syzkaller login: [ 43.622589] sshd (243) used greatest stack depth: 24768 bytes left Warning: Permanently added '[localhost]:14298' (ECDSA) to the list of known hosts. 2022/09/14 11:32:16 fuzzer started 2022/09/14 11:32:16 dialing manager at localhost:33849 [ 45.333320] cgroup: Unknown subsys name 'net' [ 45.425607] cgroup: Unknown subsys name 'rlimit' 2022/09/14 11:32:30 syscalls: 2215 2022/09/14 11:32:30 code coverage: enabled 2022/09/14 11:32:30 comparison tracing: enabled 2022/09/14 11:32:30 extra coverage: enabled 2022/09/14 11:32:30 setuid sandbox: enabled 2022/09/14 11:32:30 namespace sandbox: enabled 2022/09/14 11:32:30 Android sandbox: enabled 2022/09/14 11:32:30 fault injection: enabled 2022/09/14 11:32:30 leak checking: enabled 2022/09/14 11:32:30 net packet injection: enabled 2022/09/14 11:32:30 net device setup: enabled 2022/09/14 11:32:30 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/14 11:32:30 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/14 11:32:30 USB emulation: enabled 2022/09/14 11:32:30 hci packet injection: enabled 2022/09/14 11:32:30 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220914) 2022/09/14 11:32:30 802.15.4 emulation: enabled 2022/09/14 11:32:30 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/14 11:32:30 fetching corpus: 28, signal 19758/23218 (executing program) 2022/09/14 11:32:30 fetching corpus: 78, signal 41903/46216 (executing program) 2022/09/14 11:32:31 fetching corpus: 128, signal 54103/59141 (executing program) 2022/09/14 11:32:31 fetching corpus: 178, signal 60709/66538 (executing program) 2022/09/14 11:32:31 fetching corpus: 228, signal 67677/74107 (executing program) 2022/09/14 11:32:31 fetching corpus: 278, signal 72731/79715 (executing program) 2022/09/14 11:32:31 fetching corpus: 328, signal 78846/86109 (executing program) 2022/09/14 11:32:31 fetching corpus: 378, signal 84732/92318 (executing program) 2022/09/14 11:32:32 fetching corpus: 428, signal 87600/95559 (executing program) 2022/09/14 11:32:32 fetching corpus: 478, signal 93047/100905 (executing program) 2022/09/14 11:32:32 fetching corpus: 528, signal 96566/104540 (executing program) 2022/09/14 11:32:32 fetching corpus: 578, signal 99805/107734 (executing program) 2022/09/14 11:32:32 fetching corpus: 628, signal 102597/110609 (executing program) 2022/09/14 11:32:32 fetching corpus: 678, signal 106361/114163 (executing program) 2022/09/14 11:32:33 fetching corpus: 728, signal 108600/116514 (executing program) 2022/09/14 11:32:33 fetching corpus: 778, signal 110604/118485 (executing program) 2022/09/14 11:32:33 fetching corpus: 828, signal 112914/120598 (executing program) 2022/09/14 11:32:33 fetching corpus: 878, signal 115034/122672 (executing program) 2022/09/14 11:32:33 fetching corpus: 928, signal 118265/125415 (executing program) 2022/09/14 11:32:33 fetching corpus: 978, signal 120470/127291 (executing program) 2022/09/14 11:32:34 fetching corpus: 1028, signal 122756/129241 (executing program) 2022/09/14 11:32:34 fetching corpus: 1078, signal 124816/130894 (executing program) 2022/09/14 11:32:34 fetching corpus: 1128, signal 126866/132509 (executing program) 2022/09/14 11:32:34 fetching corpus: 1178, signal 128243/133619 (executing program) 2022/09/14 11:32:34 fetching corpus: 1228, signal 131243/135623 (executing program) 2022/09/14 11:32:34 fetching corpus: 1278, signal 133180/137030 (executing program) 2022/09/14 11:32:35 fetching corpus: 1328, signal 135201/138369 (executing program) 2022/09/14 11:32:35 fetching corpus: 1378, signal 136282/139105 (executing program) 2022/09/14 11:32:35 fetching corpus: 1428, signal 137823/140092 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/140370 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/140446 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/140512 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/140589 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/140646 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/140728 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/140807 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/140881 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/140936 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/140999 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/141069 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/141140 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/141221 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/141287 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/141366 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/141451 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/141527 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/141599 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/141679 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/141750 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/141814 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/141894 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/141957 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/142012 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/142079 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/142148 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/142201 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/142282 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/142350 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/142426 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/142493 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/142564 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/142637 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/142712 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/142712 (executing program) 2022/09/14 11:32:35 fetching corpus: 1443, signal 138123/142712 (executing program) 2022/09/14 11:32:38 starting 8 fuzzer processes 11:32:38 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000400000004f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029f2118df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400028020000400000004f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029f2118df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4200}, {&(0x7f0000010700)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4400}, {&(0x7f0000010800)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4600}, {&(0x7f0000010900)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100088ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200088ea70325132510000ea70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200088ea70325132510000ea70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200088ea70325132510000ea703251070064000000", 0x120, 0x4800}, {&(0x7f0000010b00)="2e20202020202020202020100088ea70325132510000ea7032510300000000002e2e202020202020202020100088ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200088ea70325132510000ea70325104001a040000", 0x80, 0x14800}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x24800}, {&(0x7f0000011100)='syzkallers\x00'/32, 0x20, 0x34800}, {&(0x7f0000011200)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x54800}], 0x0, &(0x7f0000011300)) 11:32:38 executing program 1: kexec_load(0x0, 0x0, 0x0, 0x3e0000) 11:32:38 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(r1, &(0x7f0000000240)='2', 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r2, &(0x7f0000000140)="c0", 0x1, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r2, 0x7fffffff}) 11:32:38 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(r0, &(0x7f0000000240)=[{{&(0x7f0000000000)={0x2, 0x4e21, @private}, 0x10, 0x0}}, {{&(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000001380)=[@ip_tos_int={{0x39}}], 0x18}}, {{&(0x7f0000000040)={0x2, 0x0, @dev}, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="43dc26637762a3090e6dbd2a741d8b94812f4d52d7c3268848bed1d7f3215c6adb51d4be7d967c09b5c920d8adbd8d1274f1351d11d1e75d76a937ebd1f388ee46e04c58a8e72dcecdffa27e5e554f0c62d7a8ea4ab23d174d75cb782515a506a3239a6fa99ba392ee3c34bc41e10c5411564f6b018ab1d327778553c3abc0721a3943b1e2cb0161b23a51bf1f7b587f4e6e0aeec62984ca9589b4358364c1e7366b028b"}, {&(0x7f0000000180)="1cab9d28a57d7471a29fc95a184bb77370301c7d80536fc47551507fd5fd131e4ca7626e3f8e8824c7609e24b4e265c5580094c98d43f0ef9bde3dbf0be4dfa3b3179c3bbd06494b9ddadf53fba2a58fa64d7ffb33b3a529e1669f51afa760b89169453b61bb50fafb9b9d82e42b0c15d8cd86298a7701"}]}}], 0x2, 0x0) [ 67.086092] audit: type=1400 audit(1663155158.806:6): avc: denied { execmem } for pid=287 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:32:38 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_any}]}}) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000003ec0)={0xa, 0x0, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) 11:32:38 executing program 5: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)) mount_setattr(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8900, &(0x7f0000000080)={0x0, 0x0, 0x100000}, 0x20) 11:32:38 executing program 6: syz_mount_image$vfat(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, 0x0, &(0x7f0000001580), 0x0, &(0x7f00000015c0)={[{@shortname_mixed}]}) 11:32:38 executing program 7: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x1010, r0, 0x0) syz_io_uring_setup(0x2c86, &(0x7f0000000600)={0x0, 0x0, 0x2, 0x2, 0x213}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000680), &(0x7f0000000800)) syz_io_uring_setup(0x3740, &(0x7f0000000940)={0x0, 0xda19, 0x0, 0x3, 0x309, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000000100), 0x0) finit_module(0xffffffffffffffff, &(0x7f0000000200)='\x00', 0x1) getpid() syz_io_uring_setup(0xf95, &(0x7f0000000380)={0x0, 