xf6\x15\xc1]\xc8\x85\xee\xe5\x1e\x0e\xda\x18\xd4^\xe7\x048\x9fN\xf2\xbaI\\\xc2\xa5\xf4\xe2L\xa9{=\xcd\xcf\xff\xb3\x83\x9d/\x00'/162, 0x0, 0xffffffffffffffff) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sendfile(r1, r0, 0x0, 0xfffffdef) sendmsg$NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x38, 0x0, 0x1, 0x70bd26, 0x25dfdc00, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x38}, 0x1, 0x0, 0x0, 0x200080c0}, 0x40) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f00000003c0)={0x5, 0x7ff, 0x4}) 22:32:38 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, 0x0, 0x0, 0xffffffffffffffff) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sendfile(r1, r0, 0x0, 0xfffffdef) sendmsg$NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x38, 0x0, 0x1, 0x70bd26, 0x25dfdc00, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x38}, 0x1, 0x0, 0x0, 0x200080c0}, 0x40) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f00000003c0)={0x5, 0x7ff, 0x4}) 22:32:38 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sendfile(r1, r0, 0x0, 0xfffffdef) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) [ 3142.752137] loop6: detected capacity change from 0 to 40 [ 3142.755776] FAT-fs (loop6): count of clusters too big (42468350) [ 3142.756178] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3142.776005] loop4: detected capacity change from 0 to 40 [ 3142.784989] loop7: detected capacity change from 0 to 40 [ 3142.791718] FAT-fs (loop5): bogus number of reserved sectors [ 3142.792529] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3142.806932] loop6: detected capacity change from 0 to 40 [ 3142.818245] FAT-fs (loop6): count of clusters too big (42468350) [ 3142.818866] FAT-fs (loop6): Can't find a valid FAT filesystem 22:32:38 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sendfile(r1, r0, 0x0, 0xfffffdef) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 22:32:38 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf [ 3174.997099] dump_stack_lvl+0x8f/0xb7 [ 3174.997486] should_fail_ex.cold+0x5/0xa [ 3174.997906] should_failslab+0x9/0x20 [ 3174.998293] __kmem_cache_alloc_node+0x5b/0x400 [ 3174.998752] ? alloc_pipe_info+0x109/0x590 [ 3174.999193] kmalloc_trace+0x26/0x60 [ 3174.999588] alloc_pipe_info+0x109/0x590 [ 3175.000017] splice_direct_to_actor+0x6e6/0x8c0 [ 3175.000488] ? __pfx_direct_splice_actor+0x10/0x10 [ 3175.000986] ? inode_security+0x105/0x140 [ 3175.001415] ? avc_policy_seqno+0xd/0x70 [ 3175.001823] ? selinux_file_permission+0x3a/0x510 [ 3175.002321] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 3175.002833] ? security_file_permission+0xb5/0xe0 [ 3175.003337] do_splice_direct+0x1bc/0x290 [ 3175.003767] ? __pfx_do_splice_direct+0x10/0x10 [ 3175.004248] ? lock_is_held_type+0xdb/0x130 [ 3175.004717] do_sendfile+0xb1d/0x1280 [ 3175.005131] ? __pfx_do_sendfile+0x10/0x10 [ 3175.005574] ? lock_is_held_type+0xdb/0x130 [ 3175.006017] __x64_sys_sendfile64+0x248/0x2a0 [ 3175.006466] ? trace_rcu_dyntick+0x1a7/0x250 [ 3175.006905] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 3175.007408] ? syscall_enter_from_user_mode+0x21/0x50 [ 3175.007940] ? syscall_enter_from_user_mode+0x21/0x50 [ 3175.008476] do_syscall_64+0x3f/0x90 [ 3175.008865] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 3175.009397] RIP: 0033:0x7f2e782beb19 [ 3175.009769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3175.011512] RSP: 002b:00007f2e75834188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3175.012240] RAX: ffffffffffffffda RBX: 00007f2e783d1f60 RCX: 00007f2e782beb19 [ 3175.012963] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000006 [ 3175.013659] RBP: 00007f2e758341d0 R08: 0000000000000000 R09: 0000000000000000 [ 3175.014356] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001 [ 3175.015042] R13: 00007fffc3e1f11f R14: 00007f2e75834300 R15: 0000000000022000 [ 3175.015759] [ 3175.029343] loop6: detected capacity change from 0 to 40 [ 3175.034803] FAT-fs (loop6): count of clusters too big (42468350) [ 3175.036153] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3175.066611] loop6: detected capacity change from 0 to 40 [ 3175.080265] FAT-fs (loop6): count of clusters too big (42468350) [ 3175.081009] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3175.082112] loop7: detected capacity change from 0 to 40 22:33:10 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf [ 3211.314744] dump_stack_lvl+0x8f/0xb7 [ 3211.315326] should_fail_ex.cold+0x5/0xa [ 3211.315952] ? mas_alloc_nodes+0x420/0x800 [ 3211.316580] should_failslab+0x9/0x20 [ 3211.317187] kmem_cache_alloc+0x5a/0x410 [ 3211.317812] mas_alloc_nodes+0x420/0x800 [ 3211.318435] mas_preallocate+0x1bf/0x370 [ 3211.319069] do_mas_align_munmap.constprop.0+0x111/0x1000 [ 3211.319901] ? __pfx_do_mas_align_munmap.constprop.0+0x10/0x10 [ 3211.320787] ? mas_walk+0x4b7/0x6b0 [ 3211.321388] ? mas_find+0x20d/0xdf0 [ 3211.321978] ? __pfx___lock_acquire+0x10/0x10 [ 3211.322681] do_mas_munmap+0x1ec/0x2c0 [ 3211.323290] mmap_region+0x21f/0x1b90 [ 3211.323897] ? __pfx_lock_acquire+0x10/0x10 [ 3211.324566] ? __pfx_mmap_region+0x10/0x10 [ 3211.325226] ? security_mmap_addr+0x7d/0xa0 [ 3211.325893] ? get_unmapped_area+0x1e9/0x3e0 [ 3211.326568] do_mmap+0x82c/0xf50 [ 3211.327116] vm_mmap_pgoff+0x1b3/0x270 [ 3211.327736] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 3211.328449] ksys_mmap_pgoff+0x3d4/0x500 [ 3211.329103] do_syscall_64+0x3f/0x90 [ 3211.329678] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 3211.330470] RIP: 0033:0x7f309199db19 [ 3211.331034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3211.333638] RSP: 002b:00007f308ef13188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 3211.334741] RAX: ffffffffffffffda RBX: 00007f3091ab0f60 RCX: 00007f309199db19 [ 3211.335770] RDX: 0000000001000004 RSI: 0000000000002000 RDI: 0000000020ffc000 [ 3211.336806] RBP: 00007f308ef131d0 R08: 0000000000000003 R09: 0000000000000000 [ 3211.337862] R10: 0000000000002811 R11: 0000000000000246 R12: 0000000000000001 [ 3211.339010] R13: 00007ffead1560df R14: 00007f308ef13300 R15: 0000000000022000 [ 3211.340168] [ 3211.369799] FAT-fs (loop6): count of clusters too big (42468350) [ 3211.370878] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3211.441336] loop6: detected capacity change from 0 to 40 [ 3211.472007] FAT-fs (loop6): count of clusters too big (42468350) [ 3211.473170] FAT-fs (loop6): Can't find a valid FAT filesystem 22:33:46 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) (fail_nth: 2) syz_io_uring_setup(0x7668, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0) [ 3211.540950] syz-executor.4: attempt to access beyond end of device [ 3211.540950] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 3211.541976] Buffer I/O error on dev loop4, logical block 10, lost async page write 22:33:46 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="026f0000646f7366d8a02b00080101000440102000f801a2", 0x18}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) 22:33:46 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf [ 3212.049141] dump_stack_lvl+0x8f/0xb7 [ 3212.049700] should_fail_ex.cold+0x5/0xa [ 3212.050295] should_failslab+0x9/0x20 [ 3212.050847] kmem_cache_alloc_bulk+0x6a/0x780 [ 3212.051491] ? kmem_cache_alloc+0x237/0x410 [ 3212.052120] mas_alloc_nodes+0x2ff/0x800 [ 3212.052841] mas_preallocate+0x1bf/0x370 [ 3212.053455] do_mas_align_munmap.constprop.0+0x111/0x1000 [ 3212.054249] ? __pfx_do_mas_align_munmap.constprop.0+0x10/0x10 [ 3212.055054] ? mas_walk+0x4b7/0x6b0 [ 3212.055599] ? mas_find+0x20d/0xdf0 [ 3212.056144] ? __pfx___lock_acquire+0x10/0x10 [ 3212.056796] do_mas_munmap+0x1ec/0x2c0 [ 3212.057390] mmap_region+0x21f/0x1b90 [ 3212.057957] ? __pfx_lock_acquire+0x10/0x10 [ 3212.058576] ? __pfx_mmap_region+0x10/0x10 [ 3212.059195] ? security_mmap_addr+0x7d/0xa0 [ 3212.059812] ? get_unmapped_area+0x1e9/0x3e0 [ 3212.060441] do_mmap+0x82c/0xf50 [ 3212.060955] vm_mmap_pgoff+0x1b3/0x270 [ 3212.061529] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 3212.062196] ksys_mmap_pgoff+0x3d4/0x500 [ 3212.062787] do_syscall_64+0x3f/0x90 [ 3212.063323] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 3212.064056] RIP: 0033:0x7f309199db19 [ 3212.064579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3212.066995] RSP: 002b:00007f308ef13188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 3212.068028] RAX: ffffffffffffffda RBX: 00007f3091ab0f60 RCX: 00007f309199db19 [ 3212.069009] RDX: 0000000001000004 RSI: 0000000000002000 RDI: 0000000020ffc000 [ 3212.069975] RBP: 00007f308ef131d0 R08: 0000000000000003 R09: 0000000000000000 [ 3212.070937] R10: 0000000000002811 R11: 0000000000000246 R12: 0000000000000001 [ 3212.071931] R13: 00007ffead1560df R14: 00007f308ef13300 R15: 0000000000022000 [ 3212.072938] 22:33:47 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="02710000646f7366d8a02b00080101000440102000f801a2", 0x18}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) [ 3212.224231] loop6: detected capacity change from 0 to 40 [ 3212.264695] FAT-fs (loop6): count of clusters too big (42468350) [ 3212.265787] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3212.302006] loop6: detected capacity change from 0 to 40 [ 3212.325420] FAT-fs (loop6): count of clusters too big (42468350) [ 3212.326535] FAT-fs (loop6): Can't find a valid FAT filesystem 22:34:00 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf [ 3225.041804] dump_stack_lvl+0x8f/0xb7 [ 3225.042164] should_fail_ex.cold+0x5/0xa [ 3225.042528] ? getname_flags.part.0+0x50/0x4f0 [ 3225.042956] should_failslab+0x9/0x20 [ 3225.043290] kmem_cache_alloc+0x5a/0x410 [ 3225.043670] getname_flags.part.0+0x50/0x4f0 [ 3225.044080] getname_flags+0x9e/0xf0 [ 3225.044429] user_path_at_empty+0x2f/0x70 [ 3225.044794] inotify_find_inode+0x2e/0x160 [ 3225.045186] __x64_sys_inotify_add_watch+0x1f5/0x360 [ 3225.045643] ? __pfx___x64_sys_inotify_add_watch+0x10/0x10 [ 3225.046143] ? syscall_enter_from_user_mode+0x21/0x50 [ 3225.046604] ? syscall_enter_from_user_mode+0x21/0x50 [ 3225.047066] do_syscall_64+0x3f/0x90 [ 3225.047393] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 3225.047864] RIP: 0033:0x7fd13a674b19 [ 3225.048190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3225.049755] RSP: 002b:00007fd137bea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000fe [ 3225.050417] RAX: ffffffffffffffda RBX: 00007fd13a787f60 RCX: 00007fd13a674b19 [ 3225.051031] RDX: 0000000040000020 RSI: 0000000020000400 RDI: 0000000000000004 [ 3225.051627] RBP: 00007fd137bea1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3225.052239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3225.052838] R13: 00007ffcf672f09f R14: 00007fd137bea300 R15: 0000000000022000 [ 3225.053491] [ 3225.093936] loop7: detected capacity change from 0 to 40 [ 3225.101690] loop6: detected capacity change from 0 to 40 [ 3225.126007] loop4: detected capacity change from 0 to 40 [ 3225.128700] loop5: detected capacity change from 0 to 40 [ 3225.133118] FAT-fs (loop6): count of clusters too big (42468350) [ 3225.134556] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3225.143977] FAT-fs (loop5): bogus number of reserved sectors [ 3225.144932] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3225.170923] loop6: detected capacity change from 0 to 40 [ 3225.181543] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3225.182818] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3225.183882] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3225.184891] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 3225.186132] blk_print_req_error: 33 callbacks suppressed [ 3225.186150] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 3225.189631] FAT-fs (loop6): count of clusters too big (42468350) [ 3225.193087] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3225.202452] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3225.203374] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3225.204559] buffer_io_error: 40 callbacks suppressed [ 3225.204575] Buffer I/O error on dev sr0, logical block 0, async page read [ 3225.206323] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3225.207093] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 7 prio class 2 [ 3225.208207] Buffer I/O error on dev sr0, logical block 1, async page read 22:34:00 executing program 3: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000400)='./file0\x00', 0x40000020) (fail_nth: 2) pivot_root(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') r2 = open_tree(r0, &(0x7f0000000340)='./file0\x00', 0x1100) r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r3, {0x401}}, './file0\x00'}) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3, 0x18, 0x0) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) inotify_add_watch(r1, &(0x7f0000000080)='./file1\x00', 0x0) [ 3225.209254] Buffer I/O error on dev sr0, logical block 2, async page read [ 3225.210330] Buffer I/O error on dev sr0, logical block 3, async page read [ 3225.211234] Buffer I/O error on dev sr0, logical block 4, async page read [ 3225.212171] Buffer I/O error on dev sr0, logical block 5, async page read [ 3225.213102] Buffer I/O error on dev sr0, logical block 6, async page read [ 3225.214029] Buffer I/O error on dev sr0, logical block 7, async page read [ 3225.217250] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3225.218177] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3225.219337] Buffer I/O error on dev sr0, logical block 0, async page read [ 3225.220664] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3225.221694] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3225.222813] Buffer I/O error on dev sr0, logical block 1, async page read [ 3225.223971] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3225.224876] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3225.226175] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3225.227050] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3225.230363] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3225.231089] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3225.233398] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3225.234127] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3225.236530] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3225.237247] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3225.238830] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 