ece6c79f01d10730080d3fdcd45b4f45ac0798ff6c3cf5e7b0a0f4b7358c4d3a9bff664d4cbb2a0d6d205c6d5e8f908df3d7d66246dd658ff43315759ddddae1d720ee4838639a28d6192bc389f2a382c415bd34ddc21b8e674ed5f69dd3b6df9e0c9a13cd37c1b83f53f668acf8a28f71deafc8710a10a6069b9fa9abeacc4fe7fd60413b62f5b59fa43b0ae1103f4ed2fd32e4062f1644d7296d95b2dccee6e8b97495c7fc9f27ef8e1f957b4bc2c1aa7fac9d405ea292bc5ccda8b37d937043997f0be5eda10afa3004e23f3d78883d0424a074c5c0548c76705b956ed560479976419af6b5a1b1deaa2ddb121ecabdf7f130244e30fffb436ee4f42c41a38c2b9c1d19a92dd7f5557b6b70dffe8d902c4d1b0d8bd9d19c526c933c94018020ca795e9e0f7c6175995065e047482a627fce7817156931c800ac10fe39552afd22fc50814d3b3ed158656a649cb25b73b63d54dce1ffededdb9d5a405e2bd1921cdcd51d783d48254627f83cf149a77f1de37c74b9c90c267ff6601d2815b242ea8794e3c132b3d4514fdd2687eb85beb37ba45ac122aaa28b0ff31c93bcfd93da024df3f7a40103800ca8297197682660d5feb6ff8a6ea5ac8791ed646fd5edfa48370f613592b212d1a57c1b226c47702dce3c42cb57215b0e91fb9ff54f64eada63a0c58f7c5af003f94fba8533abdcfc7b4a5010adbf07a2735471d033b083395ef2067a7ea69a18fbd49241d34ed196dcf7f941a2b470a603a5573f8c6e9c90dc2a55d80ecda7e3bf20ce3c7ada6e4519d7545f732054fb4f318cb67858431319caea67f8957f19df6299ead238bfcb25f7180b7d18ec9d1a0178249e413b553f26e41108fb2db771b690a4d8d82b1c4911125feee819fd5c84892be5a7e66b2f389fc7372d82ec54efaeb6088a194ccd72495127e6e9c7ecba0168c2a5acfbb308f5eaf9c4cd4f99e5bf168013510fe0100e860c50d977aa7be0503575c174a33578b7cac19b15348a90f4e1b49dc3b94120083c2e52bc7d90486a096aa8b2693032f76bfc5d65efa23aedc74c97cee192b60966a5c886b5d61ea06ded2071c377ea78ff3cde9c1ebe16327bb25c207abd949937da7442cc786703846ccedc7cca99043bd2b853e5411ee07d90923d05a1eba965843d03782df62e841450afe0108df61052cb81d7614f57736f49733868faea623c03630d0ba33d76fdd5dde5ce24f000d393570df90005b5cb8e5663caffb6ae5a67c0f406b711c4a25289ba588e74d588397fdea3cdb48e64755e8245a1d08f37d993ea8e45d8b32b8669ce1bae88227f4b542c886d5cdc78e201d89507e2d7d561288ff71090a99def262d584e56ab5277d2b39bc588d052583de95cff85de49b7fc325d9f4336cb3b32a77b74d3dc8e7d2fe2057bce29bde54d0d2b53dd9af60c5181835e3781a24fe4c2d936b80de7b270b0276d87c6cdc21e28c202581eacc3708a822eec2076fa9330dbf3264b4aac1abee79bd44bf59a9c19be96f02696e04a4e84376d45676bf5ddca3067045587365332b32ada6010cbfa30203ab617f43ed548328208f7a9a8653fe37991fd55ff37a04c768c4894b1d4df0fc7a4717a97fd65398c74515b6a81b9a30d83563d27e1c24332eb32e86b610fb70294298488b06b5a450cd2788f286dac9a660f50b8f58478171173f7ab61e6262ca10e1c6655a4ac0c9d18ce2227bda610dd048dd2de209be969d4ba38383fb83c3fc550d3573dc7aa2fb6be8875882436b260350cece013a8cd4f1809a5f1cc9bbac65569eae46d3e73d5b8995502154ca16746a5364199df4bd3b22ff5d05f4308e75e5cec9078a2fc87426554a07acc1abac1f7fb1a760fa0be39b3d550e32f549e062aaa0752a53ef3a803cd4bb601ed84fbd0ec8872ffbadc364c8893d4970dccdb3d0c71d32117fad1d443e4a91f7795b413fdec7aae3564172365fad81b54053f21779fa3d1e35a24107b6de44b995cc460d91c45b71d068e610c6c620892c159b655d8f1c7463ce1c87cee05c75460ab5bea00c3cdb55545b1f723570fd66a725ec399c1ef15e650dc7a86d7260034662a6056a961d72b6f31ec2673556b45c581d996315f8cbb5e7490c7b48dc478452e7724f1550fa51440cd1658b36e8bf4209a31b9c7d354b9e6255379ee1a061a81f257404ab656d7912e5de5ec22028fd59c47d2437d3afadf8843270b9580b912f7b11848f555c52bc254265816d2b6f4549a5daddadcf0e02e4a24bfbed2cde92f26d57b622341b52e212850f8f9d57d534bc0f4a10ac1f826bf4ce17ebf3d8c6479f899efd919fa96463dc7cb3b053f952cd89b242ff848fe58212465011ffe081373eec77ef73ecf115e0be27aa712e4118a8b1f88fc6b2c3dd4675d19f8ace80802cb285708dbf99c29bbdf499e81a31c83cbc45efdabf0db9de80c2b69aafe10104e37aa9825bc8a4d7c987acc648f99e31db33396f0ea8f34f7aba96da7431cc81d917427c08448c948b74801f59ad16afe2887343dae79b0bfc3be44eaa41249cb3acaff1acd4b7f1afd376c70269f63dd638579fe4ed56ec3f1afd56ef638303c173773321f418066d1e553104fbf5b48ffb3dd3bb3e68bd9b94bdea2d468432bfcf2e596d1fae5de85133bb7cd9d6449511abd96b8446ecab73e9e0cbfed2b0cc7533ab7c9850255c9dd1c291cdd1cf521313f6d9a111357828d33005a0c3b78595de3ce99e18776c26c2bc9055ab8b1e26f82c58a85134b90dd4a939b5710456755d585ff00d4e1333957041ebb2919c6fa2b4bc0a2bca150945c9c6d1ecab830dc8263a6c9f6f2ed4c4ce14aa2e2f4a95cbb1392a0d5e6d95cdaa680d55100244194a25d4d98c7b8055fc27f34e40f59733ca4af89101da963a3ebf65d9f20536d392c6106888729351c088466025fb18ba77aa0a4727f4f6361ccc6cf013a09d2b66524c22bd908b730ae042897bdf876ac04fad3cf44de1614ca3440146aee13f4ab510c9af965ad6b79d48e30167fb6d90ae94be900e59f952e0f0ee71ba028acecf49d3190cc47143b539130a946c133c3faf09198d582ef13db3525114ae75c02c1c169292a3881889bb7ba16554a3e1218bea1454890565bf0dbd61ad52425b0e6b2d50c44655b9edf5c4bb14f294efb454be253a171c6bb7e165518f3dff4c291fd6a88dc56d4f2c845b9efe8282580bbc7ee5bf30c4a55f4bd91a973a09a8a25f1abb760806fbfb70a61708921acc0e031b4f6e0b0b247cb81000c66614f3640d945f06648e447087928637f51192a07feee95b393e01b1894b4390a49b06304ed200bfa1cc7f166aaedb46e9fc3a0f559b9d783755e74cacc4529311f37304cc31c878ddf0cae9c9f3e3cf22351a22402cb5db7a997108c1e596be17fd1a6566966e6375110bbce73eb4aa01926fac16260223fa2b50b7384cd48e0baf452047a56627d29933ed2367e24c528220fe94c9a227508db56f1dee2b7093ae0100dfd9d2759844824f85424273593baddf5547d8c4be3711a8b0a6813058ae0188148a1ab30bd9ae2989b0c774a334c8fd3a455ec1510572eff04be134cccf7bf62423eb0c81fd650b0ad6f7318f566240f393d3b95ab130a16c74fc8c65fa7acc1b513e83038b5d003f59bc60691ad0fd9fd7a9584c3e45265d331594001b4bff3fef0dce1ff742abdfa895d95c55d4303d9d4f967d4c248c7b7ab12f6024220ed8e2072dce238dea8afdc9f9d6ec3e6ba5de1c5ea31cb020c3bbf92aa2b4fb2a8ad8af593d4b11c768e7d0bf688f9724ac9e9b64a991ed68bd0adf41d577e4bbcec3c69d96f50b9330a41c5bf8dbeee26d4bf357892f4c87fe7a16c38b9d4741c8445ffd0e082b0e521f5626de245ca5cf6fe82c7efb25732e070c44fe17faf7b26e449d4601ec5acbcb3afd4394dda0813e0762e1fd17518bead575ea6350d503dce7f259798f2e6b91a135d8bde0f7d038886411f7ac62b86c745973ea54cd7e44681a1f049f36762799ff1155becf8a408b459f6f334e7580e8fa5fb543f0c438557eb58b5ad981fc2198266817087e15ae4e92c5568e84ea4fcfe30508334af913579d6937a5228283433a3c32352a28401238f2a0460a9bb4200eca504bfff4d480dcf78d37b359f3ee4c45657b097423d8873efcab12ac78855a7ecfd606bd4e3d2118b848179851c94e0f774a576c3bfdf38e31b86793472e5f6be0bb2425b4c1584419067be2494908a5cf876e7e1fda968f00ece3f8dd6e13f889c33c2dd36d4d7aa81ca1e2b11de76dc4012dc4823eb896b91497a059469c88c52555f755e9fc15da3ac97e3727f80b61f5aeb60438800ed89d1c870244e3d9beb0d1a2be20b8943731b50adfdd8521c9ba054719164130bd5fdcf757e29d22ddd34994f3872f4d98cd0f3d058c2f18a27e462309b674387b4b156320fe67925e3b3c6922204c07d051558c2bdf164545fbd71eb26e08de0aa41a1f0ee94db4f85d8658bb439d95f2ef9fb6fc2d4aefb7e023a94d20bf221dea6ac8edf3f99834956a174243dfc9eacc53a885d4db2eaf0d734653cb8955a523c2c8b7b1fd700e502c6e9a0a218178cca6218d1e1a9dd78689407467ee0864dcb2650cfc0e03c05a601dd75d25b84679c4c4a835fdab1d3661d7827cff2ae3651781348685dc1992d4e4622933c439f9b8a40c42228b7b2261595eef09489dd8b4e041c2c54f4d2a3a0ea30240ab1d2abc72bde069408", @typed={0x8, 0x7e, 0x0, 0x0, @uid=0xffffffffffffffff}]}, 0x1018}], 0x6, &(0x7f0000001fc0)=[@rights={{0x14, 0x1, 0x1, [r2]}}, @cred={{0x1c, 0x1, 0x2, {r1, 0xffffffffffffffff, r8}}}, @cred={{0x1c, 0x1, 0x2, {r3, 0xffffffffffffffff}}}], 0x58, 0x80}, 0x20008000) 17:04:14 executing program 6: r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) mknodat$null(r1, &(0x7f0000000040)='./file0\x00', 0x0, 0x103) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) linkat(r2, &(0x7f0000000200)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x1400) statx(r2, &(0x7f00000000c0)='./file0\x00', 0x100, 0x2, &(0x7f0000000100)) 17:04:14 executing program 0: io_setup(0xffff, &(0x7f0000000000)=0x0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000140)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0\x00'}) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) io_submit(r0, 0x4, &(0x7f00000004c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000040)="aab5981c2c931d8fb8ec89d630581a9b96ee6cdd9eeb55cf3d6ddcbbd544a31e865896c252e6c424f97c555a6f75ed77c45907af43aa9e82be97dd2dbc660474e5d4a42502dc3e9e09be3d63b1a05e710c53b64dc07c5b7c1284e5fbfb1a2f2a0b9896afcea4fdf54e54cb3dcfa23a30711759388aeba9c7deda9516dafd9eec913a11eca6396dd209769f31199ed9a0f9a53b8839b6a3c9ab4002ebb9453c1da6ab00569f820c3958727446ed8c33f136f4f7fffce9f22175bafaad8be56de69c2935a9283fb672935bdaf6237c0bdc53b2c82146d5c78f131670a80b7c5452ffc62643dc98b40d390dfde6327574c6", 0xf0, 0x0, 0x0, 0x2, r2}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x8, 0x401, r3, &(0x7f00000001c0)="3fda6f0c9e3c62952f8f46a4a2fe19e4c05eab64e59ea8126047fb4146f34777165532df3912387653f6b9bfafb92cb3bec5f0e2f22b7740f9c4fccfc3d07feba7f563b08403793df1f097546464a8c4a6e9fd75afcb31c65d52c235bd7202a2dc6c7ca2d5ccace34d29ed14b6cacc3136c08993b63c9b984b4c7f8cc3ebef09a2149bd20d08fe4ab4cc0a76bab8d79dbdbdb3b05f3fdde99673ebde348cfa233231c75b647106ae7f7788610911fd877e45dd0ae0c3e7c9ee52ecf30d08b9ea5744", 0xc2, 0x4, 0x0, 0x1}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x5, 0xffffffffffffffff, &(0x7f0000000300)="0b0d3ec5e40171739533ba4da7", 0xd, 0x1, 0x0, 0x3}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x2, 0x40, 0xffffffffffffffff, &(0x7f0000000380)="028c19246d2ae20f9cc86f340257bcd08ebc5a962ac1d62f04038e7bf134f6db6f5ea337c68cc4b0a30b9b4e9b4a7bd31c9d26bb7a3528d5c76fd3c32e2417476fd31464ff1dfad5447d26aceadca31e7aa3c5fb68cfc2307c44ffefd4ff3bddd721434b10064cc7834864cd184d77aa8bc9e2b4aeef59afed47b568b08fa269217733537ee173bd930a3e289fcd212e08a14200428c1619737aceab45b350d84308c75deb15219e9e4a39f57b4b7f204a9d09e8806bb18490ae8429a8f5496c8c2e6639565143c79135d1bb5f", 0xcd, 0x4, 0x0, 0x3}]) clone(0x420a8d00, 0x0, 0x0, 0x0, 0x0) 17:04:14 executing program 7: sysfs$3(0x3) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56a, 0x323, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0) 17:04:14 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_channels={0x19}}) r1 = epoll_create(0x4) r2 = epoll_create(0x4) r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000)) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r4, 0x801c581f, 0x0) ioctl$FS_IOC_SETVERSION(r4, 0x40087602, &(0x7f0000000280)=0x8d4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f00000001c0)={0x4000000e}) r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) fadvise64(0xffffffffffffffff, 0xc60, 0xffffffffffffffaa, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r5, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r5, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r5, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r5, 0x89f5, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000100)={'ip6_vti0\x00', r6, 0x4, 0x3f, 0xa1, 0x4, 0x64, @remote, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7800, 0x700, 0x9, 0x8}}) 17:04:14 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x1000010000}], 0x808050, &(0x7f0000011200)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') truncate(&(0x7f0000000040)='./file1\x00', 0xf0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r0, 0x4c01) openat(r0, &(0x7f0000000080)='./file0\x00', 0x28000, 0xe2) 17:04:14 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2}) [ 426.989128] UDC core: couldn't find an available UDC or it's busy: -19 [ 426.989715] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 426.993304] blktrace: Concurrent blktraces are not allowed on sg0 17:04:14 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2}) 17:04:14 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2}) 17:04:14 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_channels={0x19}}) r1 = epoll_create(0x4) r2 = epoll_create(0x4) r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000)) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r4, 0x801c581f, 0x0) ioctl$FS_IOC_SETVERSION(r4, 0x40087602, &(0x7f0000000280)=0x8d4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f00000001c0)={0x4000000e}) r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) fadvise64(0xffffffffffffffff, 0xc60, 0xffffffffffffffaa, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r5, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r5, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r5, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r5, 0x89f5, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000100)={'ip6_vti0\x00', r6, 0x4, 0x3f, 0xa1, 0x4, 0x64, @remote, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7800, 0x700, 0x9, 0x8}}) 17:04:14 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) pwritev(r0, &(0x7f0000000240)=[{&(0x7f0000000140)="cf", 0x1}], 0x1, 0x8000000, 0x0) fcntl$setpipe(r0, 0x407, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fallocate(r3, 0x3, 0xa382, 0x8000) [ 427.139134] blktrace: Concurrent blktraces are not allowed on sg0 17:04:15 executing program 6: r0 = fsopen(&(0x7f0000000080)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) mknodat$null(r1, &(0x7f0000000040)='./file0\x00', 0x0, 0x103) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) linkat(r2, &(0x7f0000000200)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x1400) statx(r2, &(0x7f00000000c0)='./file0\x00', 0x100, 0x2, &(0x7f0000000100)) 17:04:15 executing program 0: io_setup(0xffff, &(0x7f0000000000)=0x0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000140)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0\x00'}) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) io_submit(r0, 0x4, &(0x7f00000004c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000040)="aab5981c2c931d8fb8ec89d630581a9b96ee6cdd9eeb55cf3d6ddcbbd544a31e865896c252e6c424f97c555a6f75ed77c45907af43aa9e82be97dd2dbc660474e5d4a42502dc3e9e09be3d63b1a05e710c53b64dc07c5b7c1284e5fbfb1a2f2a0b9896afcea4fdf54e54cb3dcfa23a30711759388aeba9c7deda9516dafd9eec913a11eca6396dd209769f31199ed9a0f9a53b8839b6a3c9ab4002ebb9453c1da6ab00569f820c3958727446ed8c33f136f4f7fffce9f22175bafaad8be56de69c2935a9283fb672935bdaf6237c0bdc53b2c82146d5c78f131670a80b7c5452ffc62643dc98b40d390dfde6327574c6", 