0x23d1, 0x28, 0x3, 0x316}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000540), 0x0) pidfd_open(0x0, 0x0) syz_io_uring_setup(0x2037bc, &(0x7f0000000400)={0x0, 0x1af9, 0x20, 0x3, 0x16b}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000240)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x200, 0x20, 0x0, 0x0, 0x8, 0x1}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r1, 0x0) ptrace(0x4208, 0x0) openat(0xffffffffffffffff, 0x0, 0x100000, 0x95) close(r1) finit_module(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$vcsa(&(0x7f0000000780), 0x2, 0x0) syz_io_uring_setup(0x5e00, &(0x7f0000000840)={0x0, 0x595c, 0x10, 0x1}, &(0x7f0000ffa000/0x6000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f00000008c0), &(0x7f0000000900)) [ 68.372682] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 68.376206] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 68.378573] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 68.381612] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 68.383672] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 68.385651] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 68.390931] Bluetooth: hci1: HCI_REQ-0x0c1a [ 68.410737] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.418577] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.420738] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.422801] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 68.426468] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 68.427986] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 68.429181] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 68.430988] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 68.432202] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 68.446853] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 68.448021] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 68.456291] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.460224] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 68.461430] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 68.464275] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 68.469280] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 68.478944] Bluetooth: hci3: HCI_REQ-0x0c1a [ 68.514062] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 68.514070] Bluetooth: hci2: HCI_REQ-0x0c1a [ 68.522109] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.530106] Bluetooth: hci0: HCI_REQ-0x0c1a [ 68.573964] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 68.574420] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 68.579028] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 68.582581] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 68.588757] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 68.590385] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 68.591537] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 68.623069] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 68.623155] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 68.626459] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 68.627177] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 68.630165] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 68.630550] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 68.631551] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 68.634166] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 68.636269] Bluetooth: hci6: HCI_REQ-0x0c1a [ 68.645039] Bluetooth: hci4: HCI_REQ-0x0c1a [ 68.664334] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 68.675167] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 68.676508] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 68.686056] Bluetooth: hci7: HCI_REQ-0x0c1a [ 70.454747] Bluetooth: hci1: command 0x0409 tx timeout [ 70.517869] Bluetooth: hci3: command 0x0409 tx timeout [ 70.517891] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 70.581866] Bluetooth: hci2: command 0x0409 tx timeout [ 70.581914] Bluetooth: hci0: command 0x0409 tx timeout [ 70.645853] Bluetooth: hci6: command 0x0409 tx timeout [ 70.710958] Bluetooth: hci7: command 0x0409 tx timeout [ 70.711443] Bluetooth: hci4: command 0x0409 tx timeout [ 72.502942] Bluetooth: hci1: command 0x041b tx timeout [ 72.565962] Bluetooth: hci3: command 0x041b tx timeout [ 72.630514] Bluetooth: hci0: command 0x041b tx timeout [ 72.631156] Bluetooth: hci2: command 0x041b tx timeout [ 72.693879] Bluetooth: hci6: command 0x041b tx timeout [ 72.757876] Bluetooth: hci4: command 0x041b tx timeout [ 72.758403] Bluetooth: hci7: command 0x041b tx timeout [ 73.302577] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 73.303922] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 73.309174] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 73.316281] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 73.319434] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 73.320417] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 73.333858] Bluetooth: hci5: HCI_REQ-0x0c1a [ 74.549894] Bluetooth: hci1: command 0x040f tx timeout [ 74.614250] Bluetooth: hci3: command 0x040f tx timeout [ 74.677860] Bluetooth: hci2: command 0x040f tx timeout [ 74.678376] Bluetooth: hci0: command 0x040f tx timeout [ 74.741901] Bluetooth: hci6: command 0x040f tx timeout [ 74.805909] Bluetooth: hci7: command 0x040f tx timeout [ 74.806480] Bluetooth: hci4: command 0x040f tx timeout [ 75.381965] Bluetooth: hci5: command 0x0409 tx timeout [ 76.597864] Bluetooth: hci1: command 0x0419 tx timeout [ 76.661903] Bluetooth: hci3: command 0x0419 tx timeout [ 76.725875] Bluetooth: hci0: command 0x0419 tx timeout [ 76.726361] Bluetooth: hci2: command 0x0419 tx timeout [ 76.789897] Bluetooth: hci6: command 0x0419 tx timeout [ 76.853874] Bluetooth: hci4: command 0x0419 tx timeout [ 76.854338] Bluetooth: hci7: command 0x0419 tx timeout [ 77.429871] Bluetooth: hci5: command 0x041b tx timeout [ 79.477864] Bluetooth: hci5: command 0x040f tx timeout [ 81.525873] Bluetooth: hci5: command 0x0419 tx timeout 11:33:32 executing program 1: kexec_load(0x0, 0x0, 0x0, 0x3e0000) [ 120.826705] audit: type=1400 audit(1663155212.549:7): avc: denied { open } for pid=3841 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 120.888382] audit: type=1400 audit(1663155212.611:8): avc: denied { kernel } for pid=3841 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 120.894094] ------------[ cut here ]------------ [ 120.894113] [ 120.894116] ====================================================== [ 120.894119] WARNING: possible circular locking dependency detected [ 120.894123] 6.0.0-rc5-next-20220914 #1 Not tainted [ 120.894129] ------------------------------------------------------ [ 120.894132] syz-executor.7/3842 is trying to acquire lock: [ 120.894138] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 120.894174] [ 120.894174] but task is already holding lock: [ 120.894177] ffff888008c26020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 120.894204] [ 120.894204] which lock already depends on the new lock. [ 120.894204] [ 120.894207] [ 120.894207] the existing dependency chain (in reverse order) is: [ 120.894210] [ 120.894210] -> #3 (&ctx->lock){....}-{2:2}: [ 120.894224] _raw_spin_lock+0x2a/0x40 [ 120.894241] __perf_event_task_sched_out+0x53b/0x18d0 [ 120.894254] __schedule+0xedd/0x2470 [ 120.894264] schedule+0xda/0x1b0 [ 120.894274] exit_to_user_mode_prepare+0x114/0x1a0 [ 120.894294] syscall_exit_to_user_mode+0x19/0x40 [ 120.894312] do_syscall_64+0x48/0x90 [ 120.894326] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 120.894343] [ 120.894343] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 120.894357] _raw_spin_lock_nested+0x30/0x40 [ 120.894372] raw_spin_rq_lock_nested+0x1e/0x30 [ 120.894385] task_fork_fair+0x63/0x4d0 [ 120.894402] sched_cgroup_fork+0x3d0/0x540 [ 120.894416] copy_process+0x4183/0x6e20 [ 120.894426] kernel_clone+0xe7/0x890 [ 120.894435] user_mode_thread+0xad/0xf0 [ 120.894445] rest_init+0x24/0x250 [ 120.894462] arch_call_rest_init+0xf/0x14 [ 120.894474] start_kernel+0x4c1/0x4e6 [ 120.894483] secondary_startup_64_no_verify+0xe0/0xeb [ 120.894498] [ 120.894498] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 120.894511] _raw_spin_lock_irqsave+0x39/0x60 [ 120.894526] try_to_wake_up+0xab/0x1920 [ 120.894540] up+0x75/0xb0 [ 120.894551] __up_console_sem+0x6e/0x80 [ 120.894567] console_unlock+0x46a/0x590 [ 120.894583] vprintk_emit+0x1bd/0x560 [ 120.894600] vprintk+0x84/0xa0 [ 120.894617] _printk+0xba/0xf1 [ 120.894634] kauditd_hold_skb.cold+0x3f/0x4e [ 120.894648] kauditd_send_queue+0x233/0x290 [ 120.894663] kauditd_thread+0x5da/0x9a0 [ 120.894677] kthread+0x2ed/0x3a0 [ 120.894692] ret_from_fork+0x22/0x30 [ 120.894704] [ 120.894704] -> #0 ((console_sem).lock){....