22:34:00 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0x0}) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x0, 0x103, 0x0, 0x0, {{0x5}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_START_P2P_DEVICE(r1, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="1716fb07e7ffff3d", @ANYRES32=r3, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000004) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x72a2b47646f7b129, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x161, 0x0, 0x0, 0x0, 0x0, 0x400000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf [ 3226.090579] dump_stack_lvl+0x8f/0xb7 [ 3226.091107] should_fail_ex.cold+0x5/0xa [ 3226.091653] strncpy_from_user+0x38/0x500 [ 3226.092196] getname_flags.part.0+0x95/0x4f0 [ 3226.092798] getname_flags+0x9e/0xf0 [ 3226.093311] user_path_at_empty+0x2f/0x70 [ 3226.093892] inotify_find_inode+0x2e/0x160 [ 3226.094518] __x64_sys_inotify_add_watch+0x1f5/0x360 [ 3226.095230] ? __pfx___x64_sys_inotify_add_watch+0x10/0x10 [ 3226.096031] ? syscall_enter_from_user_mode+0x21/0x50 [ 3226.096788] ? syscall_enter_from_user_mode+0x21/0x50 [ 3226.097568] do_syscall_64+0x3f/0x90 [ 3226.098128] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 3226.098882] RIP: 0033:0x7fd13a674b19 [ 3226.099403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3226.101911] RSP: 002b:00007fd137bea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000fe [ 3226.102968] RAX: ffffffffffffffda RBX: 00007fd13a787f60 RCX: 00007fd13a674b19 [ 3226.103994] RDX: 0000000040000020 RSI: 0000000020000400 RDI: 0000000000000004 [ 3226.105005] RBP: 00007fd137bea1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3226.106027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3226.107041] R13: 00007ffcf672f09f R14: 00007fd137bea300 R15: 0000000000022000 [ 3226.108068] [ 3226.147232] loop6: detected capacity change from 0 to 40 [ 3226.168876] FAT-fs (loop6): count of clusters too big (42468350) [ 3226.169998] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3226.195759] loop6: detected capacity change from 0 to 40 [ 3226.217413] FAT-fs (loop6): count of clusters too big (42468350) [ 3226.218159] FAT-fs (loop6): Can't find a valid FAT filesystem 22:34:01 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf [ 3239.187842] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3239.188330] dump_stack_lvl+0x8f/0xb7 [ 3239.188357] should_fail_ex.cold+0x5/0xa [ 3239.189135] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3239.189178] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3239.189342] ? inotify_update_watch+0x52a/0xc50 [ 3239.189367] should_failslab+0x9/0x20 [ 3239.190506] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3239.190601] kmem_cache_alloc+0x5a/0x410 [ 3239.191122] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3239.191468] inotify_update_watch+0x52a/0xc50 [ 3239.191498] __x64_sys_inotify_add_watch+0x2c3/0x360 [ 3239.192659] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3239.192793] ? __pfx___x64_sys_inotify_add_watch+0x10/0x10 [ 3239.193337] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3239.193636] ? syscall_enter_from_user_mode+0x21/0x50 [ 3239.194331] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3239.194712] do_syscall_64+0x3f/0x90 [ 3239.195606] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3239.195796] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3239.195989] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 3239.196879] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3239.197242] RIP: 0033:0x7fd13a674b19 [ 3239.198110] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3239.198259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3239.198941] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3239.199098] RSP: 002b:00007fd137bea188 EFLAGS: 00000246 [ 3239.199969] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3239.200106] ORIG_RAX: 00000000000000fe [ 3239.200115] RAX: ffffffffffffffda RBX: 00007fd13a787f60 RCX: 00007fd13a674b19 [ 3239.200956] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3239.201021] RDX: 0000000040000020 RSI: 0000000020000400 RDI: 0000000000000004 [ 3239.201034] RBP: 00007fd137bea1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3239.201046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3239.201058] R13: 00007ffcf672f09f R14: 00007fd137bea300 R15: 0000000000022000 [ 3239.203218] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3239.203345] [ 3239.228258] loop6: detected capacity change from 0 to 40 [ 3239.244240] FAT-fs (loop6): count of clusters too big (42468350) [ 3239.244769] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3239.336989] syz-executor.4: attempt to access beyond end of device [ 3239.336989] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 22:34:14 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf [ 3253.851520] dump_stack_lvl+0x8f/0xb7 [ 3253.851809] should_fail_ex.cold+0x5/0xa [ 3253.852114] ? vm_area_dup+0x83/0x230 [ 3253.852405] should_failslab+0x9/0x20 [ 3253.852692] kmem_cache_alloc+0x5a/0x410 [ 3253.853003] vm_area_dup+0x83/0x230 [ 3253.853283] ? lock_acquire+0x1b6/0x530 [ 3253.853591] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 3253.853966] ? lock_is_held_type+0xdb/0x130 [ 3253.854290] ? mark_held_locks+0x9e/0xe0 [ 3253.854577] ? _raw_spin_unlock_irqrestore+0x2c/0x60 [ 3253.854949] ? __pfx_vm_area_dup+0x10/0x10 [ 3253.855264] ? kmem_cache_alloc_bulk+0x43b/0x780 [ 3253.855622] ? mas_alloc_nodes+0x484/0x800 [ 3253.855937] __split_vma+0xa6/0x5d0 [ 3253.856208] ? mas_preallocate+0x163/0x370 [ 3253.856528] do_mas_align_munmap.constprop.0+0x273/0x1000 [ 3253.856937] ? __pfx_do_mas_align_munmap.constprop.0+0x10/0x10 [ 3253.857371] ? mas_walk+0x4b7/0x6b0 [ 3253.857656] ? mas_find+0x20d/0xdf0 [ 3253.857937] ? __pfx___lock_acquire+0x10/0x10 [ 3253.858273] do_mas_munmap+0x1ec/0x2c0 [ 3253.858564] mmap_region+0x21f/0x1b90 [ 3253.858853] ? __pfx_lock_acquire+0x10/0x10 [ 3253.859170] ? __pfx_mmap_region+0x10/0x10 [ 3253.859482] ? security_mmap_addr+0x7d/0xa0 [ 3253.859804] ? get_unmapped_area+0x1e9/0x3e0 [ 3253.860112] do_mmap+0x82c/0xf50 [ 3253.860377] vm_mmap_pgoff+0x1b3/0x270 [ 3253.860662] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 3253.861003] ksys_mmap_pgoff+0x3d4/0x500 [ 3253.861294] do_syscall_64+0x3f/0x90 [ 3253.861582] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 3253.861967] RIP: 0033:0x7f309199db19 [ 3253.862238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3253.863496] RSP: 002b:00007f308ef13188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 3253.864033] RAX: ffffffffffffffda RBX: 00007f3091ab0f60 RCX: 00007f309199db19 [ 3253.864532] RDX: 0000000001000004 RSI: 0000000000002000 RDI: 0000000020ffc000 [ 3253.865032] RBP: 00007f308ef131d0 R08: 0000000000000003 R09: 0000000000000000 [ 3253.865544] R10: 0000000000002811 R11: 0000000000000246 R12: 0000000000000002 [ 3253.866046] R13: 00007ffead1560df R14: 00007f308ef13300 R15: 0000000000022000 [ 3253.866575] [ 3253.866830] loop5: detected capacity change from 0 to 40 [ 3253.890046] FAT-fs (loop5): bogus number of reserved sectors [ 3253.890972] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3253.951646] syz-executor.4: attempt to access beyond end of device [ 3253.951646] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 3253.952964] buffer_io_error: 147 callbacks suppressed [ 3253.952974] Buffer I/O error on dev loop4, logical block 10, lost async page write 22:34:29 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="0fff0000646f7366d8a02b00080101000440102000f801a2", 0x18}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) 22:34:29 executing program 3: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000400)='./file0\x00', 0x40000020) (fail_nth: 8) pivot_root(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') r2 = open_tree(r0, &(0x7f0000000340)='./file0\x00', 0x1100) r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r3, {0x401}}, './file0\x00'}) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3, 0x18, 0x0) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) inotify_add_watch(r1, &(0x7f0000000080)='./file1\x00', 0x0) [ 3254.062123] loop6: detected capacity change from 0 to 40 [ 3254.070571] FAT-fs (loop6): count of clusters too big (42468350) [ 3254.071569] FAT-fs (loop6): Can't find a valid FAT filesystem 22:34:29 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) (fail_nth: 11) syz_io_uring_setup(0x7668, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0) 22:34:29 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0x0, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf [ 3254.213579] dump_stack_lvl+0x8f/0xb7 [ 3254.213871] should_fail_ex.cold+0x5/0xa [ 3254.214182] ? fsnotify_add_mark_locked+0x2eb/0x1290 [ 3254.214548] should_failslab+0x9/0x20 [ 3254.214840] kmem_cache_alloc+0x5a/0x410 [ 3254.215147] fsnotify_add_mark_locked+0x2eb/0x1290 [ 3254.215513] inotify_update_watch+0x94f/0xc50 [ 3254.215849] __x64_sys_inotify_add_watch+0x2c3/0x360 [ 3254.216222] ? __pfx___x64_sys_inotify_add_watch+0x10/0x10 [ 3254.216628] ? syscall_enter_from_user_mode+0x21/0x50 [ 3254.216997] do_syscall_64+0x3f/0x90 [ 3254.217276] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 3254.217671] RIP: 0033:0x7fd13a674b19 [ 3254.217945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3254.219205] RSP: 002b:00007fd137bea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000fe [ 3254.219748] RAX: ffffffffffffffda RBX: 00007fd13a787f60 RCX: 00007fd13a674b19 [ 3254.220251] RDX: 0000000040000020 RSI: 0000000020000400 RDI: 0000000000000004 [ 3254.220762] RBP: 00007fd137bea1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3254.221263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3254.221783] R13: 00007ffcf672f09f R14: 00007fd137bea300 R15: 0000000000022000 [ 3254.222298] [ 3254.260711] loop4: detected capacity change from 0 to 40 [ 3254.262992] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3254.264452] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3254.265387] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3254.266269] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 3254.267277] blk_print_req_error: 127 callbacks suppressed [ 3254.268038] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 19 prio class 2 [ 3254.270994] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.272898] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3254.274219] Buffer I/O error on dev sr0, logical block 0, async page read [ 3254.275240] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.275995] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 7 prio class 2 [ 3254.277201] Buffer I/O error on dev sr0, logical block 1, async page read [ 3254.278135] Buffer I/O error on dev sr0, logical block 2, async page read [ 3254.279077] Buffer I/O error on dev sr0, logical block 3, async page read [ 3254.280084] Buffer I/O error on dev sr0, logical block 4, async page read [ 3254.281028] Buffer I/O error on dev sr0, logical block 5, async page read [ 3254.281981] Buffer I/O error on dev sr0, logical block 6, async page read [ 3254.282924] Buffer I/O error on dev sr0, logical block 7, async page read [ 3254.285814] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.286239] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3254.287252] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.287939] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3254.288646] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.289197] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3254.290628] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.291023] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3254.291732] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.292119] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3254.292985] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.293553] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3254.294409] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.294814] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3254.295546] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.296280] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.297035] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.297567] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.298051] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.298593] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.299069] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.299590] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.300098] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.300731] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.301234] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.301727] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.302213] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.302808] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.303327] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.303843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.304409] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.305061] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.305608] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.306238] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.306902] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.307426] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.307925] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.308488] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.308978] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.309573] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.310071] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.310634] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.311124] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.311653] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.312127] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.312696] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.313187] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.313257] loop6: detected capacity change from 0 to 40 [ 3254.313751] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.314843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.315367] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.315860] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.316440] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.316938] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.317650] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.318130] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.318790] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.320029] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.320570] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.321068] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.321609] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.322086] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.322681] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.323155] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.323761] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.324241] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.324785] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.325338] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.325913] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.327679] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.335234] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3254.338926] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 22:34:29 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf [ 3273.117686] dump_stack_lvl+0x8f/0xb7 [ 3273.118232] should_fail_ex.cold+0x5/0xa [ 3273.118812] _copy_to_user+0x30/0x1c0 [ 3273.118839] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3273.118881] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3273.119347] simple_read_from_buffer+0xd0/0x170 [ 3273.119408] proc_fail_nth_read+0x19c/0x230 [ 3273.119905] buffer_io_error: 66 callbacks suppressed [ 3273.119918] Buffer I/O error on dev sr0, logical block 0, async page read [ 3273.120899] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 3273.120946] ? security_file_permission+0xb5/0xe0 [ 3273.121461] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3273.121924] vfs_read+0x2e1/0x9f0 [ 3273.122430] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 7 prio class 2 [ 3273.123243] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 3273.123692] Buffer I/O error on dev sr0, logical block 1, async page read [ 3273.124270] ? __pfx_vfs_read+0x10/0x10 [ 3273.124780] Buffer I/O error on dev sr0, logical block 2, async page read [ 3273.125196] ? __fget_files+0x270/0x450 [ 3273.125936] Buffer I/O error on dev sr0, logical block 3, async page read [ 3273.126530] ksys_read+0x12b/0x260 [ 3273.127137] Buffer I/O error on dev sr0, logical block 4, async page read [ 3273.127618] ? __pfx_ksys_read+0x10/0x10 [ 3273.128246] Buffer I/O error on dev sr0, logical block 5, async page read [ 3273.128736] ? syscall_enter_from_user_mode+0x21/0x50 [ 3273.129390] Buffer I/O error on dev sr0, logical block 6, async page read [ 3273.129816] ? syscall_enter_from_user_mode+0x21/0x50 [ 3273.130456] Buffer I/O error on dev sr0, logical block 7, async page read [ 3273.130941] do_syscall_64+0x3f/0x90 [ 3273.131831] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3273.132188] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 3273.132859] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3273.133445] RIP: 0033:0x7fd13a62769c [ 3273.133472] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 3273.134067] Buffer I/O error on dev sr0, logical block 0, async page read [ 3273.134539] RSP: 002b:00007fd137bea170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 3273.135194] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3273.135684] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fd13a62769c [ 3273.135708] RDX: 000000000000000f RSI: 00007fd137bea1e0 RDI: 0000000000000005 [ 3273.136478] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3273.136900] RBP: 00007fd137bea1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3273.138523] Buffer I/O error on dev sr0, logical block 1, async page read [ 3273.139356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3273.139379] R13: 00007ffcf672f09f R14: 00007fd137bea300 R15: 0000000000022000 [ 3273.141123] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3273.141638] [ 3273.146695] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3273.147861] loop6: detected capacity change from 0 to 40 [ 3273.151168] FAT-fs (loop6): count of clusters too big (42468350) [ 3273.151829] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3273.153495] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3273.154337] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3273.163062] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3273.163896] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3273.165276] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3273.166065] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3273.167552] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3273.168382] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3273.172611] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 22:34:48 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="040000000a6f7366d8a02b00080101000440102000f801a2", 0x18}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) [ 3273.280193] syz-executor.4: attempt to access beyond end of device [ 3273.280193] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 22:34:48 executing program 3: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000400)='./file0\x00', 0x40000020) pivot_root(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') r2 = open_tree(r0, &(0x7f0000000340)='./file0\x00', 0x1100) r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r3, {0x401}}, './file0\x00'}) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3, 0x18, 0x0) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) inotify_add_watch(r1, &(0x7f0000000080)='./file1\x00', 0x0) [ 3273.381143] loop6: detected capacity change from 0 to 40 [ 3273.393807] syz-executor.7: attempt to access beyond end of device [ 3273.393807] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40 22:34:48 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0) (fail_nth: 13) syz_io_uring_setup(0x7668, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0) [ 3273.413431] FAT-fs (loop6): count of clusters too big (42468350) [ 3273.413967] FAT-fs (loop6): Can't find a valid FAT filesystem 22:34:48 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbfr4, {0x401}}, './file0\x00'}) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000004600), &(0x7f0000004640)='system_u:object_r:useradd_exec_t:s0\x00', 0x24, 0x0) openat(0xffffffffffffffff, &(0x7f0000000640)='./file1\x00', 0x40, 0x1) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3, 0x18, 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, &(0x7f0000000540)='/\x00', &(0x7f0000000580)='./file1\x00', 0xffffffffffffffff) clock_gettime(0x0, &(0x7f0000004580)={0x0, 0x0}) recvmmsg$unix(r5, &(0x7f0000004440)=[{{&(0x7f0000000740)=@abs, 0x6e, &(0x7f0000001b40)=[{&(0x7f0000001880)=""/194, 0xc2}, {&(0x7f00000007c0)=""/39, 0x27}, {&(0x7f0000001980)=""/55, 0x37}, {&(0x7f00000019c0)=""/249, 0xf9}, {&(0x7f0000001ac0)=""/114, 0x72}], 0x5, &(0x7f0000001bc0)=[@rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x138}}, {{&(0x7f0000001d00)=@abs, 0x6e, &(0x7f0000001e80)=[{&(0x7f0000001d80)=""/20, 0x14}, {&(0x7f0000001dc0)=""/131, 0x83}], 0x2, &(0x7f0000001ec0)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xc8}}, {{&(0x7f0000001fc0), 0x6e, &(0x7f0000003080)=[{&(0x7f0000002040)=""/4096, 0x1000}, {&(0x7f0000003040)=""/44, 0x2c}], 0x2, &(0x7f00000030c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x58}}, {{&(0x7f0000003140), 0x6e, &(0x7f0000003200)=[{&(0x7f00000031c0)=""/42, 0x2a}], 0x1, &(0x7f0000003240)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000003280), 0x6e, &(0x7f0000004400)=[{&(0x7f0000003300)=""/4, 0x4}, {&(0x7f0000003340)=""/4096, 0x1000}, {&(0x7f00000046c0)=""/111, 0x6f}, {&(0x7f00000043c0)=""/39, 0x27}], 0x4}}], 0x5, 0x10000, &(0x7f00000045c0)={r6, r7+10000000}) perf_event_open(&(0x7f00000006c0)={0x0, 0x80, 0x5, 0x3, 0xfd, 0x0, 0x0, 0x9, 0x18, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000000680), 0xa}, 0x40002, 0xfffffffffffff800, 0x2, 0x4, 0x6, 0x7f, 0x3ff, 0x0, 0xfd800000, 0x0, 0x6}, 0x0, 0xd, r8, 0x0) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f00000005c0)=ANY=[@ANYBLOB="022ac10a750f4187b19dbe4e6c147a961365be16b756c8c61e17491a2bc7443c683a4b924844136e56e9152e047a42b5670f1805b9668e61b8e58e3e62b51e93c0908604746ddfffce5db5c748c67d77fd079edf014bd7a65e2976770a9e95888adebdd5342401566c"], 0x12, 0x0) inotify_add_watch(r1, &(0x7f0000000080)='./file1\x00', 0x0) 22:35:19 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x500, 0x1000004, 0x2811, r0, 0x0) syz_io_uring_setup(0x7668, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0) [ 3304.404450] loop6: detected capacity change from 0 to 40 [ 3304.427867] FAT-fs (loop6): count of clusters too big (42468350) [ 3304.428731] FAT-fs (loop6): Can't find a valid FAT filesystem 22:35:19 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0x0}) setresuid(0x0, r4, 0x0) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3={0x3000000, [], r4}, 0x18, 0x0) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) inotify_add_watch(r1, &(0x7f0000000080)='./file1\x00', 0x0) 22:35:35 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x600, 0x1000004, 0x2811, r0, 0x0) syz_io_uring_setup(0x7668, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0) 22:35:35 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbfr4, {0x401}}, './file0\x00'}) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000004600), &(0x7f0000004640)='system_u:object_r:useradd_exec_t:s0\x00', 0x24, 0x0) openat(0xffffffffffffffff, &(0x7f0000000640)='./file1\x00', 0x40, 0x1) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3, 0x18, 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, &(0x7f0000000540)='/\x00', &(0x7f0000000580)='./file1\x00', 0xffffffffffffffff) clock_gettime(0x0, &(0x7f0000004580)={0x0, 0x0}) recvmmsg$unix(r5, &(0x7f0000004440)=[{{&(0x7f0000000740)=@abs, 0x6e, &(0x7f0000001b40)=[{&(0x7f0000001880)=""/194, 0xc2}, {&(0x7f00000007c0)=""/39, 0x27}, {&(0x7f0000001980)=""/55, 0x37}, {&(0x7f00000019c0)=""/249, 0xf9}, {&(0x7f0000001ac0)=""/114, 0x72}], 0x5, &(0x7f0000001bc0)=[@rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x138}}, {{&(0x7f0000001d00)=@abs, 0x6e, &(0x7f0000001e80)=[{&(0x7f0000001d80)=""/20, 0x14}, {&(0x7f0000001dc0)=""/131, 0x83}], 0x2, &(0x7f0000001ec0)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xc8}}, {{&(0x7f0000001fc0), 0x6e, &(0x7f0000003080)=[{&(0x7f0000002040)=""/4096, 0x1000}, {&(0x7f0000003040)=""/44, 0x2c}], 0x2, &(0x7f00000030c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x58}}, {{&(0x7f0000003140), 0x6e, &(0x7f0000003200)=[{&(0x7f00000031c0)=""/42, 0x2a}], 0x1, &(0x7f0000003240)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000003280), 0x6e, &(0x7f0000004400)=[{&(0x7f0000003300)=""/4, 0x4}, {&(0x7f0000003340)=""/4096, 0x1000}, {&(0x7f00000046c0)=""/111, 0x6f}, {&(0x7f00000043c0)=""/39, 0x27}], 0x4}}], 0x5, 0x10000, &(0x7f00000045c0)={r6, r7+10000000}) perf_event_open(&(0x7f00000006c0)={0x0, 0x80, 0x5, 0x3, 0xfd, 0x0, 0x0, 0x9, 0x18, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000000680), 0xa}, 0x40002, 0xfffffffffffff800, 0x2, 0x4, 0x6, 0x7f, 0x3ff, 0x0, 0xfd800000, 0x0, 0x6}, 0x0, 0xd, r8, 0x0) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f00000005c0)=ANY=[@ANYBLOB="022ac10a750f4187b19dbe4e6c147a961365be16b756c8c61e17491a2bc7443c683a4b924844136e56e9152e047a42b5670f1805b9668e61b8e58e3e62b51e93c0908604746ddfffce5db5c748c67d77fd079edf014bd7a65e2976770a9e95888adebdd5342401566c"], 0x12, 0x0) inotify_add_watch(r1, &(0x7f0000000080)='./file1\x00', 0x0) 22:35:35 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sendfile(r1, r0, 0x0, 0xfffffdef) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 22:35:35 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbfr1, {0xff}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x9}}, './file1\x00'}) r4 = open_tree(r1, &(0x7f0000000340)='./file0\x00', 0x1100) r5 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r4, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r5, {0x401}}, './file0\x00'}) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3, 0x18, 0x0) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) inotify_add_watch(r2, &(0x7f0000000080)='./file1\x00', 0x0) [ 3348.709964] loop6: detected capacity change from 0 to 40 [ 3348.723719] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3348.724923] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3348.725831] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3348.726706] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 3348.728459] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.729397] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.730514] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.731512] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.732444] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.734079] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.735034] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.736017] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.737123] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.739728] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.741095] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.742484] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.743736] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.745031] FAT-fs (loop6): count of clusters too big (42468350) [ 3348.745637] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3348.745916] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.747257] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.748546] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.749925] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.751995] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.753892] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.755026] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.756153] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.757261] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.759045] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3348.760711] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 22:36:04 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0x0}) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0x81, 0x4, 0x2, 0x1f, 0x0, 0x8, 0x40800, 0x7, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x8962, 0x0, @perf_bp={&(0x7f0000000000), 0x5}, 0x202, 0x8, 0x7fffffff, 0x1, 0x9, 0x3, 0x401, 0x0, 0x3ff, 0x0, 0x6040}, r7, 0xffffffffffffffff, r0, 0x3) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3={0x3000000, [{}, {0xfffffffe}]}, 0x18, 0x0) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r8, 0x6, 0x1, &(0x7f0000000100), 0xc) dup2(r0, r8) inotify_add_watch(r2, &(0x7f0000000080)='./file1\x00', 0x0) 22:36:17 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sendfile(r1, r0, 0x0, 0xfffffdef) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 22:36:17 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x4, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbfr2}, './file1\x00'}) recvmmsg$unix(r2, &(0x7f000000a000)=[{{&(0x7f0000000580)=@abs, 0x6e, &(0x7f0000000900)=[{&(0x7f0000000240)=""/46, 0x2e}, {&(0x7f0000000300)=""/15, 0xf}, {&(0x7f0000000600)=""/85, 0x55}, {&(0x7f0000000680)=""/251, 0xfb}, {&(0x7f0000000780)=""/14, 0xe}, {&(0x7f00000007c0)=""/23, 0x17}, {&(0x7f0000000880)=""/42, 0x2a}, {&(0x7f00000008c0)=""/11, 0xb}], 0x8}}, {{&(0x7f0000000980)=@abs, 0x6e, &(0x7f0000001e80)=[{&(0x7f0000000a00)=""/1, 0x1}, {&(0x7f0000000a40)=""/167, 0xa7}, {&(0x7f0000000b00)=""/237, 0xed}, {&(0x7f0000000c00)=""/34, 0x22}, {&(0x7f0000000c40)=""/152, 0x98}, {&(0x7f0000000d00)=""/4096, 0x1000}, {&(0x7f0000001d00)=""/203, 0xcb}, {&(0x7f0000001e00)=""/106, 0x6a}], 0x8, &(0x7f0000001f00)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x18}}, {{0x0, 0x0, &(0x7f0000003180)=[{&(0x7f0000001f40)}, {&(0x7f0000001f80)=""/4096, 0x1000}, {&(0x7f0000002f80)=""/121, 0x79}, {&(0x7f0000003000)=""/198, 0xc6}, {&(0x7f0000003100)=""/89, 0x59}], 0x5, &(0x7f0000003200)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x30}}, {{&(0x7f0000003240)=@abs, 0x6e, &(0x7f0000003640)=[{&(0x7f00000032c0)=""/20, 0x14}, {&(0x7f0000003300)=""/191, 0xbf}, {&(0x7f00000033c0)=""/234, 0xea}, {&(0x7f00000034c0)=""/91, 0x5b}, {&(0x7f0000003540)=""/3, 0x3}, {&(0x7f0000003580)=""/188, 0xbc}], 0x6, &(0x7f00000036c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xe0}}, {{&(0x7f00000037c0)=@abs, 0x6e, &(0x7f0000003c00)=[{&(0x7f0000003840)=""/15, 0xf}, {&(0x7f0000003880)}, {&(0x7f00000038c0)=""/187, 0xbb}, {&(0x7f0000003980)=""/253, 0xfd}, {&(0x7f0000003a80)=""/128, 0x80}, {&(0x7f0000003b00)=""/64, 0x40}, {&(0x7f0000003b40)=""/27, 0x1b}, {&(0x7f0000003b80)=""/82, 0x52}], 0x8, &(0x7f0000003c80)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000007040)=[{&(0x7f0000003e00)=""/43, 0x2b}, {&(0x7f0000003e40)=""/4096, 0x1000}, {&(0x7f0000004e40)=""/112, 0x70}, {&(0x7f0000004ec0)=""/4096, 0x1000}, {&(0x7f0000005ec0)=""/58, 0x3a}, {&(0x7f0000005f00)=""/249, 0xf9}, {&(0x7f0000006000)=""/59, 0x3b}, {&(0x7f0000006040)=""/4096, 0x1000}], 0x8, &(0x7f00000070c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa8}}, {{&(0x7f0000007180), 0x6e, &(0x7f0000007240)=[{&(0x7f0000007200)=""/47, 0x2f}], 0x1, &(0x7f0000007280)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x110}}, {{0x0, 0x0, &(0x7f0000009840)=[{&(0x7f00000073c0)=""/4096, 0x1000}, {&(0x7f00000083c0)=""/114, 0x72}, {&(0x7f0000008440)=""/15, 0xf}, {&(0x7f0000008480)=""/4096, 0x1000}, {&(0x7f0000009480)=""/42, 0x2a}, {&(0x7f00000094c0)=""/255, 0xff}, {&(0x7f00000095c0)=""/141, 0x8d}, {&(0x7f0000009680)=""/199, 0xc7}, {&(0x7f0000009780)=""/149, 0x95}], 0x9, &(0x7f0000009900)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}}, {{&(0x7f0000009940)=@abs, 0x6e, &(0x7f0000009f00)=[{&(0x7f00000099c0)=""/20, 0x14}, {&(0x7f0000009a00)=""/248, 0xf8}, {&(0x7f0000009b00)=""/103, 0x67}, {&(0x7f0000009b80)=""/79, 0x4f}, {&(0x7f0000009c00)=""/15, 0xf}, {&(0x7f0000009c40)=""/185, 0xb9}, {&(0x7f0000009d00)=""/133, 0x85}, {&(0x7f0000009dc0)=""/111, 0x6f}, {&(0x7f0000009e40)=""/170, 0xaa}], 0x9, &(0x7f0000009fc0)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x40}}], 0x9, 0x100, &(0x7f000000a240)) fsconfig$FSCONFIG_SET_PATH(r4, 0x3, &(0x7f00000000c0)='\x00', &(0x7f0000000200)='./file1\x00', r5) 22:36:18 executing program 0: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000400)='./file0\x00', 0x60000460) pivot_root(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') r2 = open_tree(r0, &(0x7f0000000340)='./file0\x00', 0x1100) r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001480)='/sys/module/mac80211_hwsim', 0x0, 0x0) getdents(r4, &(0x7f0000001680)=""/87, 0x57) mmap$perf(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000004, 0x10, r4, 0x0) r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r4, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, r5, {0x5}}, './file1\x00'}) ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r3, {0x401}}, './file0\x00'}) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3, 0x18, 0x0) bind$bt_hci(r2, &(0x7f00000000c0)={0x1f, 0x0, 0x2}, 0x6) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) inotify_add_watch(r1, &(0x7f0000000080)='./file1\x00', 0x0) 22:36:18 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0xf00, 0x1000004, 0x2811, r0, 0x0) syz_io_uring_setup(0x7668, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0) 22:36:18 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000540)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x2, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x9) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbfr2, {r2}}, './file1\x00'}) syncfs(r5) mmap$perf(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000004, 0x10, r4, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, r4) r6 = open_tree(r1, &(0x7f0000000340)='./file0\x00', 0x1100) r7 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) fcntl$setstatus(r7, 0x4, 0x800) r8 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r6, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r8, {0x401}}, './file0\x00'}) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3={0x3000000, [{0x101}, {0x7}]}, 0x18, 0x1) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) inotify_add_watch(r2, &(0x7f0000000100)='./file1\x00', 0x0) [ 3395.232541] loop7: detected capacity change from 0 to 40 22:36:50 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="046c0000646f7366d8a02b00080101000440102000f801a2", 0x18}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) [ 3395.356191] loop6: detected capacity change from 0 to 40 [ 3395.369230] FAT-fs (loop6): count of clusters too big (42468350) [ 3395.370413] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3395.387729] syz-executor.4: attempt to access beyond end of device [ 3395.387729] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 3395.416679] syz-executor.7: attempt to access beyond end of device [ 3395.416679] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40 22:37:03 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x1500, 0x1000004, 0x2811, r0, 0x0) syz_io_uring_setup(0x7668, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0) 22:37:03 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="04740000646f7366d8a02b00080101000440102000f801a2", 0x18}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) 22:37:03 executing program 0: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000400)='./file0\x00', 0x40000020) pivot_root(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') r2 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000e880325132510000e880325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530", 0x45, 0x12000}], 0x0, &(0x7f0000011200)) openat(r2, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(r2, &(0x7f0000000000)='./file0\x00', 0x400500, 0x40) r3 = open_tree(r0, &(0x7f0000000340)='./file0\x00', 0x1100) r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r3, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r4, {0x401}}, './file0\x00'}) perf_event_open(&(0x7f0000000440)={0x5, 0x80, 0x20, 0x40, 0x7f, 0x4, 0x0, 0x525b88d5, 0x103, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, @perf_bp={&(0x7f00000000c0), 0x8}, 0x40, 0x4, 0x8, 0x2, 0xffffffff, 0x3, 0x4b8, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x3, 0xffffffffffffffff, 0x2) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3, 0x18, 0x0) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) inotify_add_watch(r1, &(0x7f0000000080)='./file1\x00', 0x0) 22:37:03 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0xffffffffffffffff, @ANYBLOB='\x00\x00\x00\x00'], 0xf8}}], 0x1, 0x40000000, &(0x7f0000000300)) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r5, 0x6, 0x1, &(0x7f0000000100), 0xc) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000680)) inotify_add_watch(r1, &(0x7f0000000080)='./file1\x00', 0x0) [ 3408.454651] FAT-fs (loop6): count of clusters too big (42468350) [ 3408.455107] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3408.458953] loop5: detected capacity change from 0 to 40 [ 3408.462182] loop6: detected capacity change from 0 to 40 [ 3408.463172] FAT-fs (loop5): invalid media value (0x00) [ 3408.463673] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3408.464520] FAT-fs (loop6): count of clusters too big (42468350) [ 3408.464936] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3408.482009] loop7: detected capacity change from 0 to 40 [ 3408.493703] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3408.494378] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3408.494840] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3408.495312] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 3408.495823] blk_print_req_error: 84 callbacks suppressed [ 3408.495834] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 16 prio class 2 [ 3408.497359] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.497741] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3408.498363] buffer_io_error: 90 callbacks suppressed [ 3408.498373] Buffer I/O error on dev sr0, logical block 0, async page read [ 3408.499301] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.499687] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 7 prio class 2 [ 3408.500251] Buffer I/O error on dev sr0, logical block 1, async page read [ 3408.500760] Buffer I/O error on dev sr0, logical block 2, async page read [ 3408.501247] Buffer I/O error on dev sr0, logical block 3, async page read [ 3408.501755] Buffer I/O error on dev sr0, logical block 4, async page read [ 3408.502239] Buffer I/O error on dev sr0, logical block 5, async page read [ 3408.502746] Buffer I/O error on dev sr0, logical block 6, async page read [ 3408.503226] Buffer I/O error on dev sr0, logical block 7, async page read [ 3408.503938] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.504367] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3408.504931] Buffer I/O error on dev sr0, logical block 0, async page read [ 3408.505572] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.505964] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3408.506579] Buffer I/O error on dev sr0, logical block 1, async page read [ 3408.507164] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.507665] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3408.508428] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.508831] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3408.509586] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.509981] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3408.510688] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.511075] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3408.511802] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.512191] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3408.512906] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.513473] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.513993] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.514493] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.515160] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.515785] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.516324] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.516781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.517469] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.518189] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.518813] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.519379] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.519898] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.520407] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.520913] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.521470] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.521925] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.522570] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.523816] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.524345] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.524832] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.525336] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.525814] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.526361] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.526854] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.567098] loop4: detected capacity change from 0 to 40 22:37:03 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="04760000646f7366d8a02b00080101000440102000f801a2", 0x18}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) [ 3408.602528] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3408.603942] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3408.604841] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3408.605641] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 22:37:04 executing program 3: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000400)='./file0\x00', 0x40000020) pivot_root(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') r2 = open_tree(r0, &(0x7f0000000340)='./file0\x00', 0x1100) r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r3, {0x401}}, './file0\x00'}) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3, 0x18, 0x0) lstat(&(0x7f0000000000)='./file1/file0\x00', &(0x7f0000000200)) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) syz_mount_image$nfs4(&(0x7f00000000c0), &(0x7f0000000300)='./file0\x00', 0x7, 0x2, &(0x7f00000005c0)=[{&(0x7f0000000440)="853546d3de29a0f1717f7650438270aa4c35f34ca50e618418f0ede75e36237a6adca71be7ec278a6b4da69ce6648a136119674b9c600f05a169f2e72d438c1756c9c8a5183e915eda373602b8ae0bd5efed4949a645fd3d61eba63b4691e52a9aedb29759106ac24f2f25de8815b7a3ae530be0f67053430902f3c857ab322114b5f542757ad41fb3783e476faf3de19e575639a9667894968a71c133b0a511101881be466e75b38405e5f51efc49ff0e90", 0xb2, 0x8}, {&(0x7f0000000500)="68187426f30be5f6c8f1fff1a09edff5e142a7e98e28f2fc5eb8b1850b94716fc3a1129dc23775ae9b6f4445f59be526004c19d8a65a45f604947a0f895ec9c07677259ccc642d6896297c79c1c6f3493285d1fcfe07b4ac0c0f099ffef81c09095872c8d2045f35b3018983893d1b55b7fd2319815be0914114197add31931c24a21223e19b035d0898ae3ecb68ad00260a825d5e071a6b301b27426c6b40acdb14b700b1cbfe7576bd6670c52d28", 0xaf, 0x800}], 0x4, &(0x7f0000000600)={[{'--$/\x1c@'}, {}, {'@.