0xf0, 0x0, 0x0, 0x2, r2}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x8, 0x401, r3, &(0x7f00000001c0)="3fda6f0c9e3c62952f8f46a4a2fe19e4c05eab64e59ea8126047fb4146f34777165532df3912387653f6b9bfafb92cb3bec5f0e2f22b7740f9c4fccfc3d07feba7f563b08403793df1f097546464a8c4a6e9fd75afcb31c65d52c235bd7202a2dc6c7ca2d5ccace34d29ed14b6cacc3136c08993b63c9b984b4c7f8cc3ebef09a2149bd20d08fe4ab4cc0a76bab8d79dbdbdb3b05f3fdde99673ebde348cfa233231c75b647106ae7f7788610911fd877e45dd0ae0c3e7c9ee52ecf30d08b9ea5744", 0xc2, 0x4, 0x0, 0x1}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x5, 0xffffffffffffffff, &(0x7f0000000300)="0b0d3ec5e40171739533ba4da7", 0xd, 0x1, 0x0, 0x3}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x2, 0x40, 0xffffffffffffffff, &(0x7f0000000380)="028c19246d2ae20f9cc86f340257bcd08ebc5a962ac1d62f04038e7bf134f6db6f5ea337c68cc4b0a30b9b4e9b4a7bd31c9d26bb7a3528d5c76fd3c32e2417476fd31464ff1dfad5447d26aceadca31e7aa3c5fb68cfc2307c44ffefd4ff3bddd721434b10064cc7834864cd184d77aa8bc9e2b4aeef59afed47b568b08fa269217733537ee173bd930a3e289fcd212e08a14200428c1619737aceab45b350d84308c75deb15219e9e4a39f57b4b7f204a9d09e8806bb18490ae8429a8f5496c8c2e6639565143c79135d1bb5f", 0xcd, 0x4, 0x0, 0x3}]) clone(0x420a8d00, 0x0, 0x0, 0x0, 0x0) 17:04:15 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2}) [ 427.301676] blktrace: Concurrent blktraces are not allowed on sg0 17:04:15 executing program 5: r0 = epoll_create(0xca) r1 = epoll_create(0x4) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000000)={0x2004}) epoll_pwait2(r0, &(0x7f0000002e00)=[{}], 0x1, 0x0, 0x0, 0x0) r4 = syz_open_dev$tty20(0xc, 0x4, 0x1) r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCVHANGUP(r5, 0x5437, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000000180)) 17:04:15 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x18000, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000c80)=0xc) getresgid(&(0x7f0000001f00), &(0x7f0000001f40), &(0x7f0000001f80)) 17:04:15 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2}) 17:04:15 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4040, 0x0) r1 = syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x81cc0, &(0x7f0000000240)=ANY=[@ANYBLOB="6fdb6effd44f41cd5713012b20e3bbc2e35e334004d39cf4fc83860329ef6bc9089b1c4ac5be551431cf4ffe611c4bac5a9802000000a4ffa60fcadf711a4c9cdcbad805f5d23ee58986f035acdeb104ec0d3d67e624e882541c637e1567a2f631aafb4216d815408d45d6f218ab6e96aca7a11214e210f9dd5799504753794a3b2e74e2fc5d9dabdb8040ba6e0f6f6c18458b0f14f77f9a1b9ffeef4a84062a2c08ba8d57e6ef4bd5e0bae23f7d9ed04e989773d6cf068afaa2d026d0e1b90e0ccfaac8f28266f01443455c3fc7d7c3ef0004000000000000bbf521d48fa8923ede70948aec5ae7f7099618bedce46f26bb18c8731c9a6e0347a898b33659865d0edba006ed568f0228fc76da2ec6f5d57d04db4f0e0f142138819a0c7c51b1aa00cb51e6b186466830475640"]) r2 = syz_open_dev$vcsa(&(0x7f0000000180), 0x5, 0x2000) ioctl$LOOP_SET_FD(r2, 0x4c00, r1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000400000004f800002000ff0f000000", 0x1f}, {0x0, 0x0, 0x4000}], 0x0, &(0x7f0000000140)) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) sendfile(r0, 0xffffffffffffffff, &(0x7f00000000c0)=0x80000001, 0x1) write$P9_RREADLINK(r3, &(0x7f0000000000)={0x10, 0x17, 0x0, {0x7, './file1'}}, 0x20000010) 17:04:15 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) (fail_nth: 1) 17:04:15 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, 0x0) dup2(r0, r2) setsockopt$WPAN_SECURITY(r0, 0x0, 0x1, &(0x7f0000000000)=0x2, 0x4) r3 = dup2(r0, r1) syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r3) 17:04:15 executing program 0: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_LBT_MODE(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, r0, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_LBT_MODE={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc0}, 0x44) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r0, 0x1, 0x70bd2b, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) 17:04:15 executing program 5: r0 = epoll_create(0xca) r1 = epoll_create(0x4) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000000)={0x2004}) epoll_pwait2(r0, &(0x7f0000002e00)=[{}], 0x1, 0x0, 0x0, 0x0) r4 = syz_open_dev$tty20(0xc, 0x4, 0x1) r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCVHANGUP(r5, 0x5437, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000000180)) [ 427.831537] blktrace: Concurrent blktraces are not allowed on sg0 [ 427.868853] FAULT_INJECTION: forcing a failure. [ 427.868853] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 427.870490] CPU: 1 PID: 5170 Comm: syz-executor.4 Not tainted 5.17.0-rc1-next-20220124 #1 [ 427.871482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 427.872824] Call Trace: [ 427.873174] [ 427.873461] dump_stack_lvl+0x8b/0xb3 [ 427.873938] should_fail.cold+0x5/0xa [ 427.874450] _copy_from_user+0x2e/0x170 [ 427.874944] __blk_trace_setup+0x96/0x180 [ 427.875468] ? do_blk_trace_setup+0xc80/0xc80 [ 427.876082] ? lock_is_held_type+0xd7/0x130 [ 427.876633] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 427.877533] ? lock_release+0x3b2/0x6f0 [ 427.878027] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 427.878922] blk_trace_setup+0x43/0x60 [ 427.879419] sg_ioctl+0x6b1/0x2830 [ 427.880057] ? selinux_file_ioctl+0x418/0x5d0 [ 427.880632] ? selinux_file_ioctl+0x10f/0x5d0 [ 427.881384] ? lock_downgrade+0x6d0/0x6d0 [ 427.881895] ? sg_write+0x110/0x110 [ 427.882512] ? lock_is_held_type+0xd7/0x130 [ 427.883099] ? __fget_files+0x28d/0x470 [ 427.883762] ? __x64_sys_ioctl+0x97/0x210 [ 427.884360] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 427.885111] ? sg_write+0x110/0x110 [ 427.885621] __x64_sys_ioctl+0x196/0x210 [ 427.886196] do_syscall_64+0x3b/0x90 [ 427.886731] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 427.887364] RIP: 0033:0x7f544adecb19 [ 427.887976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 427.890373] RSP: 002b:00007f5448362188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 427.891643] RAX: ffffffffffffffda RBX: 00007f544aefff60 RCX: 00007f544adecb19 [ 427.892615] RDX: 0000000020000000 RSI: 00000000c0481273 RDI: 0000000000000003 [ 427.893573] RBP: 00007f54483621d0 R08: 0000000000000000 R09: 0000000000000000 [ 427.894537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 427.895498] R13: 00007ffda7a4458f R14: 00007f5448362300 R15: 0000000000022000 [ 427.896486] 17:04:15 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000002680), 0x40000, 0x0) [ 427.918906] loop6: detected capacity change from 0 to 64 [ 427.932573] FAT-fs (loop6): bogus number of FAT sectors [ 427.933272] FAT-fs (loop6): Can't find a valid FAT filesystem 17:04:15 executing program 0: timer_create(0x3, &(0x7f00000002c0)={0x0, 0x1e, 0x0, @thr={&(0x7f0000000200)="d49d41a7368ba0c49a74201ccbd5584a55ee04fd921322ba", &(0x7f0000000240)="c9f48d27834742a502be5e958826aa74fe4f00b341a98c9fb843d79ecb6a56e010ef700711355ee2ee45d3da572072f42aea6e777ea328a77dd5005e84fd5400f2cb8d1467216a2747d63d149908a230162f684f78b2c96eb30c0098eb7928c8c884887f4b03ad1cdae5afc36247cb7be5c6fc3b1c"}}, &(0x7f0000000300)=0x0) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f0000000380)={{r1, r2+10000000}, {0x77359400}}, &(0x7f00000003c0)) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000080)=ANY=[@ANYRES64, @ANYRES16=r3]) chdir(&(0x7f0000000040)='./file1\x00') openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x181000, 0x140) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x147142, 0x0) r5 = dup(0xffffffffffffffff) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r6, 0x4c01) mkdirat(r6, &(0x7f0000000400)='./file0\x00', 0x30) r7 = openat(r5, &(0x7f0000000100)='./file1\x00', 0x101042, 0x89) write$binfmt_aout(r7, &(0x7f0000001180)=ANY=[], 0x220) sendfile(r7, r4, 0x0, 0xfffffdef) pwrite64(r5, &(0x7f0000000140)="9dfd434891b3e6cb2f0ae714caa6e767e0445f466a1210ccff17d61c552ad3222e96749a5192ddda3ff44f8ad19ec4696ddec74bc71063eba5830bc952b745d7795fefc5a8847a0a457d7424427d020d5990b0614bd0c3cc19b7f6b8f956f34a1d63c523900ea744ad52e81cb8ee595d0c5dc7304db1d99b6be67d0982dba7efb17a97b6b0c74669c927146f36b808a64a4fbe4954a9bb7628f2d0a839f6ba9c7083f32832287d08ebc5ed56294ba0be71f9199d2ce9", 0xb6, 0x1fe3) 17:04:15 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, 0x0) dup2(r0, r2) setsockopt$WPAN_SECURITY(r0, 0x0, 0x1, &(0x7f0000000000)=0x2, 0x4) r3 = dup2(r0, r1) syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r3) 17:04:15 executing program 5: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r3, 0x0) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}}, 0x0) io_uring_enter(r0, 0x58df, 0x0, 0x0, 0x0, 0x0) [ 428.062840] FAT-fs (loop0): Unrecognized mount option "ÿÿÿÿÿÿÿÿ" or missing value 17:04:32 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) sendmmsg$inet(r1, &(0x7f0000002a00)=[{{&(0x7f0000000000)={0x2, 0x4e21, @multicast2}, 0x10, 0x0}}, {{&(0x7f00000002c0)={0x2, 0x4e22, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @dev={0xac, 0x14, 0x14, 0x30}}}}], 0x20}}], 0x2, 0x0) 17:04:32 executing program 6: getgroups(0x2, &(0x7f0000000040)=[0xffffffffffffffff, 0xee01]) setfsgid(r0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000000)='blkio.bfq.empty_time\x00', 0x0, 0x0) statx(r2, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgroups(0x2, &(0x7f0000000800)=[r3, 0x0]) lchown(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) 17:04:32 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) (fail_nth: 2) 17:04:32 executing program 3: getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x67, &(0x7f0000000000), &(0x7f0000000040)=0x4) syz_emit_ethernet(0x47a, &(0x7f0000000080)=ANY=[@ANYBLOB="0180c2000002bbbbbbbbbbbb86dd602ddc2000443afffe800000000000000000000000000000fe88000000000000000000000000010186009078ff000200000000000700000019036c1f9a4a48605cfe5a481823e3b60de9b05726145d381f1e656d50895d41aa72efa18df3dd68cf6a6c381dbdf08a47b301daed8f57b7a51e101156b1008ab9659670fa33a428f03e254cee27373e5aad4a413fe1fddcc840538f5cad6379542c99da79f7ea32472a0d83b69234f5cb73653e5dcee50aab03e491460564bb35b107e53149f009277e776b8c1abe22ca17bfddc5d28fea14b9116b9992905373f024aae677273cddb402b21e5cdac2ccead5d9d6cfc944aaed431cf9ad616765b4a5fa4e194496c34a995bb4fb56766f2880ee93dee5e520df74bc00bc724fa8f1979c6cec40cdbdeaaac0eeafda661a23cdab7e6db044f54a2ec862beb6d9ccb63b9942d079eb6d26ac4409b751320e1a98b1257913ff28378b98217a88fa3c2d921b95e9441bc006fed6f94aed2288f27e664fde29524572a46343f5af40033c088e0e79f27fa25bf9e5f645b411182f66ac974053e45c68017e0dd26bfc936948d4f5408863c9288e5903c0754b9b98798e7ad5c337bca9a67287dc46ef6631dfab0806f99eca8a247c3e49ab0aae7ccd42206f1fa954919dd5fc2a50e24a3a70e96c63169ea7f4b4e280d14de7ab6c530a54c189fcbe86123068ac51267d228801f9340d07aa0622bc4664c2ab19adfa2a5a3e7acf6cf2197fb00112a4fe95e8c33a567b2cac9ad4d935fcf96b4ed9f49bf6e516ad22d140bd6b18fa18c6e4eb6ffaab9ac1980ed72f6ad51a8d7bc438c7a225741e94a4171f692ec9a043992e1ba358bf751e3a3da229fe646a2b9050afb2cf4a3fa2d12b7be869a83a6378edfc12a5a06b9a4a1b791c45b4a49fb171255932716604908ffd72752ec1f5b063379a6952b1d633e7c8340106edd01ab2eb9bae3364ed288b57f74a403070d96696fdce9048ca54c13762ae250aaf213b2406f7af427aa8b0726a10ae44f50200051934a3692e04a2185bd4fde6c125eb967f74184726331fb665daf06e0ca437f299f00b86777c15ca914bf6eb3381bdf13bf80cd8a17ab254aaa5401e8f124ffa2fd3e90b7f208af8841c7420a82c8ef74e1542f170efbb159741e7c45d70d12f8cf359fc29fdc37d29b8ee5e233f0ed2235721cb9403cd970efc0dae866379a3d8671531c4c62bd53f95eaa437e97bfa70a17f25a6bdf570703397719d222ec7c9c8e03aae6ac306e643f2f9ad5702a3588de9c998d3294122eb892dea2d3bfb74c7fc1f11ff79c6bd902e8df4cef0ac3688d1bc566c8fdb35219c85a2153daa8cac0e9384d3e3cfb0542ec766a906326abb09c771e15547b3bef40aadf7c1c6a67f526a046c5e11ae4e976d92bc5da6d9d120997e3bb4df1400d3a74025e69f246c2386e84485f9740642027cbd6c49d02386c4465f8d165b532a1283d8ce0902f25dfd8e1b8fac81a5b1f7efe4180865d826c8e231284c7d6046aa9dc21638aac3bd05f86b777c35aeb09f61eba9dd2a4f9ec12f5e3af33c3dd7d1652ad1ad059da00b436f5100398bccc71948df54333d1aa88462a200ed69a5570d3fe05d3e0e937d62"], 0x0) 17:04:32 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) sendfile(r0, r0, 0x0, 0x5) r1 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x31d4c3, 0x0) sendfile(r1, r1, 0x0, 0xb093) 17:04:32 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x18000, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000c80)=0xc) 17:04:32 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r4) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r6, &(0x7f0000000200)={0x0, 0x700, &(0x7f0000000140)={&(0x7f0000000000)={0x28, r5, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000200)={'wpan1\x00', 0x0}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_WPAN_PHY(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_SET_MACPARAMS(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, r5, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x4}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0xbfdc}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4011}, 0x20008864) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000480)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x34, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_SECLEVELS={0x5}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r11}]}, 0x34}}, 0x0) 17:04:32 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) pwritev(r0, &(0x7f0000000240)=[{&(0x7f0000000140)="cf", 