}-{2:2}: [ 120.894717] __lock_acquire+0x2a02/0x5e70 [ 120.894734] lock_acquire+0x1a2/0x530 [ 120.894750] _raw_spin_lock_irqsave+0x39/0x60 [ 120.894765] down_trylock+0xe/0x70 [ 120.894778] __down_trylock_console_sem+0x3b/0xd0 [ 120.894794] vprintk_emit+0x16b/0x560 [ 120.894811] vprintk+0x84/0xa0 [ 120.894827] _printk+0xba/0xf1 [ 120.894844] report_bug.cold+0x72/0xab [ 120.894856] handle_bug+0x3c/0x70 [ 120.894869] exc_invalid_op+0x14/0x50 [ 120.894883] asm_exc_invalid_op+0x16/0x20 [ 120.894899] group_sched_out.part.0+0x2c7/0x460 [ 120.894909] ctx_sched_out+0x8f1/0xc10 [ 120.894919] __perf_event_task_sched_out+0x6d0/0x18d0 [ 120.894931] __schedule+0xedd/0x2470 [ 120.894941] schedule+0xda/0x1b0 [ 120.894950] exit_to_user_mode_prepare+0x114/0x1a0 [ 120.894970] syscall_exit_to_user_mode+0x19/0x40 [ 120.894987] do_syscall_64+0x48/0x90 [ 120.895000] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 120.895017] [ 120.895017] other info that might help us debug this: [ 120.895017] [ 120.895020] Chain exists of: [ 120.895020] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 120.895020] [ 120.895035] Possible unsafe locking scenario: [ 120.895035] [ 120.895037] CPU0 CPU1 [ 120.895039] ---- ---- [ 120.895042] lock(&ctx->lock); [ 120.895047] lock(&rq->__lock); [ 120.895053] lock(&ctx->lock); [ 120.895059] lock((console_sem).lock); [ 120.895065] [ 120.895065] *** DEADLOCK *** [ 120.895065] [ 120.895067] 2 locks held by syz-executor.7/3842: [ 120.895074] #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 120.895099] #1: ffff888008c26020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 120.895127] [ 120.895127] stack backtrace: [ 120.895130] CPU: 1 PID: 3842 Comm: syz-executor.7 Not tainted 6.0.0-rc5-next-20220914 #1 [ 120.895142] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 120.895150] Call Trace: [ 120.895153] [ 120.895157] dump_stack_lvl+0x8b/0xb3 [ 120.895172] check_noncircular+0x263/0x2e0 [ 120.895188] ? format_decode+0x26c/0xb50 [ 120.895204] ? print_circular_bug+0x450/0x450 [ 120.895221] ? enable_ptr_key_workfn+0x20/0x20 [ 120.895235] ? __lockdep_reset_lock+0x180/0x180 [ 120.895252] ? format_decode+0x26c/0xb50 [ 120.895268] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 120.895286] __lock_acquire+0x2a02/0x5e70 [ 120.895308] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 120.895331] lock_acquire+0x1a2/0x530 [ 120.895348] ? down_trylock+0xe/0x70 [ 120.895362] ? rcu_read_unlock+0x40/0x40 [ 120.895382] ? find_held_lock+0x2c/0x110 [ 120.895398] ? vprintk+0x84/0xa0 [ 120.895417] _raw_spin_lock_irqsave+0x39/0x60 [ 120.895433] ? down_trylock+0xe/0x70 [ 120.895446] down_trylock+0xe/0x70 [ 120.895460] ? vprintk+0x84/0xa0 [ 120.895477] __down_trylock_console_sem+0x3b/0xd0 [ 120.895495] vprintk_emit+0x16b/0x560 [ 120.895514] vprintk+0x84/0xa0 [ 120.895532] _printk+0xba/0xf1 [ 120.895550] ? record_print_text.cold+0x16/0x16 [ 120.895571] ? hrtimer_try_to_cancel+0x163/0x2c0 [ 120.895584] ? lock_downgrade+0x6d0/0x6d0 [ 120.895602] ? report_bug.cold+0x66/0xab [ 120.895617] ? group_sched_out.part.0+0x2c7/0x460 [ 120.895628] report_bug.cold+0x72/0xab [ 120.895643] handle_bug+0x3c/0x70 [ 120.895657] exc_invalid_op+0x14/0x50 [ 120.895672] asm_exc_invalid_op+0x16/0x20 [ 120.895690] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 120.895703] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 120.895715] RSP: 0018:ffff88803ef3fc48 EFLAGS: 00010006 [ 120.895724] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.895731] RDX: ffff88801baf1ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 120.895739] RBP: ffff88803dfb0000 R08: 0000000000000005 R09: 0000000000000001 [ 120.895746] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888008c26000 [ 120.895753] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002 [ 120.895764] ? group_sched_out.part.0+0x2c7/0x460 [ 120.895794] ? group_sched_out.part.0+0x2c7/0x460 [ 120.895807] ctx_sched_out+0x8f1/0xc10 [ 120.895820] __perf_event_task_sched_out+0x6d0/0x18d0 [ 120.895835] ? lock_is_held_type+0xd7/0x130 [ 120.895854] ? __perf_cgroup_move+0x160/0x160 [ 120.895866] ? set_next_entity+0x304/0x550 [ 120.895884] ? update_curr+0x267/0x740 [ 120.895902] ? lock_is_held_type+0xd7/0x130 [ 120.895921] __schedule+0xedd/0x2470 [ 120.895935] ? io_schedule_timeout+0x150/0x150 [ 120.895947] ? __x64_sys_futex_time32+0x480/0x480 [ 120.895961] schedule+0xda/0x1b0 [ 120.895972] exit_to_user_mode_prepare+0x114/0x1a0 [ 120.895993] syscall_exit_to_user_mode+0x19/0x40 [ 120.896012] do_syscall_64+0x48/0x90 [ 120.896026] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 120.896044] RIP: 0033:0x7f0911fc9b19 [ 120.896052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 120.896063] RSP: 002b:00007f090f53f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 120.896074] RAX: 0000000000000001 RBX: 00007f09120dcf68 RCX: 00007f0911fc9b19 [ 120.896082] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f09120dcf6c [ 120.896089] RBP: 00007f09120dcf60 R08: 000000000000000e R09: 0000000000000000 [ 120.896096] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f09120dcf6c [ 120.896103] R13: 00007ffc7ce3406f R14: 00007f090f53f300 R15: 0000000000022000 [ 120.896116] [ 120.956009] WARNING: CPU: 1 PID: 3842 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 120.956731] Modules linked in: [ 120.956988] CPU: 1 PID: 3842 Comm: syz-executor.7 Not tainted 6.0.0-rc5-next-20220914 #1 [ 120.957608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 120.958456] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 120.958883] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 120.960268] RSP: 0018:ffff88803ef3fc48 EFLAGS: 00010006 [ 120.960680] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.961228] RDX: ffff88801baf1ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 120.961776] RBP: ffff88803dfb0000 R08: 0000000000000005 R09: 0000000000000001 [ 120.962322] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888008c26000 [ 120.962865] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002 [ 120.963417] FS: 00007f090f53f700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 120.964043] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.964504] CR2: 0000000000000000 CR3: 000000003ece0000 CR4: 0000000000350ee0 [ 120.965061] Call Trace: [ 120.965262] [ 120.965446] ctx_sched_out+0x8f1/0xc10 [ 120.965756] __perf_event_task_sched_out+0x6d0/0x18d0 [ 120.966167] ? lock_is_held_type+0xd7/0x130 [ 120.966514] ? __perf_cgroup_move+0x160/0x160 [ 120.966869] ? set_next_entity+0x304/0x550 [ 120.967210] ? update_curr+0x267/0x740 [ 120.967528] ? lock_is_held_type+0xd7/0x130 [ 120.967888] __schedule+0xedd/0x2470 [ 120.968187] ? io_schedule_timeout+0x150/0x150 [ 120.968549] ? __x64_sys_futex_time32+0x480/0x480 [ 120.968930] schedule+0xda/0x1b0 [ 120.969203] exit_to_user_mode_prepare+0x114/0x1a0 [ 120.969596] syscall_exit_to_user_mode+0x19/0x40 [ 120.969986] do_syscall_64+0x48/0x90 [ 120.970285] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 120.970693] RIP: 0033:0x7f0911fc9b19 [ 120.970981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 120.972390] RSP: 002b:00007f090f53f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 120.972973] RAX: 0000000000000001 RBX: 00007f09120dcf68 RCX: 00007f0911fc9b19 [ 120.973514] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f09120dcf6c [ 120.974073] RBP: 00007f09120dcf60 R08: 000000000000000e R09: 0000000000000000 [ 120.974632] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f09120dcf6c [ 120.975199] R13: 00007ffc7ce3406f R14: 00007f090f53f300 R15: 0000000000022000 [ 120.975759] [ 120.975968] irq event stamp: 5448 [ 120.976238] hardirqs last enabled at (5447): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 120.976979] hardirqs last disabled at (5448): [] __schedule+0x1225/0x2470 [ 120.977620] softirqs last enabled at (5116): [] fpu__clear_user_states+0xdb/0x1e0 [ 120.978321] softirqs last disabled at (5114): [] fpu__clear_user_states+0x24/0x1e0 [ 120.979032] ---[ end trace 0000000000000000 ]--- 11:33:32 executing program 1: kexec_load(0x0, 0x0, 0x0, 0x3e0000) 11:33:32 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(r1, &(0x7f0000000240)='2', 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r2, &(0x7f0000000140)="c0", 0x1, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r2, 0x7fffffff}) 11:33:32 executing program 1: kexec_load(0x0, 0x0, 0x0, 0x3e0000) 11:33:32 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(r1, &(0x7f0000000240)='2', 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r2, &(0x7f0000000140)="c0", 0x1, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r2, 0x7fffffff}) 11:33:32 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(r1, &(0x7f0000000240)='2', 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r2, &(0x7f0000000140)="c0", 0x1, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r2, 0x7fffffff}) 11:33:32 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(r1, &(0x7f0000000240)='2', 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r2, &(0x7f0000000140)="c0", 0x1, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r2, 0x7fffffff}) 11:33:32 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(r1, &(0x7f0000000240)='2', 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r2, &(0x7f0000000140)="c0", 0x1, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r2, 0x7fffffff}) [ 121.285277] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 121.286053] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 121.286574] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 121.287102] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 121.287675] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 121.305401] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 121.306144] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 121.306659] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 121.307189] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00 [ 121.307749] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 8 prio class 2 [ 121.308419] Buffer I/O error on dev sr0, logical block 0, async page read [ 121.308964] Buffer I/O error on dev sr0, logical block 1, async page read [ 121.309485] Buffer I/O error on dev sr0, logical block 2, async page read [ 121.310028] Buffer I/O error on dev sr0, logical block 3, async page read [ 121.310562] Buffer I/O error on dev sr0, logical block 4, async page read [ 121.311099] Buffer I/O error on dev sr0, logical block 5, async page read [ 121.311610] Buffer I/O error on dev sr0, logical block 6, async