkey_keyring(0xe, 0x1) r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) [ 178.017693] loop3: detected capacity change from 0 to 256 [ 178.034882] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 178.096923] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 178.151458] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 14:25:59 executing program 1: keyctl$set_reqkey_keyring(0xe, 0x1) r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 14:25:59 executing program 7: keyctl$set_reqkey_keyring(0xe, 0x1) r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 14:25:59 executing program 6: keyctl$set_reqkey_keyring(0xe, 0x1) r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 14:25:59 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x703, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000011c0), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) fcntl$dupfd(r0, 0x0, r1) write(r1, &(0x7f0000000080)="01", 0x41030) close(r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)=ANY=[]) r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xa) openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x8000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0) 14:25:59 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 14:25:59 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffe, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x7fffffff) sendfile(r0, r0, 0x0, 0x100000) 14:25:59 executing program 3: r0 = syz_io_uring_setup(0x35d1, &(0x7f0000000000), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000080), &(0x7f000000b940)) io_uring_enter(r0, 0x0, 0x0, 0xf, 0x0, 0x0) 14:25:59 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffe, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x7fffffff) sendfile(r0, r0, 0x0, 0x100000) [ 178.795372] loop2: detected capacity change from 0 to 40 [ 178.848712] syz-executor.2: attempt to access beyond end of device [ 178.848712] loop2: rw=0, sector=28, nr_sectors = 64 limit=40 14:25:59 executing program 1: keyctl$set_reqkey_keyring(0xe, 0x1) r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 14:25:59 executing program 3: r0 = syz_io_uring_setup(0x35d1, &(0x7f0000000000), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000080), &(0x7f000000b940)) io_uring_enter(r0, 0x0, 0x0, 0xf, 0x0, 0x0) 14:25:59 executing program 3: r0 = syz_io_uring_setup(0x35d1, &(0x7f0000000000), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000080), &(0x7f000000b940)) io_uring_enter(r0, 0x0, 0x0, 0xf, 0x0, 0x0) 14:25:59 executing program 7: mlock2(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x90c83, 0x0) finit_module(r1, &(0x7f0000000100)='/,*\x00', 0x3) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='smaps_rollup\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x2000000000000000}, 0x10, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2) openat2(r2, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) 14:25:59 executing program 6: clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) futex(&(0x7f0000000000)=0x1, 0x8, 0x1, &(0x7f0000000100)={r0, r1+10000000}, &(0x7f0000000180)=0x1, 0x1) mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) clock_gettime(0x1, &(0x7f00000002c0)) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) 14:25:59 executing program 1: memfd_create(0x0, 0x377363089437ef05) 14:25:59 executing program 3: r0 = syz_io_uring_setup(0x35d1, &(0x7f0000000000), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000080), &(0x7f000000b940)) io_uring_enter(r0, 0x0, 0x0, 0xf, 0x0, 0x0) 14:25:59 executing program 1: memfd_create(0x0, 0x377363089437ef05) 14:25:59 executing program 6: clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) futex(&(0x7f0000000000)=0x1, 0x8, 0x1, &(0x7f0000000100)={r0, r1+10000000}, &(0x7f0000000180)=0x1, 0x1) mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) clock_gettime(0x1, &(0x7f00000002c0)) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) [ 179.308415] loop4: detected capacity change from 0 to 256 [ 179.336904] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 14:26:00 executing program 1: memfd_create(0x0, 0x377363089437ef05) [ 179.824262] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 14:26:00 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 14:26:00 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffe, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x7fffffff) sendfile(r0, r0, 0x0, 0x100000) 14:26:00 executing program 0: clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) futex(&(0x7f0000000000)=0x1, 0x8, 0x1, &(0x7f0000000100)={r0, r1+10000000}, &(0x7f0000000180)=0x1, 0x1) mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) clock_gettime(0x1, &(0x7f00000002c0)) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) 14:26:00 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 