0x1}], 0x1, 0x8000000, 0x0) fcntl$setpipe(r0, 0x407, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fallocate(r3, 0x3, 0xa382, 0x8000) [ 444.450275] blktrace: Concurrent blktraces are not allowed on sg0 [ 444.467763] FAULT_INJECTION: forcing a failure. [ 444.467763] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 444.470084] CPU: 1 PID: 5214 Comm: syz-executor.4 Not tainted 5.17.0-rc1-next-20220124 #1 [ 444.470867] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 444.471930] Call Trace: [ 444.472287] [ 444.472531] dump_stack_lvl+0x8b/0xb3 [ 444.472913] should_fail.cold+0x5/0xa [ 444.473300] _copy_to_user+0x2e/0x150 [ 444.473687] simple_read_from_buffer+0xcc/0x160 [ 444.474283] proc_fail_nth_read+0x194/0x220 [ 444.474715] ? proc_fault_inject_read+0x230/0x230 [ 444.475188] ? security_file_permission+0xb1/0xd0 [ 444.475673] ? proc_fault_inject_read+0x230/0x230 [ 444.476152] vfs_read+0x1b6/0x5f0 [ 444.476499] ksys_read+0x12d/0x250 [ 444.476850] ? __ia32_sys_pwrite64+0x230/0x230 [ 444.477286] ? syscall_enter_from_user_mode+0x1d/0x50 [ 444.477797] do_syscall_64+0x3b/0x90 [ 444.478188] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 444.478699] RIP: 0033:0x7f544ad9f69c [ 444.479064] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 444.480853] RSP: 002b:00007f5448362170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 444.481623] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007f544ad9f69c [ 444.482295] RDX: 000000000000000f RSI: 00007f54483621e0 RDI: 0000000000000004 [ 444.482981] RBP: 00007f54483621d0 R08: 0000000000000000 R09: 0000000000000000 [ 444.483658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 444.484390] R13: 00007ffda7a4458f R14: 00007f5448362300 R15: 0000000000022000 [ 444.485075] 17:04:32 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) pwritev(r0, &(0x7f0000000240)=[{&(0x7f0000000140)="cf", 0x1}], 0x1, 0x8000000, 0x0) fcntl$setpipe(r0, 0x407, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fallocate(r3, 0x3, 0xa382, 0x8000) 17:04:32 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='F', 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x1}}, './file1\x00'}) ioctl$EXT4_IOC_GETSTATE(r1, 0x40046629, &(0x7f0000000080)) 17:04:45 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:04:45 executing program 5: syz_emit_ethernet(0xe6, &(0x7f0000000000)={@multicast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0xb0, 0x3a, 0xff, @local, @local, {[@routing={0x84, 0x12, 0x0, 0x1, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4={'\x00', '\xff\xff', @broadcast}, @remote, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev={0xfe, 0x80, '\x00', 0x2c}, @local, @rand_addr=' \x01\x00', @ipv4={'\x00', '\xff\xff', @multicast2}]}], @ndisc_na={0x88, 0x0, 0x0, 0x0, '\x00', @private1={0xfc, 0x1, '\x00', 0x3}}}}}}}, 0x0) 17:04:45 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x18000, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000c80)=0xc) 17:04:45 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x18000, 0x0) 17:04:45 executing program 6: r0 = syz_io_uring_setup(0x5e27, &(0x7f0000000180), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="2e2b664e6c6530000000000001000000d61b3758f2f1854caa4a5b94217640e3df35ae36dc29"]) close(r1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, 0x0, 0x1) shutdown(r2, 0x0) 17:04:45 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r4) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r6, &(0x7f0000000200)={0x0, 0x700, &(0x7f0000000140)={&(0x7f0000000000)={0x28, r5, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000200)={'wpan1\x00', 0x0}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_WPAN_PHY(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_SET_MACPARAMS(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, r5, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x4}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0xbfdc}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4011}, 0x20008864) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000480)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x34, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_SECLEVELS={0x5}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r11}]}, 0x34}}, 0x0) 17:04:45 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r4) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r6, &(0x7f0000000200)={0x0, 0x700, &(0x7f0000000140)={&(0x7f0000000000)={0x28, r5, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000200)={'wpan1\x00', 0x0}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_WPAN_PHY(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_SET_MACPARAMS(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, r5, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x4}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0xbfdc}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4011}, 0x20008864) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000480)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x34, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_SECLEVELS={0x5}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r11}]}, 0x34}}, 0x0) [ 457.632871] loop7: detected capacity change from 0 to 256 [ 457.635591] blktrace: Concurrent blktraces are not allowed on sg0 17:04:45 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011200)=ANY=[]) r1 = fcntl$dupfd(r0, 0x0, r0) openat(r1, &(0x7f00000000c0)='./file1\x00', 0x20042, 0x0) chdir(&(0x7f0000000140)='./file0\x00') syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000240)='./file0\x00', 0x9, 0x4, &(0x7f0000000540)=[{&(0x7f0000000280)="eb19e1fc2bd2869b9759584f22848f1a891b1e9337b3712552d053baeb6339a45d5b4114c7b75bd6fe2364df5480dc5c1a5af6821a35e6168259093c7a6aa8b3ead2b427898431af8d57e4a4886501b5fc94008e510c1f570aa64037b007758ca8924882c804f58ecd53caaeb06656299c9a10aa396c702f8b058f4455d15e921c9f5552c10022a100c3c88e04b65cce86f77a64a2a5c85566516e6e", 0x9c, 0x5}, {&(0x7f0000000340)="c6970b9e05e2ca4fcd3dfa720494c1f4ed05fd4e72ab82926993", 0x1a, 0x1000}, {&(0x7f0000000380)="bb1215b30f5cf6ff8d63964765864a55373d07ac432beed2be2a1e98c1ebef188ac8f91b49f3e2a22034d92840f4a0ba2e1a4dc884ad07c89c9919e0da82edfccee70dd8c0cc169236b4274931412d2f72c07a15c5bbdc1c8ee24fa688cf6341aa3ccf6050a31395aac2ac9b19f4b47e04b19091329d6da4c456c7580011b017693eb0ee4a18afbb4386592df7392ceb52", 0x91, 0xcf6}, {&(0x7f0000000440)="6d2dff55d4ef631d5349530163acf44db54b464e0c46d67de52b0d53b5aebdc1585d4a63d5e98530df190ae472f2e49ae535de91865612ad51c99ddc5aba72e90b15ebfb8f2256fdd353aa150f4c3aa52161732f025e2d27d0c49d8972654be1a43ed58e22a37d99019247e54273e991c665803abe9b9a5f6ef1ba8d0eff3dc386af8a8d6ad9b566fc3076e686b2bd0075c6e5a1c7cd841d1bfcde1004df09ade4f423abd59c332c8bf6416ba12e2a168795e245a91eae258b9b6e3ab0317bf53d0908f785d292df30f16e454d", 0xcd, 0x4}], 0x0, &(0x7f00000005c0)={[{@shortname_mixed}, {@uni_xlateno}, {@shortname_winnt}, {@shortname_win95}, {@nonumtail}, {@fat=@discard}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp869'}}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'macromanian'}}], [{@obj_type={'obj_type', 0x3d, '-}{!'}}, {@smackfsroot={'smackfsroot', 0x3d, 'vfat\x00'}}, {@uid_lt}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}]}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='./file1\x00') ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r2, 0xc0189372, &(0x7f00000006c0)={{0x1, 0x1, 0x18, r0, {0x1000}}, './file1\x00'}) bind$inet6(r3, &(0x7f0000000700)={0xa, 0x4e21, 0x80, @mcast1, 0xbabe}, 0x1c) 17:04:45 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0x40305839, &(0x7f0000000040)=ANY=[@ANYBLOB="0600000000fddda784adff18000000000000002b00000000000000000000000000000000948e8f10691f4b7b202a2e359658e9e468cfa7"]) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x2, 0x0, 0x5ed}) [ 457.670259] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 457.780214] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 17:05:01 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r4) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r6, &(0x7f0000000200)={0x0, 0x700, &(0x7f0000000140)={&(0x7f0000000000)={0x28, r5, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000200)={'wpan1\x00', 0x0}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_WPAN_PHY(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_SET_MACPARAMS(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, r5, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x4}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0xbfdc}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4011}, 0x20008864) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000480)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x34, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_SECLEVELS={0x5}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r11}]}, 0x34}}, 0x0) 17:05:01 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) 17:05:01 executing program 6: r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) shmat(r0, &(0x7f0000ffb000/0x4000)=nil, 0x4000) r1 = shmget(0x2, 0x3000, 0x400, &(0x7f0000ffc000/0x3000)=nil) shmat(r1, &(0x7f0000ffb000/0x2000)=nil, 0x1000) mlock2(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x0) shmctl$IPC_RMID(r0, 0x0) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3) mlock2(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0) 17:05:01 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) symlink(&(0x7f0000001640)='./file1\x00', &(0x7f0000001680)='./file0\x00') syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x6, &(0x7f0000000200)=[{&(0x7f0000000040)="2000c09eb2824823eae6580f3642518600000200000019000000900100000f000000000000000200000086000000000008000080000020000000d6f4655fd6f4655f0100ffff53ef010001000000d5f4655f0000000000edee000007010000000000005272000000", 0x68, 0x4000400}, {&(0x7f0000010100)="00000000000000000000000028305c8a835f4f4da440baa59e2884cb010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000010000000000050040", 0x29, 0x540}, {&(0x7f0000010300)="0200c410a178000800", 0x9, 0x1000}, {&(0x7f0000012500)="ed41000000100000d5f4655fd6f4655fd6f4655f000000000000040080", 0x1d, 0x4100}, {&(0x7f00000002c0)="504d4d00504d4dfffdf2b1a56851432f4c0ee035ed199c45e28b11a97915d7f93bcef6812171b59c9fd570b95c5490ad53310e4d5f134514a89c6d35c99b367851936b50183ac1903abaccf668ed6e4932db5d5d4fe35b68f0c626f8935d4eba42c02183a19b8faa0f6a467593cbb1bb8ac43d9694a5b01e7ca71dbebb2334f62d5debdeeddd0829cb20f749fa69d3fb9e1316b8bd4d0a66005d2f8dd1d375204aac265e24f206da62fe6915785ae05490b7daee4537d158170874830a307b39e6da0419ad6c26afacf0f92b7286ced3e2ecf1423897bdd773be09908a7062d3a27a128690e70e2bbe32ebafe20d3c276f9b1dcb83573813a6b8d1c590e55461d633ea2b7a60995ad29728578733b624140882091ac1c6f64b0dcc18e338d9", 0x11f, 0x40000}], 0x0, &(0x7f0000013a00)=ANY=[@ANYBLOB='#']) lgetxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=@random={'btrfs.', '-\x00'}, &(0x7f0000000180)=""/81, 0x51) rmdir(&(0x7f0000000400)='./file2\x00') 17:05:01 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:01 executing program 7: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8953, 0x0) 17:05:01 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 473.823209] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5300 comm=syz-executor.0 [ 473.833550] loop0: detected capacity change from 0 to 40 17:05:01 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x18000, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000c80)=0xc) 17:05:01 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x1267, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 473.927632] syz-executor.0: attempt to access beyond end of device [ 473.927632] loop0: rw=2049, want=124, limit=40 [ 473.939203] syz-executor.0: attempt to access beyond end of device [ 473.939203] loop0: rw=2049, want=128, limit=40 [ 473.940384] Buffer I/O error on dev loop0, logical block 31, lost async page write 17:05:01 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x18000, 0x0) [ 473.973261] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5319 comm=syz-executor.0 17:05:01 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x290b033, &(0x7f0000011200)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) sendfile(r1, r1, 0x0, 0xffffffff000) syz_io_uring_setup(0x4f02, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x6, 0x0, @fd=r4}, 0xffffffff) r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x2, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, r5}}, 0xca) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0) ioctl$BTRFS_IOC_DEFRAG(r6, 0x50009402, 0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd_index=0x2, 0x0, 0x0, 0x80, 0x8, 0x1, {0x0, 0x0, r0}}, 0x1) 17:05:01 executing program 7: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000440), &(0x7f0000000180)=0xff3c) ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r0, 0x8983, &(0x7f0000000000)={0x8, 'ip6tnl0\x00', {'veth0_macvtap\x00'}, 0x3}) 17:05:01 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x1274, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:01 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000b40)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8}, @NL80211_ATTR_CQM_TXE_PKTS={0x8}]}]}, 0x30}}, 0x0) shutdown(r0, 0x1) 17:05:01 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:05:01 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x1275, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:02 