page read [ 121.312157] Buffer I/O error on dev sr0, logical block 7, async page read [ 121.313241] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.313670] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 121.314413] Buffer I/O error on dev sr0, logical block 0, async page read [ 121.315066] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.315473] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 121.316136] Buffer I/O error on dev sr0, logical block 1, async page read [ 121.316792] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.317215] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 121.318005] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.318429] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 121.319214] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.319637] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 121.320432] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.320864] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 121.321641] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.322051] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 121.322754] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.323143] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 121.323958] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.324466] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.325010] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.325525] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.326099] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.326612] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.327139] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.327645] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 121.418312] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 121.419008] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 121.419489] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 121.419980] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 121.936268] loop0: detected capacity change from 0 to 1352 [ 121.956818] FAT-fs (loop6): bogus number of reserved sectors [ 121.957299] FAT-fs (loop6): Can't find a valid FAT filesystem [ 121.967687] FAT-fs (loop6): bogus number of reserved sectors [ 121.968464] FAT-fs (loop6): Can't find a valid FAT filesystem 11:33:34 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(r1, &(0x7f0000000240)='2', 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r2, &(0x7f0000000140)="c0", 0x1, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r2, 0x7fffffff}) 11:33:34 executing program 5: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)) mount_setattr(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8900, &(0x7f0000000080)={0x0, 0x0, 0x100000}, 0x20) 11:33:34 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_any}]}}) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000003ec0)={0xa, 0x0, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) 11:33:34 executing program 7: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x1010, r0, 0x0) syz_io_uring_setup(0x2c86, &(0x7f0000000600)={0x0, 0x0, 0x2, 0x2, 0x213}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000680), &(0x7f0000000800)) syz_io_uring_setup(0x3740, &(0x7f0000000940)={0x0, 0xda19, 0x0, 0x3, 0x309, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000000100), 0x0) finit_module(0xffffffffffffffff, &(0x7f0000000200)='\x00', 0x1) getpid() syz_io_uring_setup(0xf95, &(0x7f0000000380)={0x0, 0x23d1, 0x28, 0x3, 0x316}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000540), 0x0) pidfd_open(0x0, 0x0) syz_io_uring_setup(0x2037bc, &(0x7f0000000400)={0x0, 0x1af9, 0x20, 0x3, 0x16b}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000240)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x200, 0x20, 0x0, 0x0, 0x8, 0x1}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r1, 0x0) ptrace(0x4208, 0x0) openat(0xffffffffffffffff, 0x0, 0x100000, 0x95) close(r1) finit_module(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$vcsa(&(0x7f0000000780), 0x2, 0x0) syz_io_uring_setup(0x5e00, &(0x7f0000000840)={0x0, 0x595c, 0x10, 0x1}, &(0x7f0000ffa000/0x6000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f00000008c0), &(0x7f0000000900)) 11:33:34 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:34 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(r0, &(0x7f0000000240)=[{{&(0x7f0000000000)={0x2, 0x4e21, @private}, 0x10, 0x0}}, {{&(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000001380)=[@ip_tos_int={{0x39}}], 0x18}}, {{&(0x7f0000000040)={0x2, 0x0, @dev}, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="43dc26637762a3090e6dbd2a741d8b94812f4d52d7c3268848bed1d7f3215c6adb51d4be7d967c09b5c920d8adbd8d1274f1351d11d1e75d76a937ebd1f388ee46e04c58a8e72dcecdffa27e5e554f0c62d7a8ea4ab23d174d75cb782515a506a3239a6fa99ba392ee3c34bc41e10c5411564f6b018ab1d327778553c3abc0721a3943b1e2cb0161b23a51bf1f7b587f4e6e0aeec62984ca9589b4358364c1e7366b028b"}, {&(0x7f0000000180)="1cab9d28a57d7471a29fc95a184bb77370301c7d80536fc47551507fd5fd131e4ca7626e3f8e8824c7609e24b4e265c5580094c98d43f0ef9bde3dbf0be4dfa3b3179c3bbd06494b9ddadf53fba2a58fa64d7ffb33b3a529e1669f51afa760b89169453b61bb50fafb9b9d82e42b0c15d8cd86298a7701"}]}}], 0x2, 0x0) 11:33:34 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000400000004f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029f2118df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400028020000400000004f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029f2118df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4200}, {&(0x7f0000010700)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4400}, {&(0x7f0000010800)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4600}, {&(0x7f0000010900)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100088ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200088ea70325132510000ea70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200088ea70325132510000ea70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200088ea70325132510000ea703251070064000000", 0x120, 0x4800}, {&(0x7f0000010b00)="2e20202020202020202020100088ea70325132510000ea7032510300000000002e2e202020202020202020100088ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200088ea70325132510000ea70325104001a040000", 0x80, 0x14800}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x24800}, {&(0x7f0000011100)='syzkallers\x00'/32, 0x20, 0x34800}, {&(0x7f0000011200)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x54800}], 0x0, &(0x7f0000011300)) 11:33:34 executing program 6: syz_mount_image$vfat(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, 0x0, &(0x7f0000001580), 0x0, &(0x7f00000015c0)={[{@shortname_mixed}]}) [ 122.635163] loop0: detected capacity change from 0 to 1352 [ 122.642320] loop2: detected capacity change from 0 to 40 [ 122.643289] FAT-fs (loop6): bogus number of reserved sectors [ 122.643741] FAT-fs (loop6): Can't find a valid FAT filesystem 11:33:34 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_any}]}}) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000003ec0)={0xa, 0x0, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) [ 122.677971] syz-executor.2: attempt to access beyond end of device [ 122.677971] loop2: rw=0, sector=28, nr_sectors = 64 limit=40 [ 122.698694] syz-executor.2: attempt to access beyond end of device [ 122.698694] loop2: rw=2049, sector=92, nr_sectors = 4 limit=40 [ 122.701618] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 122.702439] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 122.702953] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 122.703428] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 122.704498] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.705050] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.705586] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.706194] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.706717] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.707316] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.707973] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.708506] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.709106] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.709641] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.710193] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.710714] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.711258] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.711794] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.712361] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.713056] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.713625] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.714202] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.714741] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.715306] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.715944] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.716476] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.717047] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.717607] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.718196] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.718719] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.719286] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.719958] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.720491] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.721958] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.722481] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.723066] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.723636] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