14:26:00 executing program 7: mlock2(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x90c83, 0x0) finit_module(r1, &(0x7f0000000100)='/,*\x00', 0x3) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='smaps_rollup\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x2000000000000000}, 0x10, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2) openat2(r2, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) 14:26:00 executing program 6: clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) futex(&(0x7f0000000000)=0x1, 0x8, 0x1, &(0x7f0000000100)={r0, r1+10000000}, &(0x7f0000000180)=0x1, 0x1) mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) clock_gettime(0x1, &(0x7f00000002c0)) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) 14:26:00 executing program 1: memfd_create(0x0, 0x377363089437ef05) [ 180.223232] loop2: detected capacity change from 0 to 40 [ 180.233112] loop4: detected capacity change from 0 to 40 14:26:00 executing program 3: mlock2(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x90c83, 0x0) finit_module(r1, &(0x7f0000000100)='/,*\x00', 0x3) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='smaps_rollup\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x2000000000000000}, 0x10, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2) openat2(r2, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) 14:26:01 executing program 1: mlock2(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x90c83, 0x0) finit_module(r1, &(0x7f0000000100)='/,*\x00', 0x3) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='smaps_rollup\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x2000000000000000}, 0x10, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2) openat2(r2, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) 14:26:01 executing program 6: clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) futex(&(0x7f0000000000)=0x1, 0x8, 0x1, &(0x7f0000000100)={r0, r1+10000000}, &(0x7f0000000180)=0x1, 0x1) mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) clock_gettime(0x1, &(0x7f00000002c0)) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) [ 180.325726] syz-executor.2: attempt to access beyond end of device [ 180.325726] loop2: rw=0, sector=28, nr_sectors = 64 limit=40 [ 180.328156] syz-executor.4: attempt to access beyond end of device [ 180.328156] loop4: rw=0, sector=28, nr_sectors = 64 limit=40 14:26:01 executing program 0: clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) futex(&(0x7f0000000000)=0x1, 0x8, 0x1, &(0x7f0000000100)={r0, r1+10000000}, &(0x7f0000000180)=0x1, 0x1) mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) clock_gettime(0x1, &(0x7f00000002c0)) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) 14:26:01 executing program 0: clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) futex(&(0x7f0000000000)=0x1, 0x8, 0x1, &(0x7f0000000100)={r0, r1+10000000}, &(0x7f0000000180)=0x1, 0x1) mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) clock_gettime(0x1, &(0x7f00000002c0)) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) [ 180.560245] syz-executor.2: attempt to access beyond end of device [ 180.560245] loop2: rw=2049, sector=92, nr_sectors = 4 limit=40 [ 180.571501] syz-executor.4: attempt to access beyond end of device [ 180.571501] loop4: rw=2049, sector=92, nr_sectors = 4 limit=40 14:26:01 executing program 7: mlock2(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x90c83, 0x0) finit_module(r1, &(0x7f0000000100)='/,*\x00', 0x3) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='smaps_rollup\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x2000000000000000}, 0x10, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2) openat2(r2, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) 14:26:01 executing program 1: mlock2(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x90c83, 0x0) finit_module(r1, &(0x7f0000000100)='/,*\x00', 0x3) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='smaps_rollup\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x2000000000000000}, 0x10, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2) openat2(r2, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) 14:26:01 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 14:26:01 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) [ 180.730099] loop2: detected capacity change from 0 to 40 [ 180.731855] loop4: detected capacity change from 0 to 40 14:26:01 executing program 6: mlock2(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x90c83, 0x0) finit_module(r1, &(0x7f0000000100)='/,*\x00', 0x3) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='smaps_rollup\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x2000000000000000}, 0x10, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2) openat2(r2, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) [ 