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x1276, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 474.273868] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5344 comm=syz-executor.0 [ 474.288897] loop0: detected capacity change from 0 to 40 [ 474.319253] relay: one or more items not logged [item size (48) > sub-buffer size (1)] [ 474.337264] syz-executor.0: attempt to access beyond end of device [ 474.337264] loop0: rw=2049, want=124, limit=40 [ 474.340526] syz-executor.0: attempt to access beyond end of device [ 474.340526] loop0: rw=2049, want=128, limit=40 [ 474.342170] Buffer I/O error on dev loop0, logical block 31, lost async page write [ 491.104285] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5365 comm=syz-executor.0 [ 491.109711] loop0: detected capacity change from 0 to 40 17:05:18 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000b40)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8}, @NL80211_ATTR_CQM_TXE_PKTS={0x8}]}]}, 0x30}}, 0x0) shutdown(r0, 0x1) 17:05:18 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x290b033, &(0x7f0000011200)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) sendfile(r1, r1, 0x0, 0xffffffff000) syz_io_uring_setup(0x4f02, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x6, 0x0, @fd=r4}, 0xffffffff) r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x2, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, r5}}, 0xca) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0) ioctl$BTRFS_IOC_DEFRAG(r6, 0x50009402, 0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd_index=0x2, 0x0, 0x0, 0x80, 0x8, 0x1, {0x0, 0x0, r0}}, 0x1) 17:05:18 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x18000, 0x0) 17:05:18 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x1275, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:18 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2201, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:18 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:05:18 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) fork() 17:05:18 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x18000, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000c80)=0xc) [ 491.168080] syz-executor.0: attempt to access beyond end of device [ 491.168080] loop0: rw=2049, want=124, limit=40 [ 491.171677] syz-executor.0: attempt to access beyond end of device [ 491.171677] loop0: rw=2049, want=128, limit=40 [ 491.172675] Buffer I/O error on dev loop0, logical block 31, lost async page write 17:05:19 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x1275, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:19 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2202, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:19 executing program 1: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x290b033, &(0x7f0000011200)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) sendfile(r1, r1, 0x0, 0xffffffff000) syz_io_uring_setup(0x4f02, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x6, 0x0, @fd=r4}, 0xffffffff) r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x2, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, r5}}, 0xca) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0) ioctl$BTRFS_IOC_DEFRAG(r6, 0x50009402, 0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd_index=0x2, 0x0, 0x0, 0x80, 0x8, 0x1, {0x0, 0x0, r0}}, 0x1) 17:05:19 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 491.298415] loop1: detected capacity change from 0 to 256 17:05:19 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x1275, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:19 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2203, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 491.425217] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5397 comm=syz-executor.0 [ 491.438135] loop0: detected capacity change from 0 to 40 17:05:19 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) [ 491.501479] syz-executor.0: attempt to access beyond end of device [ 491.501479] loop0: rw=2049, want=124, limit=40 [ 491.508086] syz-executor.0: attempt to access beyond end of device [ 491.508086] loop0: rw=2049, want=128, limit=40 [ 491.509193] Buffer I/O error on dev loop0, logical block 31, lost async page write 17:05:36 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x1276, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:36 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) 17:05:36 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x290b033, &(0x7f0000011200)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x8000000, 0x0) sendfile(r1, r1, 0x0, 0xffffffff000) syz_io_uring_setup(0x4f02, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x6, 0x0, @fd=r4}, 0xffffffff) r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x2, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, r5}}, 0xca) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0) ioctl$BTRFS_IOC_DEFRAG(r6, 0x50009402, 0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd_index=0x2, 0x0, 0x0, 0x80, 0x8, 0x1, {0x0, 0x0, r0}}, 0x1) 17:05:36 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2205, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:36 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:05:36 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x18000, 0x0) 17:05:36 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x18000, 0x0) 17:05:36 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) socket$netlink(0x10, 0x3, 0x0) [ 508.243674] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5429 comm=syz-executor.0 [ 508.250064] loop0: detected capacity change from 0 to 40 17:05:36 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x1276, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:36 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2270, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:36 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:05:36 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x1276, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:36 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2271, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 508.480528] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5448 comm=syz-executor.0 [ 508.493614] loop0: detected capacity change from 0 to 40 17:05:36 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) 17:05:36 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:05:36 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) socket$netlink(0x10, 0x3, 0x0) 17:05:36 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2272, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 508.678970] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5460 comm=syz-executor.0 [ 508.697217] loop0: detected capacity change from 0 to 40 [ 525.676265] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5483 comm=syz-executor.0 17:05:53 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) waitid(0x0, r1, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) 17:05:53 executing program 7: r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000e00), 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000ec0)={'ip6tnl0\x00', &(0x7f0000000e40)={'syztnl2\x00', 0x0, 0x2f, 0xd0, 0x0, 0xd6, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private0={0xfc, 0x0, '\x00', 0x1}, 0x761, 0x1, 0x1, 0xffffffff}}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000001040)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001000)={&(0x7f0000000480)=ANY=[], 0xc8}, 0x1, 0x0, 0x0, 0x40000}, 0x1) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f00000001c0)={0x0, 0x1, 0x6, @remote}, 0x10) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000009440)={'syztnl1\x00', &(0x7f0000000200)=ANY=[@ANYBLOB='erspan0\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="00110700000000e8000003084755001c0068000000009078e0000001ffffffff8205ea8c96ca91035b81aafa8c0cb48f9aad7f8c6c000000"]}) sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000009bc0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000009b80)={&(0x7f0000009480)={0x6e8, r0, 0x4, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_DEBUG_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}]}, @ETHTOOL_A_DEBUG_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_DEBUG_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_DEBUG_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_DEBUG_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x294, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_MASK={0x2a, 0x5, "23901001ca1ad5241454c97a254723c37c558bd0e169da9a7c05950c31068ceb6fd4e27408e3"}, @ETHTOOL_A_BITSET_VALUE={0x26, 0x4, "0e98fcaef4af770e66ccc227562695d72cee551f36b542311268d14d45b00490b902"}, @ETHTOOL_A_BITSET_VALUE={0xeb, 0x4, "260fc5136e0b46d69273c713746b71afb72a6f76466bb14e2995e30782f82b205b61e0a55c485fc0f3cc02b501acd40b9b383ae52475a31171989e765ceb418d9b6eb773b5c913fb73274ea6fa813f04ebddd13b0719b211ae8941eb11885f56aff897af93c4c012a2b9e8c4e729afa05359457c97522dbbf77f0c4ad5be3af168635006658db48e621e9bcd453bf0e023a506733c14854b333a659e06c3ccee5ef66093039026175e55687ef1c0090c13ac0084dcdfbf182d9b0df0b7e2a6a48bc423cd2897619ac828edea02ab85f5b78f6bcf59a80f218a5717a906885c199cff060410d57e"}, @ETHTOOL_A_BITSET_MASK={0x66, 0x5, "da25d8208577f6ac00517feb115db072b8a3864a28865e56371ba694a2491f76508c618bb4e63a861756812a0b0731ef4782ae6cf4ecb44fae0f234569df03f57c0930fa0a0b6da4e3590c6de2cc26ad406c590a4e29fc433a13f7bddac07ece35ad"}, @ETHTOOL_A_BITSET_BITS={0x40, 0x3, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '-:+{+\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}]}, @ETHTOOL_A_BITSET_MASK={0xa4, 0x5, "eda0cab012c2c16f724ae4be7951583ab4453cb98d4c6d1b1a9ba33b2f9f22f8c8b218cfb1d6333ead79c00e2adb4b3ad1f2211a6f58806d6c033bdef5f64b23d80122850679c711baad7f8f3393b1af1cb8a28be7ac962692628cef38773a0369a59a23ce3a6220b6eb9a0f37814182b96da01f4c9bb31fb240eeb765c67502206ecb664e63401c238888b6f67706d1bc8a9151863373bdd01dbc4117d4b36d"}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x290, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0xff, 0x4, "c20203dcf0717fc1dc9b6ead48cbcdfa9c7abb6bd71cd48f987cd18f573989033c1759b01a97c7759813e771bd610b0df71d6e442717494a7144d324984b2e70019a89c01dbe672b2111e1cca74665d26dad400a83847451365a9bda62a2278b912cc67cdfa4d87d9ceb19dc738020d426a98ad9b790633dd36920112d2ebc548b0017c9d1981b0c5d4b492960faa5f9cd580099852b39567221d5e535fcce22d7ac3b323c04fca728f9428e4d5dede7e42e39577e9e7aaf031eea3dbd3df0b7f56d2938440f7d519aa7aa1a2138e486a7ffee64e8274531c4ed753315ba7a69dba26772faf8d7fe3635a80c503dade09f5ffdff62eb5889985696"}, @ETHTOOL_A_BITSET_MASK={0x101, 0x5, "ff79aed846acf574b3de63e4b9a597587374bc7f76bba7483bf1a6c8ee5f6f44bcf10bf838a88875d303e9e5d963940a6d06a132c803bc614c639580e1a675edfb12ea4e57115455dee8b67ea4b8113d2848c92c76c9b5541d541cdf9f043f93ec7c75b70358deb5ba6bfdd0f2172b71d5d5ae8c29cd751ea2f62bbeec9535bf72a581c7a02102b5b0a1ab4bd12ea1dc9f48c994c47f47c8b44f7e1d9bc9dcdceb9af77268aa203b82707b99993e55edd24cdb1fdcceacb9ebbbb1019742ac613586730cc3da333c508c065758e02ce794902101f7274d0271dae8c89af9f3b1834b2935da4960a11c6de3a018f5585fd1ed8b4afc1a5d04b0fdb9c6fd"}, @ETHTOOL_A_BITSET_BITS={0x84, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, ':{\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10001}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '@[]\x00'}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '^\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x400}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80000000}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_DEBUG_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}]}]}, 0x6e8}, 0x1, 0x0, 0x0, 0x4000080}, 0x8000) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)) unshare(0x0) read(r1, &(0x7f0000000280)=""/234, 0xea) unshare(0x20020000) unshare(0x13070080) unshare(0x40800) unshare(0x2000000) 17:05:53 executing program 5: r0 = syz_open_dev$vcsa(&(0x7f00000000c0), 0xfffffffffffffffe, 0x400) r1 = openat(r0, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r2, 0x40305839, &(0x7f0000000080)=ANY=[@ANYRESOCT, @ANYRES16=r1, @ANYRESHEX]) write$P9_RREADLINK(r1, &(0x7f0000000000)={0x10, 0x17, 0x0, {0x7, './file1'}}, 0x20000010) 17:05:53 executing program 1: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='ramfs\x00', 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000200)='\x00', 0x4, 0x3, &(0x7f0000000480)=[{&(0x7f0000000240)="162f055ffe906fd4b9ee22ed04c60528c2b6b623e9604407b05ade248fafcd78c4ad58e876df3bbc3b69f395959367182d426c063f3b98a31fceb4a7ae8356417c4bef04291baed1562b438c9165973e80cdb29e4104d0bf0f9070663261829b7b4bb5935440f4e25035ba88e8b09ae832480aee54cb4b91e34578cc32d373fb6a08020d84810499c1933f6b9412", 0x8e, 0x8}, {&(0x7f0000000300)="c8395c920cb1812ac25984d493da29e55426ab7952780e79c30b1624cbcf8c79ae1cb2b2a9ea85a893094c733f13d723911cecfec7407d4e20c9ac8eac547d13409c7e931c4b9177907560b28f56aa3ea65541c84123da1878cc89efdb6c0c04f993addbec9b5e74ea75ce9d13f442060abc8c853b29a841fb6d44826edd8b9843fcdeb9c1051c275de49856b07851592f9f6be22b04c5a78f65498a64de0b0734f5bb1459a88fbd33902b1e45fde607b36005010fdb75011f111d985cb1e01fb60a6263d08ba116b4754bf88ffb", 0xce, 0x1f}, {&(0x7f0000000400)="d300bc929f35d742061869b3996c577e3169af8311efc99ba3c42d9dddb8709735ff19432848da59ca307739149a1215a1e48e84cee6d35588c51291358c19b903bd7d5a285ab435a27a4db1742230ac936976e65f7155a91df4bf313d6124bcad90ef", 0x63, 0x2}], 0x0, &(0x7f0000000500)={[{@dots}, {@dots}, {@fat=@debug}, {@dots}, {@dots}], [{@fsmagic={'fsmagic', 