.726021] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.726594] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.727198] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.727727] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.728305] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.729763] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.730318] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.731005] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.731539] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.732233] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.732789] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.734044] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.739056] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.739584] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.740266] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.740861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.741424] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.742273] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.743018] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.743878] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.744426] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.745051] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.745738] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.746345] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.747076] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.747713] syz-executor.2: attempt to access beyond end of device [ 122.747713] loop2: rw=2049, sector=96, nr_sectors = 4 limit=40 [ 122.749074] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.749636] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.750250] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.750771] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.751313] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.751929] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.752523] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.753060] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.753592] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.754147] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.754820] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.757992] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.758514] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.759072] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.759629] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.760235] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.760770] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.761314] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.761890] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.762430] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.762979] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.763535] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.764189] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.764771] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.768560] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.769119] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.769667] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.770225] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.770780] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.771413] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.772006] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.772537] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.773096] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.775279] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.781975] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.782524] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.784904] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.785455] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 11:33:34 executing program 7: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x1010, r0, 0x0) syz_io_uring_setup(0x2c86, &(0x7f0000000600)={0x0, 0x0, 0x2, 0x2, 0x213}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000680), &(0x7f0000000800)) syz_io_uring_setup(0x3740, &(0x7f0000000940)={0x0, 0xda19, 0x0, 0x3, 0x309, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000000100), 0x0) finit_module(0xffffffffffffffff, &(0x7f0000000200)='\x00', 0x1) getpid() syz_io_uring_setup(0xf95, &(0x7f0000000380)={0x0, 0x23d1, 0x28, 0x3, 0x316}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000540), 0x0) pidfd_open(0x0, 0x0) syz_io_uring_setup(0x2037bc, &(0x7f0000000400)={0x0, 0x1af9, 0x20, 0x3, 0x16b}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000240)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x200, 0x20, 0x0, 0x0, 0x8, 0x1}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r1, 0x0) ptrace(0x4208, 0x0) openat(0xffffffffffffffff, 0x0, 0x100000, 0x95) close(r1) finit_module(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$vcsa(&(0x7f0000000780), 0x2, 0x0) syz_io_uring_setup(0x5e00, &(0x7f0000000840)={0x0, 0x595c, 0x10, 0x1}, &(0x7f0000ffa000/0x6000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f00000008c0), &(0x7f0000000900)) 11:33:34 executing program 5: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)) mount_setattr(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8900, &(0x7f0000000080)={0x0, 0x0, 0x100000}, 0x20) 11:33:34 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_any}]}}) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000003ec0)={0xa, 0x0, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) 11:33:34 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000400000004f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029f2118df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400028020000400000004f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029f2118df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4200}, {&(0x7f0000010700)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4400}, {&(0x7f0000010800)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4600}, {&(0x7f0000010900)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100088ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200088ea70325132510000ea70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200088ea70325132510000ea70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200088ea70325132510000ea703251070064000000", 0x120, 0x4800}, {&(0x7f0000010b00)="2e20202020202020202020100088ea70325132510000ea7032510300000000002e2e202020202020202020100088ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200088ea70325132510000ea70325104001a040000", 0x80, 0x14800}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x24800}, {&(0x7f0000011100)='syzkallers\x00'/32, 0x20, 0x34800}, {&(0x7f0000011200)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x54800}], 0x0, &(0x7f0000011300)) 11:33:34 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:34 executing program 6: syz_mount_image$vfat(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, 0x0, &(0x7f0000001580), 0x0, &(0x7f00000015c0)={[{@shortname_mixed}]}) 11:33:34 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(r0, &(0x7f0000000240)=[{{&(0x7f0000000000)={0x2, 0x4e21, @private}, 0x10, 0x0}}, {{&(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000001380)=[@ip_tos_int={{0x39}}], 0x18}}, {{&(0x7f0000000040)={0x2, 0x0, @dev}, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="43dc26637762a3090e6dbd2a741d8b94812f4d52d7c3268848bed1d7f3215c6adb51d4be7d967c09b5c920d8adbd8d1274f1351d11d1e75d76a937ebd1f388ee46e04c58a8e72dcecdffa27e5e554f0c62d7a8ea4ab23d174d75cb782515a506a3239a6fa99ba392ee3c34bc41e10c5411564f6b018ab1d327778553c3abc0721a3943b1e2cb0161b23a51bf1f7b587f4e6e0aeec62984ca9589b4358364c1e7366b028b"}, {&(0x7f0000000180)="1cab9d28a57d7471a29fc95a184bb77370301c7d80536fc47551507fd5fd131e4ca7626e3f8e8824c7609e24b4e265c5580094c98d43f0ef9bde3dbf0be4dfa3b3179c3bbd06494b9ddadf53fba2a58fa64d7ffb33b3a529e1669f51afa760b89169453b61bb50fafb9b9d82e42b0c15d8cd86298a7701"}]}}], 0x2, 0x0) [ 122.855142] loop2: detected capacity change from 0 to 40 [ 122.863329] FAT-fs (loop6): bogus number of reserved sectors [ 122.863471] loop0: detected capacity change from 0 to 1352 [ 122.863766] FAT-fs (loop6): Can't find a valid FAT filesystem 11:33:34 executing program 5: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)) mount_setattr(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8900, &(0x7f0000000080)={0x0, 0x0, 0x100000}, 0x20) 11:33:34 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) [ 122.890617] loop1: detected capacity change from 0 to 40 [ 122.906564] syz-executor.1: attempt to access beyond end of device [ 122.906564] loop1: rw=0, sector=28, nr_sectors = 64 limit=40 11:33:34 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(r0, &(0x7f0000000240)=[{{&(0x7f0000000000)={0x2, 0x4e21, @private}, 0x10, 0x0}}, {{&(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000001380)=[@ip_tos_int={{0x39}}], 0x18}}, {{&(0x7f0000000040)={0x2, 0x0, @dev}, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="43dc26637762a3090e6dbd2a741d8b94812f4d52d7c3268848bed1d7f3215c6adb51d4be7d967c09b5c920d8adbd8d1274f1351d11d1e75d76a937ebd1f388ee46e04c58a8e72dcecdffa27e5e554f0c62d7a8ea4ab23d174d75cb782515a506a3239a6fa99ba392ee3c34bc41e10c5411564f6b018ab1d327778553c3abc0721a3943b1e2cb0161b23a51bf1f7b587f4e6e0aeec62984ca9589b4358364c1e7366b028b"}, {&(0x7f0000000180)="1cab9d28a57d7471a29fc95a184bb77370301c7d80536fc47551507fd5fd131e4ca7626e3f8e8824c7609e24b4e265c5580094c98d43f0ef9bde3dbf0be4dfa3b3179c3bbd06494b9ddadf53fba2a58fa64d7ffb33b3a529e1669f51afa760b89169453b61bb50fafb9b9d82e42b0c15d8cd86298a7701"}]}}], 