180.780216] syz-executor.2: attempt to access beyond end of device [ 180.780216] loop2: rw=0, sector=28, nr_sectors = 64 limit=40 [ 180.783213] syz-executor.4: attempt to access beyond end of device [ 180.783213] loop4: rw=0, sector=28, nr_sectors = 64 limit=40 [ 180.878315] syz-executor.2: attempt to access beyond end of device [ 180.878315] loop2: rw=2049, sector=92, nr_sectors = 4 limit=40 [ 180.892401] syz-executor.4: attempt to access beyond end of device [ 180.892401] loop4: rw=2049, sector=92, nr_sectors = 4 limit=40 14:26:01 executing program 7: mlock2(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x90c83, 0x0) finit_module(r1, &(0x7f0000000100)='/,*\x00', 0x3) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='smaps_rollup\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x2000000000000000}, 0x10, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2) openat2(r2, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) 14:26:01 executing program 1: mlock2(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x90c83, 0x0) finit_module(r1, &(0x7f0000000100)='/,*\x00', 0x3) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='smaps_rollup\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x2000000000000000}, 0x10, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2) openat2(r2, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) 14:26:01 executing program 3: mlock2(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x90c83, 0x0) finit_module(r1, &(0x7f0000000100)='/,*\x00', 0x3) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='smaps_rollup\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x2000000000000000}, 0x10, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2) openat2(r2, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) 14:26:01 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 14:26:01 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 14:26:01 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 14:26:01 executing program 6: mlock2(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x90c83, 0x0) finit_module(r1, &(0x7f0000000100)='/,*\x00', 0x3) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='smaps_rollup\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x2000000000000000}, 0x10, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2) openat2(r2, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) mlock(&(0x7f0000ff5000/0x4000)=nil, 0x4000) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) mremap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) [ 181.160560] loop4: detected capacity change from 0 to 40 14:26:01 executing program 5: clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) futex(&(0x7f0000000000)=0x1, 0x8, 0x1, &(0x7f0000000100)={r0, r1+10000000}, &(0x7f0000000180)=0x1, 0x1) mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) clock_gettime(0x1, &(0x7f00000002c0)) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) [ 181.204886] syz-executor.4: attempt to access beyond end of device [ 181.204886] loop4: rw=0, sector=28, nr_sectors = 64 limit=40 14:26:01 executing program 5: clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) futex(&(0x7f0000000000)=0x1, 0x8, 0x1, &(0x7f0000000100)={r0, r1+10000000}, &(0x7f0000000180)=0x1, 0x1) mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0) clock_gettime(0x1, &(0x7f00000002c0)) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1a901e, 0x0) VM DIAGNOSIS: 14:25:52 Registers: info registers vcpu 0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff822b253c RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff88803482f640 R8 =0000000000000004 R9 =0000000000000010 R10=0000000000000010 R11=0000000000000001 R12=0000000000002710 R13=0000000000000020 R14=fffffbfff0ec7fab R15=dffffc0000000000 RIP=ffffffff822b2591 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f26c5481700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055efb806a008 CR3=000000001cf5c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f26c7ff27c0 00007f26c7ff27c8 YMM02=0000000000000000 0000000000000000 00007f26c7ff27e0 00007f26c7ff27c0 YMM03=0000000000000000 0000000000000000 00007f26c7ff27c8 00007f26c7ff27c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=ffff88800c17d040 RBX=ffffc90005ca8f70 RCX=ffffffff811da5c7 RDX=1ffff110011a7540 RSI=0000000000000008 RDI=ffff888008d3aa00 RBP=dffffc0000000000 RSP=ffff88800c067da0 R8 =0000000000000000 R9 =ffff888008d3aa07 R10=ffffed10011a7540 R11=0000000000000001 R12=ffffc90005ca8ff9 R13=ffff88800c17d040 R14=0000000000000000 R15=0000000000000092 RIP=ffffffff81785c60 RFL=00000057 [---ZAPC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdbc4f3f028 CR3=000000000ede8000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 00524f5252450040 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000