0x3d, 0x9}}, {@uid_eq={'uid', 0x3d, r0}}, {@uid_eq={'uid', 0x3d, r1}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@euid_eq={'euid', 0x3d, r2}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@fsmagic={'fsmagic', 0x3d, 0x80}}, {@obj_role={'obj_role', 0x3d, '(\'-%\''}}, {@seclabel}]}) r3 = inotify_init() inotify_add_watch(r3, &(0x7f0000000080)='./file0\x00', 0xe000006c) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='fd\x00') read$hiddev(r4, &(0x7f0000000000)=""/109, 0x6d) 17:05:53 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) 17:05:53 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2275, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:53 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:05:53 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) [ 525.688825] loop0: detected capacity change from 0 to 40 17:05:53 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) 17:05:53 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2276, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:53 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2279, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:53 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2275, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:53 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:05:53 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) [ 526.009993] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5518 comm=syz-executor.0 17:05:53 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) fork() 17:05:53 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x227a, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 526.013095] loop0: detected capacity change from 0 to 40 17:05:53 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) fork() 17:05:53 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = fork() wait4(r4, 0x0, 0x8, &(0x7f0000002080)) [ 526.100073] cgroup: fork rejected by pids controller in /syz2 17:05:54 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x227b, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:05:54 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) waitid(0x0, r1, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) 17:06:10 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) fork() 17:06:10 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) fork() 17:06:10 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) fork() 17:06:10 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x227c, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:06:10 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) 17:06:10 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) 17:06:10 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) waitid(0x0, r1, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) 17:06:10 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 543.118150] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5666 comm=syz-executor.0 [ 543.131755] loop0: detected capacity change from 0 to 40 17:06:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x227d, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:06:27 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x227e, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:06:27 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) fork() 17:06:27 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:06:27 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) socket$netlink(0x10, 0x3, 0x0) 17:06:27 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) fork() 17:06:27 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) socket$netlink(0x10, 0x3, 0x0) 17:06:27 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) waitid(0x0, r1, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) [ 559.588377] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5802 comm=syz-executor.0 17:06:27 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x227c, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:06:27 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:06:27 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x227f, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 559.714087] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5879 comm=syz-executor.1 [ 559.728070] loop1: detected capacity change from 0 to 40 17:06:27 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) 17:06:27 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:06:27 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) fork() 17:06:27 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2282, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:06:27 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) 17:06:27 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:06:27 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2283, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 560.069569] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5943 comm=syz-executor.0 17:06:27 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) fork() 17:06:27 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) tkill(0x0, 0x9) 17:06:27 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2284, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:06:27 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:06:27 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:06:28 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) waitid(0x0, r1, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) [ 560.287427] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5953 comm=syz-executor.1 17:06:28 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2285, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:06:28 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) waitid(0x0, r1, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) 17:06:44 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:06:44 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) [ 576.982109] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6083 comm=syz-executor.0 17:06:44 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:06:44 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) tkill(0x0, 0x9) 17:06:44 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:06:44 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2286, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:06:44 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) tkill(0x0, 0x9) 17:06:44 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) 17:07:02 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) 17:07:02 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) tkill(0x0, 0x9) 17:07:02 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) tkill(0x0, 0x9) 17:07:02 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) fork() 17:07:02 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) tkill(0x0, 0x9) 17:07:02 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2287, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:07:02 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:07:02 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) socket$netlink(0x10, 0x3, 0x0) [ 594.284108] loop0: detected capacity change from 0 to 40 [ 594.320057] syz-executor.0: attempt to access beyond end of device [ 594.320057] loop0: rw=2049, want=124, limit=40 [ 594.325615] syz-executor.0: attempt to access beyond end of device [ 594.325615] loop0: rw=2049, want=128, limit=40 [ 594.326699] Buffer I/O error on dev loop0, logical block 31, lost async page write 17:07:02 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) 17:07:02 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) tkill(0x0, 0x9) 17:07:02 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2288, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:07:02 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) tkill(0x0, 0x9) 17:07:02 executing program 0: socket$netlink(0x10, 0x3, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:07:02 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) 17:07:02 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = fork() tkill(r0, 0x9) 17:07:02 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x2289, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:07:02 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) 17:07:02 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:07:02 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) tkill(0x0, 0x9) 17:07:02 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = fork() tkill(r0, 0x9) 17:07:02 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x4b47, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:07:02 executing program 0: socket$netlink(0x10, 0x3, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:07:02 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) r0 = fork() tkill(r0, 0x9) 17:07:02 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 594.830204] loop0: detected capacity change from 0 to 40 [ 594.872525] syz-executor.0: attempt to access beyond end of device [ 594.872525] loop0: rw=2049, want=124, limit=40 [ 594.884215] syz-executor.0: attempt to access beyond end of device [ 594.884215] loop0: rw=2049, want=128, limit=40 [ 594.886525] Buffer I/O error on dev loop0, logical block 31, lost async page write 17:07:02 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) waitid(0x0, r1, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) 17:07:02 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = fork() tkill(r0, 0x9) 17:07:02 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x4b49, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:07:02 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) r0 = fork() tkill(r0, 0x9) 17:07:19 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = fork() tkill(r0, 0x9) 17:07:19 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) r0 = fork() tkill(r0, 0x9) 17:07:19 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:07:19 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:07:19 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x5382, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:07:19 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) 17:07:19 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) r0 = fork() tkill(r0, 0x9) 17:07:19 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) [ 611.860326] loop0: detected capacity change from 0 to 40 [ 611.930701] syz-executor.0: attempt to access beyond end of device [ 611.930701] loop0: rw=2049, want=124, limit=40 [ 611.931775] syz-executor.0: attempt to access beyond end of device [ 611.931775] loop0: rw=2049, want=128, limit=40 [ 611.932697] Buffer I/O error on dev loop0, logical block 31, lost async page write 17:07:19 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x5385, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:07:36 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) socket$netlink(0x10, 0x3, 0x0) 17:07:36 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:07:36 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = fork() tkill(r0, 0x9) 17:07:36 executing program 0: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:07:36 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) r0 = fork() tkill(r0, 0x9) 17:07:36 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) r0 = fork() tkill(r0, 0x9) 17:07:36 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) fork() 17:07:36 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x5386, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 628.594526] loop0: detected capacity change from 0 to 40 17:07:36 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x541b, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:07:36 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) r0 = fork() tkill(r0, 0x9) 17:07:36 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:07:36 executing program 0: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:07:36 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x5421, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:07:36 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x9) 17:07:36 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) 17:07:36 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:07:36 executing program 7: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) 17:07:36 executing program 0: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:07:36 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x5450, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 629.052259] loop0: detected capacity change from 0 to 40 17:07:54 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) r0 = fork() tkill(r0, 0x9) 17:07:54 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:07:54 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x5451, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:07:54 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:07:54 executing program 6: clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:07:54 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x9) 17:07:54 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:07:54 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) waitid(0x0, r1, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) [ 646.362878] loop0: detected capacity change from 0 to 40 17:07:54 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:11 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:08:11 