{\')/\xc7+-}'}, {'%+$'}, {'security.capability\x00'}, {}], [{@seclabel}, {@pcr={'pcr', 0x3d, 0x34}}, {@obj_user={'obj_user', 0x3d, '-'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@subj_role={'subj_role', 0x3d, '[*[@'}}, {@subj_user={'subj_user', 0x3d, '%'}}, {@subj_user={'subj_user', 0x3d, '\r'}}]}) inotify_add_watch(r1, &(0x7f0000000080)='./file1\x00', 0x0) 22:37:04 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x1600, 0x1000004, 0x2811, r0, 0x0) syz_io_uring_setup(0x7668, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0) [ 3408.755080] loop6: detected capacity change from 0 to 40 [ 3408.768750] syz-executor.7: attempt to access beyond end of device [ 3408.768750] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 3408.774576] FAT-fs (loop6): count of clusters too big (42468350) [ 3408.775463] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3408.815521] loop6: detected capacity change from 0 to 40 [ 3408.820705] FAT-fs (loop6): count of clusters too big (42468350) [ 3408.821773] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3408.836783] syz-executor.4: attempt to access beyond end of device [ 3408.836783] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 22:37:04 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0/file0\x00', 0x0, 0xfffffffffffffdfb, 0x0, 0x1088440, 0x0) r2 = inotify_init1(0x0) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x40000420) pivot_root(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') r3 = dup3(r0, r2, 0x80000) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001480)='/sys/module/mac80211_hwsim', 0x0, 0x0) getdents(r4, &(0x7f0000001680)=""/87, 0x57) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r4, 0xc0189378, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {r2}}, './file1\x00'}) syncfs(r5) mmap$perf(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000004, 0x10, r4, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, r4) r6 = open_tree(r1, &(0x7f0000000340)='./file0\x00', 0x1100) r7 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) fcntl$setstatus(r7, 0x4, 0x800) r8 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r6, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r8, {0x401}}, './file0\x00'}) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3={0x3000000, [{0x101}, {0x7}]}, 0x18, 0x1) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) inotify_add_watch(r2, &(0x7f0000000100)='./file1\x00', 0x0) [ 3408.852480] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3408.853621] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3408.854493] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3408.855263] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 3408.858872] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.859827] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.862606] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.863155] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.863817] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.864368] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.864989] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.865956] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.866526] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.867040] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.867701] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.868214] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.868757] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.869234] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.869794] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.870318] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.870815] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.871401] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.871964] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.872504] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.873018] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.875360] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.875848] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.876420] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.876885] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.877442] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.877995] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.878537] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.879055] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.879696] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.880210] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.882397] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.882898] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.888620] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.889154] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.889688] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.890146] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.890628] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.891108] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.891600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.892061] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.892562] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.893085] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.893667] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.894126] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.894659] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.895231] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.897507] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.897997] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.898528] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.899082] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.899605] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.900123] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.900600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.901056] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.901553] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.902015] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.903785] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.904338] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.904811] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.905590] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.906150] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.906859] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.907488] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.907988] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.908518] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.909096] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.909597] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.910061] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.910652] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.911135] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.911674] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.912175] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.912816] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.913453] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.914140] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.914676] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.915159] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.915759] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.916243] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.916773] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.917361] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.917897] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.918432] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.918917] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.919517] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.920005] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.920537] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.921037] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.921575] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.922130] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.922644] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.923354] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.923847] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.924499] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.925077] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.925650] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.926128] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.926732] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.927224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.927803] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.928320] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.928818] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.929396] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.929881] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.930596] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.931140] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.931732] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.932217] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.932745] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.933242] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.933788] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.934334] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3408.934828] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 22:37:04 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="04780000646f7366d8a02b00080101000440102000f801a2", 0x18}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) [ 3408.957070] loop6: detected capacity change from 0 to 40 22:37:04 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbfr0, {0x0, 0x100}}, './file0\x00'}) fstat(r2, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lsetxattr$system_posix_acl(&(0x7f0000000540)='./file1\x00', &(0x7f0000000580)='system.posix_acl_access\x00', &(0x7f0000000640)={{}, {}, [{}, {}, {0x2, 0x2, 0xee01}, {0x2, 0x0, r4}], {0x4, 0x2}, [{0x8, 0x5, 0xee00}], {0x10, 0x7}, {0x20, 0x1}}, 0x4c, 0x2) openat(r3, &(0x7f0000000500)='./file0\x00', 0x484080, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0xc0709411, &(0x7f0000000440)={{0x0, 0x7, 0x101, 0x4, 0x7, 0x9, 0x9, 0xfc46, 0x45e7ffae, 0x4, 0x1000, 0x0, 0x64c2, 0x8, 0x2}, 0x10, [0x0, 0x0]}) sendmsg$NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x38, 0x0, 0x1, 0x70bd26, 0x25dfdc00, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x38}, 0x1, 0x0, 0x0, 0x200080c0}, 0x40) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f00000003c0)={0x5, 0x7ff, 0x4}) 22:37:21 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sendfile(r1, r0, 0x0, 0xfffffdef) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) [ 3426.125427] loop4: detected capacity change from 0 to 40 [ 3426.138956] loop7: detected capacity change from 0 to 40 [ 3426.141948] FAT-fs (loop6): count of clusters too big (42468350) [ 3426.142423] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3426.149544] loop6: detected capacity change from 0 to 40 [ 3426.157225] FAT-fs (loop6): count of clusters too big (42468350) [ 3426.157843] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3426.187423] loop5: detected capacity change from 0 to 40 [ 3426.196938] FAT-fs (loop5): invalid media value (0x00) [ 3426.197404] FAT-fs (loop5): Can't find a valid FAT filesystem 22:37:21 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="04880000646f7366d8a02b00080101000440102000f801a2", 0x18}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) [ 3426.229614] syz-executor.4: attempt to access beyond end of device [ 3426.229614] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 3426.230817] buffer_io_error: 242 callbacks suppressed [ 3426.230828] Buffer I/O error on dev