0x2, 0x0) [ 122.912909] syz-executor.2: attempt to access beyond end of device [ 122.912909] loop2: rw=0, sector=28, nr_sectors = 64 limit=40 [ 122.916628] syz-executor.1: attempt to access beyond end of device [ 122.916628] loop1: rw=2049, sector=92, nr_sectors = 4 limit=40 [ 122.932035] syz-executor.2: attempt to access beyond end of device [ 122.932035] loop2: rw=2049, sector=92, nr_sectors = 4 limit=40 11:33:34 executing program 6: syz_mount_image$vfat(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, 0x0, &(0x7f0000001580), 0x0, &(0x7f00000015c0)={[{@shortname_mixed}]}) [ 122.961356] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 122.962082] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 122.962571] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 122.963078] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 122.965746] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.967883] FAT-fs (loop6): bogus number of reserved sectors [ 122.967973] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.968331] FAT-fs (loop6): Can't find a valid FAT filesystem [ 122.968994] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.970216] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.970745] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.971317] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.971935] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.972961] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.973557] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.974264] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.974945] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.975495] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.976532] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.978985] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.979748] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.980374] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.980989] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.981544] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.982487] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.983122] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.983655] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.984233] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.985993] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.986542] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.987320] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.987981] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.990954] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.991484] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.992127] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.992666] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.993674] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.994218] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.994811] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.995308] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.996513] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.997100] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.997685] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.998473] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.999036] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 122.999583] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.000356] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.001311] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.001891] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.002431] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.003060] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.003735] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.004359] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.004928] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.005541] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.006100] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.006672] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.007251] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.007958] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.008511] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.009123] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.009643] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 11:33:34 executing program 7: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x1010, r0, 0x0) syz_io_uring_setup(0x2c86, &(0x7f0000000600)={0x0, 0x0, 0x2, 0x2, 0x213}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000680), &(0x7f0000000800)) syz_io_uring_setup(0x3740, &(0x7f0000000940)={0x0, 0xda19, 0x0, 0x3, 0x309, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000000100), 0x0) finit_module(0xffffffffffffffff, &(0x7f0000000200)='\x00', 0x1) getpid() syz_io_uring_setup(0xf95, &(0x7f0000000380)={0x0, 0x23d1, 0x28, 0x3, 0x316}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000540), 0x0) pidfd_open(0x0, 0x0) syz_io_uring_setup(0x2037bc, &(0x7f0000000400)={0x0, 0x1af9, 0x20, 0x3, 0x16b}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000240)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x200, 0x20, 0x0, 0x0, 0x8, 0x1}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r1, 0x0) ptrace(0x4208, 0x0) openat(0xffffffffffffffff, 0x0, 0x100000, 0x95) close(r1) finit_module(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$vcsa(&(0x7f0000000780), 0x2, 0x0) syz_io_uring_setup(0x5e00, &(0x7f0000000840)={0x0, 0x595c, 0x10, 0x1}, &(0x7f0000ffa000/0x6000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f00000008c0), &(0x7f0000000900)) 11:33:34 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:34 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:34 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:34 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:34 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000400000004f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029f2118df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400028020000400000004f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029f2118df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4200}, {&(0x7f0000010700)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4400}, {&(0x7f0000010800)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4600}, {&(0x7f0000010900)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100088ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200088ea70325132510000ea70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200088ea70325132510000ea70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200088ea70325132510000ea703251070064000000", 0x120, 0x4800}, {&(0x7f0000010b00)="2e20202020202020202020100088ea70325132510000ea7032510300000000002e2e202020202020202020100088ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200088ea70325132510000ea70325104001a040000", 0x80, 0x14800}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x24800}, {&(0x7f0000011100)='syzkallers\x00'/32, 0x20, 0x34800}, {&(0x7f0000011200)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x54800}], 0x0, &(0x7f0000011300)) 11:33:34 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) [ 123.070240] loop1: detected capacity change from 0 to 40 write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) [ 123.073690] loop6: detected capacity change from 0 to 40 [ 123.088114] loop2: detected capacity change from 0 to 40 [ 123.091982] loop3: detected capacity change from 0 to 40 [ 123.092734] loop0: detected capacity change from 0 to 1352 [ 123.095638] loop4: detected capacity change from 0 to 40 11:33:34 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) [ 123.110255] loop5: detected capacity change from 0 to 40 [ 123.116880] syz-executor.6: attempt to access beyond end of device [ 123.116880] loop6: rw=0, sector=28, nr_sectors = 64 limit=40 [ 123.121050] syz-executor.1: attempt to access beyond end of device [ 123.121050] loop1: rw=0, sector=28, nr_sectors = 64 limit=40 [ 123.130158] syz-executor.2: attempt to access beyond end of device [ 123.130158] loop2: rw=0, sector=28, nr_sectors = 64 limit=40 [ 123.137256] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 123.138187] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 123.138855] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 123.139480] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 123.140729] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.142323] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.143142] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.144273] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.145001] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.145678] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.146367] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.147226] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.148244] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.149177] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.151251] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.152030] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.152593] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.153820] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.154388] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.155253] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.156140] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.157187] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.158274] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.158798] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.160052] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.160607] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.161404] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.162090] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.163038] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.163598] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.164200] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.166515] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.167147] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.167706] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.168398] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.169255] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.170008] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.173449] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.175411] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.176444] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.177196] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 