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:08:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x5452, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:08:11 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:08:11 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x9) 17:08:11 executing program 5: r0 = fork() tkill(r0, 0x9) 17:08:11 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:11 executing program 6: clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 663.432532] loop0: detected capacity change from 0 to 40 17:08:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x5460, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:08:11 executing program 5: r0 = fork() tkill(r0, 0x9) 17:08:11 executing program 6: clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:11 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:11 executing program 3: r0 = fork() tkill(r0, 0x9) 17:08:11 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:08:11 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) fork() 17:08:11 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x40049409, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 663.781396] loop0: detected capacity change from 0 to 40 17:08:11 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:08:11 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:11 executing program 5: r0 = fork() tkill(r0, 0x9) 17:08:11 executing program 7: clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:11 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) 17:08:11 executing program 3: r0 = fork() tkill(r0, 0x9) 17:08:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x40086602, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:08:11 executing program 7: clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:11 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:11 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 664.213686] cgroup: fork rejected by pids controller in /syz6 17:08:29 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:29 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:29 executing program 3: r0 = fork() tkill(r0, 0x9) 17:08:29 executing program 7: clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:29 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x40087602, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:08:29 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = fork() tkill(r0, 0x9) 17:08:29 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:08:29 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:08:29 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x401c5820, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:08:29 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:29 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:54 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:54 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:54 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:54 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = fork() tkill(r0, 0x9) 17:08:54 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x4020940d, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:08:54 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = fork() tkill(r0, 0x9) 17:08:54 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:08:54 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:08:54 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x80086601, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:08:54 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:08:54 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:11 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:09:11 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x80087601, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:09:11 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:11 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:11 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = fork() tkill(r0, 0x9) 17:09:11 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:09:11 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = fork() tkill(r0, 0x9) [ 723.816963] cgroup: fork rejected by pids controller in /syz7 17:09:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0x801c581f, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:09:11 executing program 1: clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:11 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0045878, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:09:11 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) r0 = fork() tkill(r0, 0x9) 17:09:11 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:11 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = fork() tkill(r0, 0x9) 17:09:11 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0045878, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:09:11 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:09:11 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:11 executing program 1: clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:11 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 724.241855] FAT-fs (loop0): bogus number of reserved sectors [ 724.242427] FAT-fs (loop0): Can't find a valid FAT filesystem 17:09:29 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) r0 = fork() tkill(r0, 0x9) 17:09:29 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:09:29 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:09:29 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0189436, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:09:29 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:29 executing program 1: clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:29 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) r0 = fork() tkill(r0, 0x9) 17:09:29 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 741.611663] FAT-fs (loop0): bogus number of reserved sectors [ 741.613405] FAT-fs (loop0): Can't find a valid FAT filesystem 17:09:29 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc020660b, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:09:29 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:29 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:29 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) r0 = fork() tkill(r0, 0x9) 17:09:29 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) r0 = fork() tkill(r0, 0x9) 17:09:46 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:46 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:46 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) r0 = fork() tkill(r0, 0x9) 17:09:46 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:46 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc048120a, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:09:46 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:09:46 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:09:46 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) r0 = fork() tkill(r0, 0x9) [ 758.784390] FAT-fs (loop0): bogus number of reserved sectors [ 758.785929] FAT-fs (loop0): Can't find a valid FAT filesystem 17:09:46 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481223, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:09:46 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:46 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) r0 = fork() tkill(r0, 0x9) 17:09:46 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) r0 = fork() tkill(r0, 0x9) [ 759.026376] cgroup: fork rejected by pids controller in /syz1 17:09:46 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:46 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:09:46 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481225, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:09:46 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:09:46 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) [ 759.211544] FAT-fs (loop0): bogus number of reserved sectors [ 759.212082] FAT-fs (loop0): Can't find a valid FAT filesystem 17:10:04 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) r0 = fork() tkill(r0, 0x9) 17:10:04 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:10:04 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:10:04 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc048122a, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:10:04 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:10:04 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) r0 = fork() tkill(r0, 0x9) 17:10:04 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:10:04 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 776.527383] audit: type=1326 audit(1643044204.354:12): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8172 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8692deab19 code=0x0 [ 776.528299] FAT-fs (loop0): bogus number of reserved sectors [ 776.529372] FAT-fs (loop0): Can't find a valid FAT filesystem 17:10:04 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc048122b, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:10:04 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:10:04 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x9) 17:10:04 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:10:04 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) r0 = fork() tkill(r0, 0x9) 17:10:04 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:10:04 executing program 2: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r0 = fork() tkill(r0, 0x9) 17:10:04 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc048122d, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:10:04 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 776.737107] FAT-fs (loop0): bogus number of reserved sectors [ 776.737720] FAT-fs (loop0): Can't find a valid FAT filesystem 17:10:19 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:10:19 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:10:19 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x9) 17:10:19 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:10:19 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc048122e, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:10:19 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x9) 17:10:19 executing program 2: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r0 = fork() tkill(r0, 0x9) 17:10:19 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 791.573725] audit: type=1326 audit(1643044219.402:13): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8429 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8692deab19 code=0x0 [ 791.593717] loop0: detected capacity change from 0 to 40 17:10:19 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x9) 17:10:19 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc048122f, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 791.634281] FAT-fs (loop0): bogus number of reserved sectors [ 791.635157] FAT-fs (loop0): Can't find a valid FAT filesystem 17:10:19 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481230, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:10:19 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x9) 17:10:19 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:10:19 executing program 2: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r0 = fork() tkill(r0, 0x9) 17:10:19 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 791.833063] audit: type=1326 audit(1643044219.660:14): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8548 comm="syz-executor.7" exe="/syz-executor.7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee75f4eb19 code=0x0 [ 806.464044] loop0: detected capacity change from 0 to 40 [ 806.469051] FAT-fs (loop0): bogus number of reserved sectors [ 806.469618] FAT-fs (loop0): Can't find a valid FAT filesystem 17:10:34 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x9) 17:10:34 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:10:34 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = fork() tkill(r0, 0x9) 17:10:34 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:10:34 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481258, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:10:34 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:10:34 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:10:34 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 806.503899] audit: type=1326 audit(1643044234.332:15): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8571 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8692deab19 code=0x0 [ 806.519787] audit: type=1326 audit(1643044234.348:16): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8575 comm="syz-executor.7" exe="/syz-executor.7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee75f4eb19 code=0x0 [ 806.551096] audit: type=1326 audit(1643044234.379:17): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8574 comm="syz-executor.5" exe="/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6494b08b19 code=0x0 17:10:34 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481263, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:10:34 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:10:34 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481264, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:10:34 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481269, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:10:34 