loop4, logical block 10, lost async page write [ 3426.245648] syz-executor.7: attempt to access beyond end of device [ 3426.245648] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 3426.246779] Buffer I/O error on dev loop7, logical block 10, lost async page write [ 3426.272641] loop6: detected capacity change from 0 to 40 [ 3426.288926] FAT-fs (loop6): count of clusters too big (42468350) [ 3426.289567] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3426.295788] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3426.297225] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 22:37:21 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0x0}}, {{@in6=@private1}, 0x0, @in=@initdev}}, &(0x7f0000001b40)=0xe8) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000001b80)={0x0, 0x0, 0x0}, &(0x7f0000001bc0)=0xc) fchownat(0xffffffffffffffff, &(0x7f0000001a00)='./file0\x00', r3, r4, 0x400) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f00000003c0)={0x5, 0x7ff, 0x4}) 22:37:50 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbfr3, {0x401}}, './file0\x00'}) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3, 0x18, 0x0) r5 = openat2(r4, &(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)={0x24001}, 0x18) openat(r5, &(0x7f0000000200)='./file0\x00', 0x111000, 0x41) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001480)='/sys/module/mac80211_hwsim', 0x0, 0x0) getdents(r6, &(0x7f0000001680)=""/87, 0x57) mmap$perf(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000004, 0x10, r6, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r6, 0xc0189373, &(0x7f0000000300)={{0x1, 0x1, 0x18, r2, {0x9}}, './file0\x00'}) inotify_add_watch(r1, &(0x7f0000000080)='./file1\x00', 0x0) 22:37:50 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="04120100646f7366d8a02b00080101000440102000f801a2", 0x18}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) 22:37:50 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0x0}) fcntl$setownex(r5, 0xf, &(0x7f00000000c0)={0x2, r6}) r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001480)='/sys/module/mac80211_hwsim', 0x0, 0x0) getdents(r7, &(0x7f0000001680)=""/87, 0x57) mmap$perf(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000004, 0x10, r7, 0x0) setsockopt$inet_IP_IPSEC_POLICY(r7, 0x0, 0x10, &(0x7f0000000440)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4e22, 0x81f2, 0x4e22, 0xffff, 0xa, 0x120, 0x80, 0x3a}, {0x4, 0xfffffffffffffe00, 0x1, 0x28, 0x200000000, 0x10000, 0x100000001, 0x69836352}, {0xfff, 0x7fffffff, 0x8, 0x6}, 0x8001, 0x6e6bbb, 0x1, 0x1, 0x2, 0x3}, {{@in=@private=0xa010100, 0x4d3, 0x3c}, 0xa, @in=@loopback, 0x34ff, 0x2, 0x0, 0x1, 0x1ac0, 0xb061, 0x6}}, 0xe8) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) inotify_add_watch(r2, &(0x7f0000000080)='./file1\x00', 0x0) [ 3484.273457] loop6: detected capacity change from 0 to 40 [ 3484.282687] FAT-fs (loop6): count of clusters too big (42468350) [ 3484.283154] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3484.284468] loop5: detected capacity change from 0 to 40 [ 3484.285975] loop4: detected capacity change from 0 to 40 [ 3484.295186] loop7: detected capacity change from 0 to 40 [ 3484.308575] loop6: detected capacity change from 0 to 40 [ 3484.332758] FAT-fs (loop6): count of clusters too big (42468350) [ 3484.333881] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3484.343050] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3484.344035] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3484.344668] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3484.345160] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 3484.345729] blk_print_req_error: 197 callbacks suppressed [ 3484.345740] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 9 prio class 2 [ 3484.371196] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3484.371964] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3484.372881] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3484.373379] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00 [ 3484.373913] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 8 prio class 2 [ 3484.374521] buffer_io_error: 202 callbacks suppressed [ 3484.374530] Buffer I/O error on dev sr0, logical block 0, async page read [ 3484.375518] Buffer I/O error on dev sr0, logical block 1, async page read [ 3484.376013] Buffer I/O error on dev sr0, logical block 2, async page read [ 3484.376547] Buffer I/O error on dev sr0, logical block 3, async page read [ 3484.377034] Buffer I/O error on dev sr0, logical block 4, async page read [ 3484.377559] Buffer I/O error on dev sr0, logical block 5, async page read [ 3484.378054] Buffer I/O error on dev sr0, logical block 6, async page read [ 3484.378556] Buffer I/O error on dev sr0, logical block 7, async page read [ 3484.410113] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3484.410703] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3484.411426] Buffer I/O error on dev sr0, logical block 0, async page read [ 3484.411987] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3484.412410] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 7 prio class 2 [ 3484.413001] Buffer I/O error on dev sr0, logical block 1, async page read 22:38:19 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="04060500646f7366d8a02b00080101000440102000f801a2", 0x18}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) [ 3484.482505] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3484.483409] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3484.483900] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3484.484427] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 3484.484949] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 6 prio class 2 22:38:19 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0xffffffffffffffff}, '\x00'}) openat(r3, &(0x7f0000000540)='./file0\x00', 0x209101, 0x62) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) perf_event_open(&(0x7f0000000480)={0x3, 0x80, 0x2, 0x1, 0xf5, 0x35, 0x0, 0xd1d, 0x310c52596911188f, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80000001, 0x1, @perf_bp={&(0x7f0000000440), 0x8}, 0x4000, 0x3, 0x13c0, 0x6, 0x3f, 0x0, 0x7f, 0x0, 0x5, 0x0, 0x7}, 0x0, 0xc, r1, 0x0) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf 1 [ 3501.879221] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 3501.880725] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 3501.884234] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 3501.886147] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 3501.887617] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 3503.902368] Bluetooth: hci1: command 0x0409 tx timeout [ 3505.950372] Bluetooth: hci1: command 0x041b tx timeout [ 3507.998395] Bluetooth: hci1: command 0x040f tx timeout [ 3510.046369] Bluetooth: hci1: command 0x0419 tx timeout [ 3522.029537] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3522.030662] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3522.032967] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 3522.076318] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3522.077475] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3522.079965] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 22:39:10 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000100), 0xc) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000200)={0x0, 0x0}) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000000)=r1) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000400)='./file0\x00', 0x40000020) pivot_root(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') r4 = open_tree(r2, &(0x7f0000000340)='./file0\x00', 0x1100) r5 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r4, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r5, {0x401}}, './file0\x00'}) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3, 0x18, 0x0) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) inotify_add_watch(r3, &(0x7f0000000080)='./file1\x00', 0x0) 22:39:10 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0x0}) sendmsg$NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000480)={0x40, 0x0, 0x1, 0x70bd26, 0x25dfdc00, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x40}, 0x1, 0x0, 0x0, 0x200080c0}, 0x20000082) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r4, 0x6, 0x1, &(0x7f0000000100), 0xc) dup3(r4, r2, 0x80000) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f00000003c0)={0x5, 0x7ff, 0x4}) 22:39:10 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0x0, 0x0}) futimesat(r0, &(0x7f0000000d40)='./file1\x00', &(0x7f0000000dc0)={{r4, r5/1000+60000}, {0x0, 0x2710}}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000a40)={0x0, 0x0}, &(0x7f0000000a80)=0xc) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000ac0)={{{@in, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6=@dev}}, &(0x7f0000000bc0)=0xe8) syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f00000000c0)='./file0\x00', 0x7, 0x9, &(0x7f0000000940)=[{&(0x7f0000000440)="d9ca14d6661b3ccafac0f34507aa23c11efbef10733ab26974630f05057d3a3a891154f6afb3734cffedd35ea491fc33dbb180c787459f436a8c740ce7aae76deebee131197793f33c7715cc378c1d452d710473207e61545e561ff2d45a6d83154ae370aa2963cfa38b64220792b15b4edc51dbedd8e7d32543e8ed8ccc3363152c0870c28a3aa0156f086c977bfc849cd2", 0x92, 0x6000000000000000}, {&(0x7f0000000200)="2fae100e0d6edcf21ba7501ab8b7ec59d7dfae827d64b6fc448e14159338285064293dacc6c3163e684ef85e97e18d5b3d21efe42ad7b69783a7c41a2dbff7ba94e9cf71be86eccdf1af958d513b5349448cce3261ab5f748c7716fa2704bb", 0x5f, 0x3f}, {&(0x7f0000000500)="a76466485a9a7940dde8363f9baaab82add9b7f239f005aa4b7fd023be731a71cf79241e2c6f61790296de1ae11d8f076695ec7c34544523c84694bfc14407eab643c048fc6dd2e43e6a9b57364c6af27766b324c0f82ed9bdc530e144504f9a8eca1e69219c0f2259a7ebc6ee01391be6487b9673dac35885ba795fbdbf61d23d77e7a3ffa163f79d190b8f35364d7878156bf0b1e63dcfda7452d1bc2a9b3e0ec959831b16d804f71335aa9534d77a149b41c40db4816d8afea81fca2c85ac5b264b72fe3d309db7277c42a6d88c8a42ae3e6899a09abf0f5f6a51702de2617ef62b5cd730b1dc392b9eed90b77a3b9dc610", 0xf3, 0x5}, {&(0x7f0000000600)="cd204521578c02b066ec88a62a60a9e9f8791868e9fd1a583d31cb167c8716540a20d80eb5a7f201d33c17b2cb26b71b4f7626906577420520a16449ed58f34b66840cf0b2ace4cdc7c53af48ff96ef22a47026163e0e21905cf993bddb3761734af2d9d68a6bd7126a76ac8a2529bdcc11ff2b88b0104032d2e6f261a495ce2b93fbd9db4ad67e6364ff4176bc08c616bf92745040115a8035cafe64b4a658cd7ecc14fade06cb58c80bce9725a1507e55644dca8fd926c1f7976f07045880c5d181a405e3a4ab727a5e7154633c9d9dbfafbb7046c808069335f8b0a6300cc5385b26963c62b571e46d4301c", 0xed, 0x5}, {&(0x7f0000000300)="816ff49f6aa8a9dc90e08a4a39ab5c6caa96e2eee1c8824c", 0x18}, {&(0x7f0000000740)="fb1d9b1a17c6fa24b1f68f8ae695be3c2ea6524b12b7d5135872baa8063835f88ea6394fb71c01fb0e6d600f878d0dfd135d5626d89372dcb89232e4c27ec72f6b643f23fac8eec9f5283919828f30f5ad540a454861606a137cbb9bad56d05ad81f167f75645f987072edd16bff7f930d295a7b2821599ed09f1de03bfc9a5d4da51b4254", 0x85, 0x3926}, {&(0x7f0000000880)="2f2fbb45d5f0ffc982cb89b401e30e392c4125471fda4d79ebc3302045e929a7947737c7b1d640158513c9ed73d34b1a545c4483c64e9a80ab6ecced42", 0x3d, 0x1ff}, {&(0x7f00000008c0)="69d4c283a77c0b5c89bbffe1dbdb9648cf2c1200f70a967deed7f8568f384d2286bf82e0", 0x24, 0x3}, {&(0x7f0000000900)="e7be3124b3ef7d04ba4338fb2a3a770aa878c26689c438544eaeb706293c96c8b9e800897b5076ae1881191258a962daef252f", 0x33, 0x8}], 0x20000, &(0x7f0000000c00)={[{@jqfmt_vfsold}, {@init_itable_val={'init_itable', 0x3d, 0x6}}], [{@euid_lt={'euid<', r6}}, {@euid_eq={'euid', 0x3d, r7}}]}) inotify_add_watch(r1, &(0x7f0000000080)='./file1\x00', 0x0) 22:39:41 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0x0}) setresuid(0x0, r4, 0x0) quotactl(0xdd18, &(0x7f0000000000)='./file1\x00', r4, &(0x7f0000000880)="9929e4ce1a0537d929f2cf424703227ee6a562463f7f8892c37bafdac6b93512551a10db6b56d94d77721352d72ed7fcfd0c14201d41eed4910796e2e458a99dd2ea95af0b994b19d1dd89b22634aeb6b0b7d8bd6917e3dd025cbdbd68b16b652e2bd7bb8966fb98e526752368d1372dd5c4831bcfc87a5b773cdfbdd56f44a257adbce9a413627dca1bcc09c0bcb1aea3201c967e62e665272d441db3dd59b58e24c125ad11c0c6ed30a691de5f142b2a571da1492f715fb5574c6048e89f39fe38f1f4d413b3511ba16c84aeb073cca97214c1252d541996bdb9205d19a821577a54a44dc228d4bbc831e3f171bb3d9902e93224a9623fa63ae8b7fef3567545a53b97fc3267196cb41b53cd7b530bdc5fa4f9b001e22cdb8083b2d9c1199a2d5573eed872d540e71f3604ad8985b227d9c8482ef0e90c0d967c376590363b7fa6e05769f0aa5dd6cbf49269487b337cc7e4c9d535cd13b4fe69df555846ec046b4e107ef42182cf7efa4c0981de2c6394dc9255af5edc61bc58b41859d6f131a54b58ff921b689ccc81c8cdeaf8734e3269276aaf36fe361652fcc7a8d291a4e20246829479d7502f190b13c9dffc6a8472abb03fde7536c85c1610f302090e044ce24643dd08f480c42029ce5435483af2e6b5eabc2c0a66b8d068347845dba81bf8e761b5589ff0ade113133b492ef612cfff479630ddefdf388adee1e2cedf875b1983e2f99696c660b4dd8c2ba642a1c8488f04b7913dd309600944f95b03c805fbf31bd07da61d230967e8d6c028a310b05cfeeee1e79d50c954f75cd60f32a2181a08305eb7382441c80f2e999becfce2a2b5522c288527a108bc155d6195fece0d0ef7058440b0e378d72d9167b28e8f0787e5fd7e58c0063e943447746f47e92efdd64e740f2fe2ef56d3fd45c5689aed67ac7033af65217788ca5ee3e275c0b6c908dcc0c87830765e82487c9f6b5d66717c340ded81bd7e2e0e284240fb12abd8c49cacecc4e84820d7cd911f1babc19e5545d33d998f6e71abe2042496fa18678747d76f788c19e21b65f83e995acdc7dc85e40e60be6dc9c96eef1cbfe0bf0d83618481bd989f0a0b39ec80d08b8be39750e2f60e4953178b64973776dbfbe01f58fec181b9d3d6ee6c6fc5ee33500db28d37c77a3cb289405014ccf1d3d830b9b613ca8fc28591905ec042564b7b5aae6a466f3617983e55d3d532e82e4abb2206477c53a3f5139874015b46ffb13aea7889361a72fd12048205558b0165486e04348306498bf1bc0d10bc9d38d23b0a6ccbac74c0182bd57ade9c2e59444b3e7865c518ad9caa059142acb8aa8dc97d07459f1dd1776363ee978c1e5f7fe841fa2e5af7029bab92a204d495ab70873980f460041ebe39517c18ea1faec6293a21c69c0b8487e2bfde4c2b8e4631169e9d99d337205faa87fd673ec02ed4a4170c9ef0212a9d69344ee09bccffbf35434cbd9b92b09aa8191085cec7146893d717150220dd9d8960c5567dec609827eb8511ce29b63118b2968767ac4fe8a8aca33a18db8e78fbb83763e3cc3969090ea9954b556da3676070e61b5bd92d74f04431a72313a4c3e498749d7a7832014d5fda51dc5ce7ee6f9c3c0656391b81b79095ad3