11:33:34 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:34 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) [ 123.189119] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.190130] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.190694] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 11:33:34 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) [ 123.216621] loop1: detected capacity change from 0 to 40 11:33:34 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:34 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) [ 123.250692] loop2: detected capacity change from 0 to 40 11:33:34 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:34 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) [ 123.274348] loop1: detected capacity change from 0 to 40 [ 123.279867] loop6: detected capacity change from 0 to 40 [ 123.292100] loop5: detected capacity change from 0 to 40 [ 123.298852] loop4: detected capacity change from 0 to 40 [ 123.302277] loop3: detected capacity change from 0 to 40 [ 123.328458] loop7: detected capacity change from 0 to 40 11:33:35 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:35 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:35 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) [ 123.381600] loop1: detected capacity change from 0 to 40 11:33:35 executing program 3: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) [ 123.433133] loop3: detected capacity change from 0 to 40 [ 123.439013] loop6: detected capacity change from 0 to 40 11:33:35 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) [ 123.506055] loop5: detected capacity change from 0 to 40 [ 123.514391] loop7: detected capacity change from 0 to 40 [ 123.514778] loop4: detected capacity change from 0 to 40 [ 123.516614] loop1: detected capacity change from 0 to 40 [ 123.523672] loop2: detected capacity change from 0 to 40 11:33:35 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:35 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:35 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:35 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:35 executing program 6: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x1010, r0, 0x0) syz_io_uring_setup(0x2c86, &(0x7f0000000600)={0x0, 0x0, 0x2, 0x2, 0x213}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000680), &(0x7f0000000800)) syz_io_uring_setup(0x3740, &(0x7f0000000940)={0x0, 0xda19, 0x0, 0x3, 0x309, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000000100), 0x0) finit_module(0xffffffffffffffff, &(0x7f0000000200)='\x00', 0x1) getpid() syz_io_uring_setup(0xf95, &(0x7f0000000380)={0x0, 0x23d1, 0x28, 0x3, 0x316}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000540), 0x0) pidfd_open(0x0, 0x0) syz_io_uring_setup(0x2037bc, &(0x7f0000000400)={0x0, 0x1af9, 0x20, 0x3, 0x16b}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000240)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x200, 0x20, 0x0, 0x0, 0x8, 0x1}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r1, 0x0) ptrace(0x4208, 0x0) openat(0xffffffffffffffff, 0x0, 0x100000, 0x95) close(r1) finit_module(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$vcsa(&(0x7f0000000780), 0x2, 0x0) syz_io_uring_setup(0x5e00, &(0x7f0000000840)={0x0, 0x595c, 0x10, 0x1}, &(0x7f0000ffa000/0x6000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f00000008c0), &(0x7f0000000900)) 11:33:35 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_any}]}}) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000003ec0)={0xa, 0x0, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) [ 123.592388] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 123.593023] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 123.593478] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 123.593916] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 123.595340] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.595919] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.596567] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.597330] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.598062] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.599036] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.599679] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.600582] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.603004] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.603547] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.604325] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.604872] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.605440] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.606767] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.607355] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.608143] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.608689] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.609238] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.609765] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.610339] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.610909] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.611463] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.612072] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.612625] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.613276] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.613933] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.614508] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.615066] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.615573] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.616133] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.616651] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.617221] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.617775] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.618319] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.618947] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.619496] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.620053] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.620600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.621134] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.621692] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.622289] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.622849] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.623411] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.623994] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.624501] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.625063] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.625569] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.626138] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.626758] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.627900] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.628473] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.629168] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.629691] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.630313] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.630853] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.631363] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.631943] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.632621] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.633146] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.633671] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.634177] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.634701] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.635219] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.635730] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 11:33:35 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) 11:33:35 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) [ 123.648048] loop7: detected capacity change from 0 to 40 [ 123.651591] loop2: detected capacity change from 0 to 40 11:33:35 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_any}]}}) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000003ec0)={0xa, 0x0, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) 11:33:35 executing program 3: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x1010, r0, 0x0) syz_io_uring_setup(0x2c86, &(0x7f0000000600)={0x0, 0x0, 0x2, 0x2, 0x213}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000680), &(0x7f0000000800)) syz_io_uring_setup(0x3740, &(0x7f0000000940)={0x0, 0xda19, 0x0, 0x3, 0x309, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000000100), 