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:10:34 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = fork() tkill(r0, 0x9) [ 806.739014] loop0: detected capacity change from 0 to 40 17:10:34 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc048126c, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 806.768137] FAT-fs (loop0): bogus number of reserved sectors [ 806.769081] FAT-fs (loop0): Can't find a valid FAT filesystem [ 806.825407] audit: type=1326 audit(1643044234.653:18): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8698 comm="syz-executor.3" exe="/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb2c6e79b19 code=0x0 17:10:34 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:10:51 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:10:51 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = fork() tkill(r0, 0x9) 17:10:51 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:10:51 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc048126f, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:10:51 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:10:51 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(0x0, 0x0) 17:10:51 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 823.758808] loop0: detected capacity change from 0 to 40 [ 823.767436] audit: type=1326 audit(1643044251.596:19): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8715 comm="syz-executor.3" exe="/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb2c6e79b19 code=0x0 [ 823.780335] audit: type=1326 audit(1643044251.608:20): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8722 comm="syz-executor.5" exe="/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6494b08b19 code=0x0 [ 823.788106] audit: type=1326 audit(1643044251.616:21): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8724 comm="syz-executor.7" exe="/syz-executor.7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee75f4eb19 code=0x0 [ 823.792580] FAT-fs (loop0): bogus number of reserved sectors [ 823.793188] FAT-fs (loop0): Can't find a valid FAT filesystem 17:10:51 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = fork() tkill(r0, 0x9) 17:10:51 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481270, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:10:51 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(0x0, 0x0) 17:10:51 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:11:07 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(0x0, 0x0) 17:11:07 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481275, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:11:07 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(0x0, 0x0) 17:11:07 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = fork() tkill(r0, 0x9) 17:11:07 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:11:07 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:11:07 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = fork() tkill(r0, 0x9) 17:11:07 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) [ 839.736953] loop0: detected capacity change from 0 to 40 [ 839.746043] audit: type=1326 audit(1643044267.574:22): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8849 comm="syz-executor.1" exe="/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9fb3b18b19 code=0x0 [ 839.756454] audit: type=1326 audit(1643044267.584:23): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8852 comm="syz-executor.5" exe="/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6494b08b19 code=0x0 [ 839.760264] audit: type=1326 audit(1643044267.588:24): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8854 comm="syz-executor.3" exe="/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb2c6e79b19 code=0x0 [ 839.768357] FAT-fs (loop0): bogus number of reserved sectors [ 839.768964] FAT-fs (loop0): Can't find a valid FAT filesystem 17:11:07 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481278, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:11:07 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(0x0, 0x0) 17:11:07 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = fork() tkill(r0, 0x9) [ 839.882466] audit: type=1326 audit(1643044267.710:25): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8946 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8692deab19 code=0x0 17:11:07 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x102, 0x1, 0x9, 0x2, 0xffe3}) 17:11:07 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:11:07 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(0x0, 0x0) 17:11:07 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 840.067629] loop0: detected capacity change from 0 to 40 [ 840.081460] FAT-fs (loop0): bogus number of reserved sectors [ 840.082284] FAT-fs (loop0): Can't find a valid FAT filesystem 17:11:07 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x110, 0x1, 0x9, 0x2, 0xffe3}) 17:11:08 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x102, 0x1, 0x9, 0x2, 0xffe3}) [ 840.237899] blktrace: Concurrent blktraces are not allowed on sg0 [ 840.250051] blktrace: Concurrent blktraces are not allowed on sg0 17:11:24 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:11:24 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:11:24 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fork() tkill(0x0, 0x9) 17:11:24 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x125, 0x1, 0x9, 0x2, 0xffe3}) 17:11:24 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fork() tkill(0x0, 0x9) 17:11:24 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:11:24 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x102, 0x1, 0x9, 0x2, 0xffe3}) 17:11:24 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 856.965161] audit: type=1326 audit(1643044284.793:26): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9096 comm="syz-executor.1" exe="/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9fb3b18b19 code=0x0 [ 856.972549] blktrace: Concurrent blktraces are not allowed on sg0 [ 856.979354] loop6: detected capacity change from 0 to 40 [ 856.984580] loop0: detected capacity change from 0 to 40 [ 856.986960] blktrace: Concurrent blktraces are not allowed on sg0 [ 857.000166] FAT-fs (loop6): bogus number of reserved sectors [ 857.001873] FAT-fs (loop6): Can't find a valid FAT filesystem [ 857.022314] FAT-fs (loop0): bogus number of reserved sectors [ 857.024002] FAT-fs (loop0): Can't find a valid FAT filesystem 17:11:24 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x102, 0x1, 0x9, 0x2, 0xffe3}) 17:11:24 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x2, 0x9, 0x2, 0xffe3}) [ 857.090850] blktrace: Concurrent blktraces are not allowed on sg0 17:11:24 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fork() tkill(0x0, 0x9) 17:11:24 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fork() tkill(0x0, 0x9) [ 857.128922] blktrace: Concurrent blktraces are not allowed on sg0 17:11:24 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:11:24 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = fork() tkill(r0, 0x9) 17:11:25 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x10, 0x9, 0x2, 0xffe3}) [ 857.225708] audit: type=1326 audit(1643044285.054:27): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9219 comm="syz-executor.7" exe="/syz-executor.7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee75f4eb19 code=0x0 [ 857.255587] blktrace: Concurrent blktraces are not allowed on sg0 17:11:25 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fork() tkill(0x0, 0x9) 17:11:25 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fork() tkill(0x0, 0x9) 17:11:25 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:11:25 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x25, 0x9, 0x2, 0xffe3}) 17:11:25 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) 17:11:25 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) [ 857.596713] blktrace: Concurrent blktraces are not allowed on sg0 17:11:25 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x300, 0x9, 0x2, 0xffe3}) 17:11:25 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:11:25 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:11:25 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) 17:11:25 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:11:25 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:11:25 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 857.829843] blktrace: Concurrent blktraces are not allowed on sg0 [ 857.851974] loop0: detected capacity change from 0 to 40 [ 857.873807] FAT-fs (loop0): bogus number of reserved sectors [ 857.874370] FAT-fs (loop0): Can't find a valid FAT filesystem [ 857.894614] audit: type=1326 audit(1643044285.723:28): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9359 comm="syz-executor.1" exe="/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9fb3b18b19 code=0x0 17:11:25 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x7ffffff2, 0x9, 0x2, 0xffe3}) [ 858.011474] blktrace: Concurrent blktraces are not allowed on sg0 17:11:40 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:11:40 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(0x0, 0x0) 17:11:40 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:11:40 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:11:40 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:11:40 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x7ffffff9, 0x9, 0x2, 0xffe3}) 17:11:40 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:11:40 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 872.539144] loop0: detected capacity change from 0 to 40 [ 872.540395] blktrace: Concurrent blktraces are not allowed on sg0 [ 872.557267] FAT-fs (loop0): bogus number of reserved sectors [ 872.558021] FAT-fs (loop0): Can't find a valid FAT filesystem [ 872.568610] FAT-fs (loop3): bogus number of reserved sectors [ 872.569409] FAT-fs (loop3): Can't find a valid FAT filesystem 17:11:40 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(0x0, 0x0) 17:11:40 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x2, 0x2, 0xffe3}) 17:11:40 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) [ 872.756483] blktrace: Concurrent blktraces are not allowed on sg0 17:11:40 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(0x0, 0x0) 17:11:55 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:11:55 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:11:55 executing program 3: r0 = fork() tkill(r0, 0x9) 17:11:55 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:11:55 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = fork() tkill(r0, 0x9) [ 887.928793] loop0: detected capacity change from 0 to 40 17:11:55 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = fork() tkill(r0, 0x9) 17:11:55 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:11:55 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x3, 0x2, 0xffe3}) [ 887.963506] cgroup: fork rejected by pids controller in /syz5 [ 887.979587] blktrace: Concurrent blktraces are not allowed on sg0 [ 887.987625] FAT-fs (loop0): bogus number of reserved sectors [ 887.988461] FAT-fs (loop0): Can't find a valid FAT filesystem 17:11:55 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x4, 0x2, 0xffe3}) 17:11:55 executing program 3: r0 = fork() tkill(r0, 0x9) 17:11:55 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = fork() tkill(r0, 0x9) [ 888.164653] blktrace: Concurrent blktraces are not allowed on sg0 17:11:56 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:11:56 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:11:56 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:11:56 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 888.282835] loop0: detected capacity change from 0 to 40 [ 888.295001] FAT-fs (loop0): bogus number of reserved sectors [ 888.295408] FAT-fs (loop0): Can't find a valid FAT filesystem 17:12:12 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = fork() tkill(r0, 0x9) 17:12:12 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:12:12 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:12:12 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x5, 0x2, 0xffe3}) 17:12:12 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = fork() tkill(r0, 0x9) 17:12:12 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:12:12 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:12:12 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 904.652694] loop0: detected capacity change from 0 to 40 [ 904.666931] FAT-fs (loop0): bogus number of reserved sectors [ 904.667383] FAT-fs (loop0): Can't find a valid FAT filesystem [ 904.679200] blktrace: Concurrent blktraces are not allowed on sg0 [ 904.680453] audit: type=1326 audit(1643044332.508:29): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10269 comm="syz-executor.2" exe="/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f01a0884b19 code=0x0 17:12:12 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = fork() tkill(r0, 0x9) [ 904.689405] loop7: detected capacity change from 0 to 40 [ 904.720834] FAT-fs (loop7): bogus number of reserved sectors [ 904.721964] FAT-fs (loop7): Can't find a valid FAT filesystem 17:12:29 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:12:29 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) r0 = fork() tkill(r0, 0x9) 17:12:29 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) r0 = fork() tkill(r0, 0x9) 17:12:29 executing program 6: r0 = fork() tkill(r0, 0x9) 17:12:29 