f825bd3d22c261605e7ff532955a2854d5a40e7c7cb3fb2d5b8400299c2a4efee3cd046c57067da7fd10e977866fd8c67206ab1086627417bc6b885cf0248f68395a8a4f4caa1251c26e664e6c053ee603597d0f307114cbec4a846d6ae902343f4749237974281850d15729a6ed02cbd820c5140a2c1c2ec441039f25e651203ad7fe1f2039cd29c26a051d925f920ada059ac92768edcad78d784d1f0388283dad17175aa30a17a89b2bdd9ab55ae918e4f496c64e9ed7805c81f6fc2f5895b42994d7eaad420c27a16c52d90b19bd648584169a75322c48c46ed6a922a53e3f477aea14cf1b7a6e7bcc5c5d23b40f0772b30287bcfea787659525a4b205c0aaf33d55bde622b39a646ce0fee5810eaf10c9b23e6f917e9dd17b90a3c203147d2ecd146870e95fe5112ef6de031da07867b251a9aa35009c98c309dc0e3502f5c3403260ac16d402c00a2fd5938626980a8ac27fa1f2c26816e54691b435938ec2753dd03c4af8590ffb2b3a15a04e35c20490c153471dac95853eaff33e8d95a2d11e3834f796c7a0e8e4138fd83e47b10e3d08a90bb321b0fe14b077ff023494cec4e974b24871e001105c5503da1411422ee8e954f4f40b3edde9f47613219710e27b9907833a91b66bd09952caabaec204ae5e8954f971f2ed1cc80d3c674b28c904a43202283c18a39282ebd037d9d90bf261bb8cb0f7a94dddad55b1d8e018bf57ef9bc4b109d44d76b1a4a123cc8e56ce2460f7a224ef3714a06339f62edc4d286cac65052e726629f87769fea394c422da36a6f2cc602339e8755eeab4a5fbd8e381dc83bcbda907711bfad174ba49f631118a75caeb733920678e5c4537ad94d10251425d597aa0ca091b479d4ef1f1db69967c593987557914841b3a3e5ba74f0b342e960d0bae88c9b09430c36780ac4ca3f25ffdd90892e81198c1f05ad71afade11980f5a29ff6e026ba1940f360e309e83064d7bf95e9933115d44bb9300f1a5c64b34d5bafcb05e43f6bb1b1e97b7dbd43e20ec4231b99da2a9cdf24e7b884bcefe8f853cbec2e741f2045021e27f198fa08937a72aab197d5ef123befc795427ecd533f328967e96cd76df0df6b71c113300d06ccf5758cac8a468f4103098991e77c8422e6dd7cf7a3576b26a98e52974051b98df26b6a1799da9833e44a512cf18bd56edf78cc19db72db8c79b193218d2525b1d31c6fe1eda683018e4bbfed2abea58ba2f06af1607761d364f9032cdedfd4ca3de763a04a1b772db3b4ea7ab50078a63298cfbcd9bd805ec4f97dcf1afe919d39bbf83e4632403a7805f740c7fc36c8ec9701c13946ffcd9ed62e4f6ee910e6f82ecd4e0df743b70f6899e8e218791999cdef525fe161eda2e9e4b5b79d4c8f97a55f12514e350062e7f7cbd12446c2a6ff14ea0d6c6ab4a2eba0cbd03400d2bc0f77c00b6fdc4d43af0f990b0d59cbaf4bf3abf7dea1d13e17d5f56cacf38694bc805b7bff2781589f1adc7aee169cf99f3079ccd42c78d652a0a8bfb94804f5ac512f8334a2af46cc1214227979e74af6e907a85801b4ecaf59ccc0ce66aacafd06cda4d1f1d548c5c23165659140fbe65938c65989c911096d0ee19b08acbf415257b533fd2b99b54cea52417f5c40ddd19dec8c481a9822e1b07ce99f00fb2044191c964cb97c8c3549a9aa75a25de7d343e2e69651521f61a5f7fb8e3d40d25c543c13940ff2b2fc04e718f6b177aca7a13d2c15f951772e2d8157700a62da8092381a5551a1e4d245867286d82ba1e96c48c959f9cba20df6a961ae7443bf8c34f0bbde1a61840420c173d3f6b3e3ca9100ffcfbf562cdf7470caa2425ee161c7f7b10eb1ec9b7b8842c85bbf8c78fbeb0c2de8a2fe15e3fdea3f113235d3cacc59f0bce5fd924188a11384343369cb72748552c9a0dfc61aa89cec2498e1cbd81ae347c9492e2e2720ff01f012b46add3b95b15d4609d9f23f6c3286b58892e37f569b8cd39a9a558a65beef893c38f6af2159a7baec4c8c3c0bce72c7abf46b7885c02c64e94ed23c52587f78c83a208cf823c56a10aec36ecf5b49beccc8c0ea65e8249c120d8c639d87312daac3bdcb9de6f809f5dedbe3bce33498db4df2bdb45ac8ae3cf1e42df9fea2a331975950b878194b1fb4ec43170fbf9423df309f8904d1ffc2e2d5f2df2a9b0c4581c57af0887cf090d4730ad159cb258031d78944b7de28f014c28ce9e43c104e33c1a9599fb09bd05033268f57f264ec8a4c3a422e4b8af5e0b4213002b8324abed838c3a55fd09d5e12bca1e64144aa2ad7e150d29678af78d22701689b708c8dc3b7bcb586e01e239ad3138695ac920fe5dc631609fc61e653e155092b26e6015fb7abcf72df73435a0ed36ab39bdb6bbc2a51d0a073cc006e06b6f21868b1b39cc37a39acdcbeb60fa1a3fd227c7e96dff27ecd6c8b2c411428ff10563017048f1a732ff92d0a20ee286c4a4773800279f0c9c980ad55df301c631824116a793a7f05cff2eb8fed6dcdcdfafac3e74bb3f09c72f4a680685e97b9b96da76766c21735da56f16168dad0811d6b6d6999bdd90eff7a2fec95bc8c0083d078cd226e049e3e0855571d951afcf3461690e16bdbfeab40956d15d7a6ac6782934e58d216943cf9ed97ec8916d0a54678be7eae9317dd07e3d5be1f858f9799240e3c2bd7b11029c25823e89cc944c77cd2548575c56da1225ca766622ed3120ea77e1b12c406141edf5fd192f3883efff0b25b507491cc0421fbe46d93089d1d674edf417d1b707f3ae7a80bf2da8bfa3489ce800b4483da0ae5d60ea2930fd6e65cd274a3db1475641f80805b85c6dec2fb84e6b5000294c85fab53e65bd483ab77b29a4a71846cfae21b3cebd5e0d005d5f2bf3f3233dc3a622ac0254c72c3fd07d8ab1362dc045443d62df20378396f285028ff597769feedcc7757b24b163026655bbf0709700dc8797870341bacc5bfdf235f66ed45463b4b8f189f9678aeea31245418f660495a58eeb66cfca5737ef75b1a663bbcd06dde69416bb18bf984f99e1b93ce98b849c8f1de5bbc1a56e6c56f8e8f3819d71ab0d181065416b093fdde147608717390cef5ba2138fe98f3b95e4110900aff94810195abba88bdc8eb1ff6d3616a6333b88554d44c48483f2f2f14149420f70c0eaa738e4b1787f8408a359225a1fea5b8ea95383fa1e5cc39358bacd7755cb700d68a87acace021b330b527df76d7236e7ebd9af7afee67a2046bebe5506d68e8d12f033d9183a2996cf9eb0ff2924903cdbd47c9f159ddfa56797fed0846686cd63d49338f3eff43c458f9878289ed1539c19f25cb19aa172f2440b55e4f3ee4dc9194468625ff3ee5f252517d32b408198a13627ec462dbce9648be76c8a7f212a72313640c35962c3671579c25ab3d6086acd81b25b65d079e96c2bb2d74d5c974afd3893cc5eb63ae96e590376d34acc5c81de5f71c6ffb89550c76874a367a5c3cb586576b0a4d9a3afe28f688ab51a7db2479066b5b02fdfdb7372882b9471cedf95b847316e03f3ed6ec44e0a9d8ef3b0b1d6c0c6d06f8d7b481496407e7bda746e72001dffd3b9fcbb7d52d4af35ec8869c5e3c7227c1812c0071bb9102865ab75efecda92020dc6a1f381673dbacbafe721b5222a5b17cc61ad86958a660cc1daf4d2b519d318df55127c7e9c75c0428f68ac3e5f8c45a8d4fe23541fc949622d143cb4462a1a8adaf416b7acfb171654b5c18bf7e17262e8bdf5c752e65fcd660869c0eef30734d13ba9fd5e4151f5d838c5d5d9586aeda568af1239512d1c309418b111d0fa706d083a6ed45fd905c98491ce84bca9bdb2ccb82fd4c4b5c41cbd02940c31480b556d1e039ece759e228054ec724b3d6f7ce95d5f2ecbc59661dfeff0a7795cc966f81f17398a3d9074f4249e3a4707858ae06f4b22ade4351bbb069eb817d004828121759c108f6a6dfdad95f200eccaaca4c562fdf9f18514365495c68fa23eb8f332a40e5d6d3a3009d2dfdbe34b4fc622b46c0e769f8d2866a5cdc5837d61ec4bf9053eddfa06e037c8661dc4a09035208289d734f08b009173ef39a20a3d0647250b3fe968c451039e6cfb04d86f91a17293daad3ef02e9eef585b86927") 22:39:41 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x200e, 0x1000004, 0x2811, r0, 0x0) syz_io_uring_setup(0x7668, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0) 22:39:41 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="04000c00646f7366d8a02b00080101000440102000f801a2", 0x18}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) 22:39:41 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sendfile(r1, r0, 0x0, 0xfffffdef) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) [ 3566.544847] loop5: detected capacity change from 0 to 40 [ 3566.583217] syz-executor.4: attempt to access beyond end of device [ 3566.583217] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 3566.598133] loop6: detected capacity change from 0 to 40 22:39:41 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000240)=0x14) sendmsg$BATADV_CMD_TP_METER_CANCEL(r2, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000400)={0x5c, 0x0, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x8}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r4}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x8000}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x2002c040}, 0x46814) ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r3, {0x401}}, './file0\x00'}) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3, 0x18, 0x0) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x40) 22:39:58 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sendfile(r1, r0, 0x0, 0xfffffdef) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) [ 3583.171905] syz-executor.4: attempt to access beyond end of device [ 3583.171905] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 3583.173853] Buffer I/O error on dev loop4, logical block 10, lost async page write [ 3583.188852] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3583.189543] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3583.190005] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3583.190447] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 3583.190922] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 2 [ 3583.191956] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.192894] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3583.194081] Buffer I/O error on dev sr0, logical block 0, async page read [ 3583.196213] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.197066] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3583.198373] Buffer I/O error on dev sr0, logical block 1, async page read [ 3583.199695] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.201067] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3583.202363] Buffer I/O error on dev sr0, logical block 2, async page read [ 3583.203645] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.204627] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3583.205823] Buffer I/O error on dev sr0, logical block 3, async page read [ 3583.207055] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.207825] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3583.209070] Buffer I/O error on dev sr0, logical block 4, async page read [ 3583.211380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.212078] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3583.213314] Buffer I/O error on dev sr0, logical block 5, async page read [ 3583.213567] loop5: detected capacity change from 0 to 40 [ 3583.216607] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.217350] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3583.218406] Buffer I/O error on dev sr0, logical block 6, async page read [ 3583.219969] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.221018] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 3583.222105] Buffer I/O error on dev sr0, logical block 7, async page read 22:39:58 executing program 6: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="049f0e00646f7366d8a02b00080101000440102000f801a2", 0x18}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) 22:39:58 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0xffffffffffffffff}) fcntl$dupfd(r5, 0x406, r6) [ 3583.467179] FAT-fs (loop6): count of clusters too big (42468350) [ 3583.468204] FAT-fs (loop6): Can't find a valid FAT filesystem [ 3583.514002] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3583.514656] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3583.515119] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3583.515554] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 3583.516378] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.516869] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.517531] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.518064] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.518609] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.519069] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.519800] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.520401] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.521056] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.521588] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.522113] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.522605] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.523030] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.523637] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.524070] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.525178] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.526303] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.527007] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.527590] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.528120] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.528594] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.529099] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.529756] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.530225] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.530822] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.531402] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.531868] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.532501] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.532990] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.533509] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.534010] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.534513] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.535038] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.535613] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.536043] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.536590] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.537111] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.537604] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.538097] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.538605] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.539100] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.539612] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.540072] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.540638] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.541086] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.542423] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.542963] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.543455] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.620523] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3583.621159] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3583.621633] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3583.622063] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 22:39:59 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) sendfile(r1, r0, 0x0, 0xfffffdef) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 22:39:59 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2012, 0x1000004, 0x2811, r0, 0x0) syz_io_uring_setup(0x7668, &(0x7f00000003c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0) [ 3583.731098] syz-executor.7: attempt to access beyond end of device [ 3583.731098] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 