0x0) finit_module(0xffffffffffffffff, &(0x7f0000000200)='\x00', 0x1) getpid() syz_io_uring_setup(0xf95, &(0x7f0000000380)={0x0, 0x23d1, 0x28, 0x3, 0x316}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000540), 0x0) pidfd_open(0x0, 0x0) syz_io_uring_setup(0x2037bc, &(0x7f0000000400)={0x0, 0x1af9, 0x20, 0x3, 0x16b}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000240)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x200, 0x20, 0x0, 0x0, 0x8, 0x1}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r1, 0x0) ptrace(0x4208, 0x0) openat(0xffffffffffffffff, 0x0, 0x100000, 0x95) close(r1) finit_module(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$vcsa(&(0x7f0000000780), 0x2, 0x0) syz_io_uring_setup(0x5e00, &(0x7f0000000840)={0x0, 0x595c, 0x10, 0x1}, &(0x7f0000ffa000/0x6000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f00000008c0), &(0x7f0000000900)) 11:33:35 executing program 5: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x1010, r0, 0x0) syz_io_uring_setup(0x2c86, &(0x7f0000000600)={0x0, 0x0, 0x2, 0x2, 0x213}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000680), &(0x7f0000000800)) syz_io_uring_setup(0x3740, &(0x7f0000000940)={0x0, 0xda19, 0x0, 0x3, 0x309, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000000100), 0x0) finit_module(0xffffffffffffffff, &(0x7f0000000200)='\x00', 0x1) getpid() syz_io_uring_setup(0xf95, &(0x7f0000000380)={0x0, 0x23d1, 0x28, 0x3, 0x316}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000540), 0x0) pidfd_open(0x0, 0x0) syz_io_uring_setup(0x2037bc, &(0x7f0000000400)={0x0, 0x1af9, 0x20, 0x3, 0x16b}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000240)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x200, 0x20, 0x0, 0x0, 0x8, 0x1}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r1, 0x0) ptrace(0x4208, 0x0) openat(0xffffffffffffffff, 0x0, 0x100000, 0x95) close(r1) finit_module(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$vcsa(&(0x7f0000000780), 0x2, 0x0) syz_io_uring_setup(0x5e00, &(0x7f0000000840)={0x0, 0x595c, 0x10, 0x1}, &(0x7f0000ffa000/0x6000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f00000008c0), &(0x7f0000000900)) 11:33:35 executing program 6: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x1010, r0, 0x0) syz_io_uring_setup(0x2c86, &(0x7f0000000600)={0x0, 0x0, 0x2, 0x2, 0x213}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000680), &(0x7f0000000800)) syz_io_uring_setup(0x3740, &(0x7f0000000940)={0x0, 0xda19, 0x0, 0x3, 0x309, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000000100), 0x0) finit_module(0xffffffffffffffff, &(0x7f0000000200)='\x00', 0x1) getpid() syz_io_uring_setup(0xf95, &(0x7f0000000380)={0x0, 0x23d1, 0x28, 0x3, 0x316}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000540), 0x0) pidfd_open(0x0, 0x0) syz_io_uring_setup(0x2037bc, &(0x7f0000000400)={0x0, 0x1af9, 0x20, 0x3, 0x16b}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000240)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x200, 0x20, 0x0, 0x0, 0x8, 0x1}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r1, 0x0) ptrace(0x4208, 0x0) openat(0xffffffffffffffff, 0x0, 0x100000, 0x95) close(r1) finit_module(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$vcsa(&(0x7f0000000780), 0x2, 0x0) syz_io_uring_setup(0x5e00, &(0x7f0000000840)={0x0, 0x595c, 0x10, 0x1}, &(0x7f0000ffa000/0x6000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f00000008c0), &(0x7f0000000900)) 11:33:35 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1000, 0x1, &(0x7f0000000380)="ee36a03acde99996c7a20edbc52156f41d9b165b50e96ab5afbe0612018a2f773ca7bf7f5474ea570393459eea77ba89a9bb8914c3f09623219e35a9c8ea1a06c85bda53c22f67f09387da8c9689d7f7c27f230cb1722af7254bb832cdd986eccc250174a64f1849615c311225c95a70547cf706ebb9a04e1b7f624db5a33c3107dc4c655f306b091a555646708d546c63619a23b6934e8e7a51f9da9012fdfe65cac4d273b4e01c4daa64a4835a6e76495145f56e2c76886b3b7e55e40624e123bb410dca16aa19bd1919a7e0b6c020d14de6e2b81ce59ac49b5d7a2e90af43ca1d4c16c66fa17732935399e26443f0da226df12cfc750a8814f5717967", 0x7f, 0x0, 0x0, {0x1}}, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x6844c0, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x8000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) sendfile(r3, r3, 0x0, 0x8000) mount(&(0x7f0000000240)=@md0, &(0x7f0000000300)='./file2\x00', &(0x7f0000000340)='reiserfs\x00', 0x401, 0x0) sendfile(r1, r0, &(0x7f0000000180)=0x6, 0x8) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r1, 0x0, 0xfffffdef) chdir(&(0x7f00000001c0)='./file2\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sysvipc/msg\x00', 0x0, 0x0) syncfs(r4) [ 123.749741] loop2: detected capacity change from 0 to 40 [ 123.785472] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 123.786212] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 123.786711] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 123.787247] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 123.802223] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.802870] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.805969] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.806627] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.807323] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.808057] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.808726] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.809383] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.810280] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.810968] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.811626] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.812316] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.812990] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.813653] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.814322] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.815010] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.815672] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.816393] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.817054] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.817690] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.818385] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.819042] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.819698] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.820397] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.834383] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.834892] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.835518] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.836123] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.836676] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.837241] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.837781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.838429] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.839013] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.839559] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.854625] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.855243] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.856015] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.856690] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.857249] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.857793] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.858350] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 123.869719] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 11:33:35 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_any}]}}) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000003ec0)={0xa, 0x0, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) 11:33:35 executing program 4: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x1010, r0, 0x0) syz_io_uring_setup(0x2c86, &(0x7f0000000600)={0x0, 0x0, 0x2, 0x2, 0x213}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000680), &(0x7f0000000800)) syz_io_uring_setup(0x3740, &(0x7f0000000940)={0x0, 0xda19, 0x0, 0x3, 0x309, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000000100), 0x0) finit_module(0xffffffffffffffff, &(0x7f0000000200)='\x00', 0x1) getpid() syz_io_ VM DIAGNOSIS: 11:33:32 Registers: info registers vcpu 0 RAX=dffffc0000000000 RBX=0000000000000001 RCX=0000000000000001 RDX=1ffff11002ff0eae RSI=ffff888017f87f10 RDI=ffff888017f87578 RBP=ffff888017f87f48 RSP=ffff888017f874a8 R8 =ffffffff85ecaf60 R9 =ffffffff85ecaf64 R10=ffffed1002ff0eb2 R11=ffff888017f87568 R12=ffff888017f87569 R13=ffff888017f87588 R14=ffff888017f87528 R15=0000000000000005 RIP=ffffffff8111c84c RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f8ce38f3310 CR3=000000001847c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 6461657268747062 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00302e6f732e6461 657268747062696c YMM03=0000000000000000 0000000000000000 2f756e672d78756e 696c2d34365f3638 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b24f1 RDI=ffffffff87641b60 RBP=ffffffff87641b20 RSP=ffff88803ef3f698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000038 R11=0000000000000001 R12=0000000000000038 R13=ffffffff87641b20 R14=0000000000000010 R15=ffffffff822b24e0 RIP=ffffffff822b2549 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f090f53f700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000000000 CR3=000000003ece0000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f09120b07c0 00007f09120b07c8 YMM02=0000000000000000 0000000000000000 00007f09120b07e0 00007f09120b07c0 YMM03=0000000000000000 0000000000000000 00007f09120b07c8 00007f09120b07c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000