3583.826211] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3583.826868] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3583.827330] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3583.827738] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 3583.828761] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.829175] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.830370] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.830810] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.831309] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.831764] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.832190] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.832712] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.833180] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.833739] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.834308] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.834772] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.835216] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.835875] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.836399] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.836888] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.837386] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.837837] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.838438] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.838907] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.839366] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.839847] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.840378] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.840810] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.841300] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.841822] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.842425] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.843559] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.844021] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.844560] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.844774] loop5: detected capacity change from 0 to 40 [ 3583.845022] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.846177] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.847020] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.847564] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.848116] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.848711] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.849176] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.849660] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.850171] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.850653] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.851093] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.851634] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.852133] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.853471] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.853952] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.854478] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.854959] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.855499] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.855948] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.856741] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.867828] syz-executor.4: attempt to access beyond end of device [ 3583.867828] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 [ 3583.916065] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 3583.916779] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 3583.917205] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 3583.917647] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 3583.918577] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.919020] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.919616] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.920037] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.920497] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.920962] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.921471] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 3583.921964] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 22:39:59 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10100, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf0xffffffffffffffff}, './file0\x00'}) r6 = ioctl$TUNGETDEVNETNS(r2, 0x54e3, 0x0) lstat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f0000000240)='./file1/file0\x00', &(0x7f0000000300), 0x2000000, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@dfltuid={'dfltuid', 0x3d, r7}}], [{@smackfsfloor={'smackfsfloor', 0x3d, '/proc/sys/net/ipv4/tcp_rmem\x00'}}, {@euid_eq={'euid', 0x3d, 0xee00}}, {@dont_hash}, {@subj_user={'subj_user', 0x3d, '/proc/sys/net/ipv4/tcp_rmem\x00'}}, {@fsname={'fsname', 0x3d, '*\''}}]}}) ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r3, {0x20000402}}, './file0\x00'}) setxattr$security_capability(0x0, &(0x7f0000000140), &(0x7f00000001c0)=@v3, 0x18, 0x0) setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180), &(0x7f0000000700)=ANY=[@ANYBLOB="022ac10abe16b756c8c61e17491a2be9443c683a4b924844136e56e9152e047a42b567"], 0x12, 0x0) inotify_add_watch(r4, &(0x7f0000000080)='./file1\x00', 0x0) r8 = syz_io_uring_complete(0x0) r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x3, &(0x7f0000000000)=[{0x3, 0x7, 0x0, 0x40000000}, {0x7957, 0x0, 0xe2, 0x1d3}, {0x8000, 0x25, 0x7, 0x400}]}) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r8, 0xc0189373, &(0x7f0000000200)={{0x1, 0x1, 0x18, r9, {0x3}}, './file0\x00'}) 22:39:59 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000380)=']p\"\xae\x06\xc40\x1a\x1a\\\x9e\x8a\x17@)#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004I\x1c4P\x0e\xc4!\xc9\xece\x84\x85\xf2\xdb\xd3\xa7_\xe5\x95\x04\xdae\xca\xfd\xe2\xd1\xc5\x13\xf3u\xea\xc0\xb5b[\x9adH~\n\xe1\x86\x1f\xe7s\x04\xe8\xf2$\xae\xa8\xe7\xbd\x05\xb0B\xf2\x9cp\xc73\x9db\xc4\xe8EC\xbd\xc9\xf8\x0e\xd7\x1b\x11\xaf\xbf [ 3585.368970] dump_stack_lvl+0x8f/0xb7 [ 3585.369227] print_report+0x175/0x478 [ 3585.369480] ? __lock_acquire+0x42c9/0x5e70 [ 3585.369772] kasan_report+0xbf/0x1c0 [ 3585.370028] ? __lock_acquire+0x42c9/0x5e70 [ 3585.370312] __lock_acquire+0x42c9/0x5e70 [ 3585.370584] ? __pfx_mark_lock.part.0+0x10/0x10 [ 3585.370885] ? finish_task_switch.isra.0+0x22d/0x8a0 [ 3585.371212] ? __pfx___lock_acquire+0x10/0x10 [ 3585.371506] ? __switch_to+0x5c3/0xee0 [ 3585.371772] lock_acquire+0x1a6/0x530 [ 3585.372029] ? kmemleak_scan+0x1a0/0x1600 [ 3585.372306] ? __pfx_lock_acquire+0x10/0x10 [ 3585.372586] ? __call_rcu_common.constprop.0+0x589/0xa40 [ 3585.372934] ? __call_rcu_common.constprop.0+0x589/0xa40 [ 3585.373282] ? lockdep_hardirqs_on+0x7d/0x100 [ 3585.373582] ? _raw_spin_lock_irq+0x45/0x50 [ 3585.373868] _raw_spin_lock_irq+0x36/0x50 [ 3585.374139] ? kmemleak_scan+0x1a0/0x1600 [ 3585.374412] kmemleak_scan+0x1a0/0x1600 [ 3585.374679] ? __pfx_kmemleak_scan+0x10/0x10 [ 3585.374970] ? strncpy_from_user+0x107/0x500 [ 3585.375255] kmemleak_write+0x574/0x680 [ 3585.375522] ? __pfx_kmemleak_write+0x10/0x10 [ 3585.375821] ? debugfs_file_get+0x1d2/0x450 [ 3585.376103] ? __pfx_debugfs_file_get+0x10/0x10 [ 3585.376410] full_proxy_write+0x121/0x190 [ 3585.376681] vfs_write+0x358/0xe40 [ 3585.376924] ? __pfx_full_proxy_write+0x10/0x10 [ 3585.377229] ? __pfx_vfs_write+0x10/0x10 [ 3585.377810] ? lock_release+0x3b6/0x750 [ 3585.378779] ? __up_read+0x192/0x730 [ 3585.379841] ? handle_mm_fault+0x43d/0xae0 [ 3585.380720] ? __pfx___up_read+0x10/0x10 [ 3585.381280] ? __fget_light+0x212/0x280 [ 3585.381829] ksys_write+0x12b/0x260 [ 3585.382516] ? __pfx_ksys_write+0x10/0x10 [ 3585.382790] ? syscall_enter_from_user_mode+0x21/0x50 [ 3585.383125] ? syscall_enter_from_user_mode+0x21/0x50 [ 3585.383463] do_syscall_64+0x3f/0x90 [ 3585.383704] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 3585.384044] RIP: 0033:0x7f38212dc5c3 [ 3585.384283] Code: 16 00 00 00 eb ae 90 b8 6e 00 00 00 eb a6 e8 44 ef 04 00 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [ 3585.385383] RSP: 002b:00007ffc2bb11ad8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 3585.385860] RAX: ffffffffffffffda RBX: 00007ffc2bb12118 RCX: 00007f38212dc5c3 [ 3585.386300] RDX: 0000000000000004 RSI: 00007f3821392ed9 RDI: 0000000000000003 [ 3585.386736] RBP: 0000000000000002 R08: 0000000000000e00 R09: 00007ffc2bba4080 [ 3585.387176] R10: 00007ffc2bba4090 R11: 0000000000000246 R12: 00000000fffffff6 [ 3585.387612] R13: 00007ffc2bb12ef1 R14: 0000000000000000 R15: 000000000036b365 [ 3585.388060] [ 3585.388212] [ 3585.388327] Allocated by task 85: [ 3585.388546] kasan_save_stack+0x22/0x50 [ 3585.388807] kasan_set_track+0x25/0x30 [ 3585.389061] __kasan_slab_alloc+0x5c/0x70 [ 3585.389331] kmem_cache_alloc+0x1e1/0x410 [ 3585.389595] __create_object+0x3d/0xc10 [ 3585.389871] kmem_cache_alloc+0x273/0x410 [ 3585.390136] __alloc_file+0x21/0x240 [ 3585.390378] alloc_empty_file+0x71/0x170 [ 3585.390637] path_openat+0xd4/0x29b0 [ 3585.390887] do_filp_open+0x1ba/0x410 [ 3585.391137] do_sys_openat2+0x171/0x4c0 [ 3585.391395] __x64_sys_openat+0x143/0x200 [ 3585.391662] do_syscall_64+0x3f/0x90 [ 3585.391900] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 3585.392236] [ 3585.392348] Freed by task 19: [ 3585.392547] kasan_save_stack+0x22/0x50 [ 3585.392806] kasan_set_track+0x25/0x30 [ 3585.393058] kasan_save_free_info+0x2e/0x50 [ 3585.393330] __kasan_slab_free+0x10a/0x190 [ 3585.393604] kmem_cache_free+0xfb/0x610 [ 3585.393866] rcu_core+0x7e2/0x2090 [ 3585.394096] __do_softirq+0x1c7/0x8f9 [ 3585.394344] [ 3585.394459] Last potentially related work creation: [ 3585.394761] kasan_save_stack+0x22/0x50 [ 3585.395020] __kasan_record_aux_stack+0x95/0xb0 [ 3585.395316] __call_rcu_common.constprop.0+0x6a/0xa40 [ 3585.395648] kmem_cache_free+0xc1/0x610 [ 3585.395903] rcu_core+0x7e2/0x2090 [ 3585.396134] __do_softirq+0x1c7/0x8f9 [ 3585.396385] [ 3585.396499] Second to last potentially related work creation: [ 3585.396852] kasan_save_stack+0x22/0x50 [ 3585.397109] __kasan_record_aux_stack+0x95/0xb0 [ 3585.397405] __call_rcu_common.constprop.0+0x6a/0xa40 [ 3585.397751] kmem_cache_free+0xc1/0x610 [ 3585.398006] jbd2_journal_write_revoke_records+0x46e/0xa00 [ 3585.398353] jbd2_journal_commit_transaction+0x13b3/0x6700 [ 3585.398708] kjournald2+0x1d0/0x890 [ 3585.398955] kthread+0x2f1/0x3a0 [ 3585.399177] ret_from_fork+0x2c/0x50 [ 3585.399421] [ 3585.399534] The buggy address belongs to the object at ffff8880168f8510 [ 3585.399534] which belongs to the cache kmemleak_object of size 368 [ 3585.400291] The buggy address is located 24 bytes inside of [ 3585.400291] 368-byte region [ffff8880168f8510, ffff8880168f8680) [ 3585.400992] [ 3585.401106] The buggy address belongs to the physical page: [ 3585.401449] page:00000000a9617741 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880168f81b0 pfn:0x168f8 [ 3585.402091] head:00000000a9617741 order:1 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 [ 3585.402645] flags: 0x100000000010200(slab|head|node=0|zone=1) [ 3585.403017] raw: 0100000000010200 ffff88800844f780 ffffea00011b2010 ffffea00010edf90 [ 3585.403489] raw: ffff8880168f81b0 000000000012000d 00000001ffffffff 0000000000000000 [ 3585.403951] page dumped because: kasan: bad access detected [ 3585.404292] [ 3585.404405] Memory state around the buggy address: [ 3585.404706] ffff8880168f8400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 3585.405145] ffff8880168f8480: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 3585.405587] >ffff8880168f8500: fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb [ 3585.406040] ^ [ 3585.406328] ffff8880168f8580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 3585.406768] ffff8880168f8600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 3585.407215] ================================================================== [ 3585.407651] Disabling lock debugging due to kernel taint VM DIAGNOSIS: 22:40:01 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000001 RCX=0000000000000001 RDX=ffff888018ff7f01 RSI=ffff888018ff7f48 RDI=ffff888018ff7f48 RBP=ffff888018ff7f48 RSP=ffff888018ff7850 R8 =ffffffff8645d92c R9 =ffffffff8645d930 R10=ffffed10031fef27 R11=ffff888018ff7910 R12=ffff888018ff7911 R13=ffff888018ff7930 R14=ffff888018ff78d0 R15=0000000000000001 RIP=ffffffff8112f0e9 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f6b6a6b4900 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe38a22e1000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe38a22df000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f6b68aaa730 CR3=000000000f268000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000006170002e2e XMM01=000000000000000000000000002f002f XMM02=ffffffffffffffffffffff0f0e0d0c0b XMM03=616c632000303000303a303a303a312f XMM04=00000000638fb6da0000000000000000 XMM05=00000000638fb6da00000000260d42cd XMM06=00000000638fb6da00000000260d42cd XMM07=000000000000000000000000260d42cd XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000020002000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8248b635 RDI=ffffffff87fb5b60 RBP=ffffffff87fb5b20 RSP=ffff88803b97f1e8 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000039 R11=0000000000000001 R12=0000000000000039 R13=ffffffff87fb5b20 R14=0000000000000010 R15=ffffffff8248b620 RIP=ffffffff8248b68d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055555736f400 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe3db2426000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe3db2424000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f6b69b20fd0 CR3=0000000046c64000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000006170002e2e XMM01=000000000000000000000000002f002f XMM02=ffffffffffffffffffffff0f0e0d0c0b XMM03=00000000000010000000000000000000 XMM04=00000000638fb6db0000000000000000 XMM05=00000000638fb6da000000002d8fde84 XMM06=00000000638fb6da0000000025b1b54c XMM07=00000000000000000000000025b1b54c XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000020002000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000