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x6, 0x2, 0xffe3}) 17:12:29 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:12:29 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 921.954523] blktrace: Concurrent blktraces are not allowed on sg0 17:12:29 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) [ 921.971413] loop0: detected capacity change from 0 to 40 [ 921.986256] audit: type=1326 audit(1643044349.814:30): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10505 comm="syz-executor.2" exe="/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f01a0884b19 code=0x0 [ 921.991605] FAT-fs (loop0): invalid media value (0x00) [ 921.992130] FAT-fs (loop0): Can't find a valid FAT filesystem [ 922.001813] loop1: detected capacity change from 0 to 40 17:12:29 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x7, 0x2, 0xffe3}) [ 922.079109] blktrace: Concurrent blktraces are not allowed on sg0 17:12:29 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x8, 0x2, 0xffe3}) 17:12:30 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:12:30 executing program 6: r0 = fork() tkill(r0, 0x9) [ 922.229483] blktrace: Concurrent blktraces are not allowed on sg0 17:12:30 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:12:30 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = fork() tkill(r0, 0x9) 17:12:30 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:12:30 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0xa, 0x2, 0xffe3}) [ 922.389068] audit: type=1326 audit(1643044350.217:31): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10831 comm="syz-executor.2" exe="/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f01a0884b19 code=0x0 [ 922.424411] blktrace: Concurrent blktraces are not allowed on sg0 17:12:30 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:12:30 executing program 6: r0 = fork() tkill(r0, 0x9) [ 922.564943] loop0: detected capacity change from 0 to 40 [ 922.587864] FAT-fs (loop0): invalid media value (0x00) [ 922.588479] FAT-fs (loop0): Can't find a valid FAT filesystem 17:12:45 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) tkill(0x0, 0x9) 17:12:45 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:12:45 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:12:45 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:12:45 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) socket$netlink(0x10, 0x3, 0x0) 17:12:45 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0xb, 0x2, 0xffe3}) 17:12:45 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:12:45 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 937.828606] loop6: detected capacity change from 0 to 40 [ 937.834962] loop0: detected capacity change from 0 to 40 [ 937.837435] blktrace: Concurrent blktraces are not allowed on sg0 [ 937.838532] loop7: detected capacity change from 0 to 40 [ 937.850387] FAT-fs (loop0): invalid media value (0x00) [ 937.850805] FAT-fs (loop0): Can't find a valid FAT filesystem [ 937.856761] cgroup: fork rejected by pids controller in /syz3 [ 937.867527] syz-executor.6: attempt to access beyond end of device [ 937.867527] loop6: rw=2049, want=124, limit=40 [ 937.872870] syz-executor.7: attempt to access beyond end of device [ 937.872870] loop7: rw=2049, want=124, limit=40 [ 937.878937] syz-executor.6: attempt to access beyond end of device [ 937.878937] loop6: rw=2049, want=128, limit=40 [ 937.879353] syz-executor.7: attempt to access beyond end of device [ 937.879353] loop7: rw=2049, want=128, limit=40 [ 937.879912] Buffer I/O error on dev loop6, logical block 31, lost async page write [ 937.881311] Buffer I/O error on dev loop7, logical block 31, lost async page write 17:12:45 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0xc, 0x2, 0xffe3}) [ 937.928404] blktrace: Concurrent blktraces are not allowed on sg0 17:12:45 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0xb, 0x2, 0xffe3}) 17:12:45 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0xd, 0x2, 0xffe3}) 17:12:45 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) socket$netlink(0x10, 0x3, 0x0) 17:12:45 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:12:45 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) 17:12:45 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) [ 938.031928] blktrace: Concurrent blktraces are not allowed on sg0 17:12:45 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:12:45 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) tkill(0x0, 0x9) [ 938.047948] loop7: detected capacity change from 0 to 40 [ 938.049544] blktrace: Concurrent blktraces are not allowed on sg0 [ 938.065329] loop0: detected capacity change from 0 to 40 [ 938.076879] syz-executor.7: attempt to access beyond end of device [ 938.076879] loop7: rw=2049, want=124, limit=40 [ 938.081206] FAT-fs (loop0): invalid media value (0x00) [ 938.081579] FAT-fs (loop0): Can't find a valid FAT filesystem [ 938.084249] syz-executor.7: attempt to access beyond end of device [ 938.084249] loop7: rw=2049, want=128, limit=40 [ 938.085007] Buffer I/O error on dev loop7, logical block 31, lost async page write 17:12:45 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 938.176496] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11538 comm=syz-executor.6 17:12:59 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:12:59 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0xe, 0x2, 0xffe3}) 17:12:59 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:12:59 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:12:59 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:12:59 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:12:59 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r2 = fork() tkill(r2, 0x9) waitid(0x0, r2, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) readahead(r1, 0x100000001, 0xff) socket$netlink(0x10, 0x3, 0x0) 17:12:59 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10008011}, 0x20004000) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 951.710033] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11714 comm=syz-executor.5 [ 951.742683] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11715 comm=syz-executor.6 [ 951.745143] blktrace: Concurrent blktraces are not allowed on sg0 [ 951.748703] loop6: detected capacity change from 0 to 40 [ 951.757554] loop7: detected capacity change from 0 to 40 [ 951.787764] loop0: detected capacity change from 0 to 40 [ 951.843329] FAT-fs (loop0): invalid media value (0x00) [ 951.844294] FAT-fs (loop0): Can't find a valid FAT filesystem 17:12:59 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x10, 0x2, 0xffe3}) 17:12:59 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) waitid(0x0, r1, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) [ 952.096623] blktrace: Concurrent blktraces are not allowed on sg0 17:12:59 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 952.180620] loop7: detected capacity change from 0 to 40 17:13:00 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:13:17 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 969.744236] loop6: detected capacity change from 0 to 40 [ 969.755469] FAULT_INJECTION: forcing a failure. [ 969.755469] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 969.756289] CPU: 0 PID: 12252 Comm: syz-executor.5 Not tainted 5.17.0-rc1-next-20220124 #1 [ 969.756871] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 969.757643] Call Trace: [ 969.757820] [ 969.757988] dump_stack_lvl+0x8b/0xb3 [ 969.758264] should_fail.cold+0x5/0xa [ 969.758535] _copy_from_user+0x2e/0x170 [ 969.758815] copy_clone_args_from_user+0x147/0x780 [ 969.759161] ? lock_is_held_type+0xd7/0x130 [ 969.759464] ? sighand_ctor+0x40/0x40 [ 969.759732] ? lock_release+0x3b2/0x6f0 [ 969.760150] ? ksys_write+0x212/0x250 [ 969.760427] ? lock_downgrade+0x6d0/0x6d0 [ 969.760727] ? lock_is_held_type+0xd7/0x130 [ 969.761054] __do_sys_clone3+0x9d/0x2e0 [ 969.761368] ? __ia32_sys_clone+0x150/0x150 [ 969.761685] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 969.762087] ? __seccomp_filter+0x5ab/0xff0 [ 969.762397] ? wait_for_completion_io+0x270/0x270 [ 969.762752] ? lock_is_held_type+0xd7/0x130 [ 969.763070] ? seccomp_notify_ioctl+0xdc0/0xdc0 [ 969.763413] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 969.763808] ? fput+0x2a/0x50 [ 969.764054] ? __secure_computing+0xb4/0x290 [ 969.764380] do_syscall_64+0x3b/0x90 [ 969.764655] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 969.765041] RIP: 0033:0x7f6494b08b19 [ 969.765324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 969.766612] RSP: 002b:00007f649207e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 969.767162] RAX: ffffffffffffffda RBX: 00007f6494c1bf60 RCX: 00007f6494b08b19 [ 969.767665] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 969.768175] RBP: 00007f649207e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 969.768677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 969.769181] R13: 00007fff47e2dd1f R14: 00007f649207e300 R15: 0000000000022000 [ 969.769718] [ 969.777352] loop7: detected capacity change from 0 to 40 [ 969.786279] loop0: detected capacity change from 0 to 40 [ 969.789390] blktrace: Concurrent blktraces are not allowed on sg0 17:13:17 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x11, 0x2, 0xffe3}) 17:13:17 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:13:17 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) waitid(0x0, r1, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) 17:13:17 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:13:17 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:13:17 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 1) 17:13:17 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 969.793243] FAT-fs (loop6): invalid media value (0x00) [ 969.793665] FAT-fs (loop6): Can't find a valid FAT filesystem [ 969.799105] FAT-fs (loop0): invalid media value (0x00) [ 969.799605] FAT-fs (loop0): Can't find a valid FAT filesystem 17:13:17 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:13:17 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x12, 0x2, 0xffe3}) 17:13:17 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 2) [ 969.910081] blktrace: Concurrent blktraces are not allowed on sg0 [ 969.930406] loop7: detected capacity change from 0 to 40 [ 969.947862] FAULT_INJECTION: forcing a failure. [ 969.947862] name failslab, interval 1, probability 0, space 0, times 1 [ 969.948905] CPU: 0 PID: 12571 Comm: syz-executor.5 Not tainted 5.17.0-rc1-next-20220124 #1 [ 969.949507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 969.950278] Call Trace: [ 969.950461] [ 969.950623] dump_stack_lvl+0x8b/0xb3 [ 969.950913] should_fail.cold+0x5/0xa [ 969.951183] ? copy_process+0x2f73/0x6cb0 [ 969.951481] should_failslab+0x5/0x10 [ 969.951746] kmem_cache_alloc_node+0x55/0x490 [ 969.952072] copy_process+0x2f73/0x6cb0 [ 969.952369] ? lock_is_held_type+0xd7/0x130 [ 969.952679] ? find_held_lock+0x2c/0x110 [ 969.952974] ? lock_release+0x3b2/0x6f0 [ 969.953256] ? __might_fault+0xd1/0x170 [ 969.953563] ? __cleanup_sighand+0xb0/0xb0 [ 969.953877] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 969.954275] ? _copy_from_user+0x139/0x170 [ 969.954582] ? kernel_clone+0x2f8/0xa60 [ 969.954869] kernel_clone+0xe7/0xa60 [ 969.955135] ? lock_is_held_type+0xd7/0x130 [ 969.955451] ? create_io_thread+0xf0/0xf0 [ 969.955753] ? lock_is_held_type+0xd7/0x130 [ 969.956065] __do_sys_clone3+0x1dd/0x2e0 [ 969.956353] ? __ia32_sys_clone+0x150/0x150 [ 969.956673] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 969.957051] ? fput+0x2a/0x50 [ 969.957292] ? __secure_computing+0xb4/0x290 [ 969.957625] do_syscall_64+0x3b/0x90 [ 969.957890] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 969.958265] RIP: 0033:0x7f6494b08b19 [ 969.958523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 969.959782] RSP: 002b:00007f649207e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 969.960322] RAX: ffffffffffffffda RBX: 00007f6494c1bf60 RCX: 00007f6494b08b19 [ 969.960830] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 969.961346] RBP: 00007f649207e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 969.961846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 969.962358] R13: 00007fff47e2dd1f R14: 00007f649207e300 R15: 0000000000022000 [ 969.962876] 17:13:17 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:13:17 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x3, 0xffe3}) 17:13:17 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:13:17 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:13:17 executing program 1: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) waitid(0x0, r1, &(0x7f00000000c0), 0x1, &(0x7f0000000140)) [ 970.027225] blktrace: Concurrent blktraces are not allowed on sg0 [ 970.055248] loop7: detected capacity change from 0 to 40 17:13:17 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) (fail_nth: 1) 17:13:17 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 3) 17:13:17 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 970.084029] FAULT_INJECTION: forcing a failure. [ 970.084029] name failslab, interval 1, probability 0, space 0, times 0 [ 970.084898] CPU: 0 PID: 12589 Comm: syz-executor.5 Not tainted 5.17.0-rc1-next-20220124 #1 [ 970.085494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 970.086269] Call Trace: [ 970.086456] [ 970.086621] dump_stack_lvl+0x8b/0xb3 [ 970.086908] should_fail.cold+0x5/0xa [ 970.087185] ? create_object.isra.0+0x3a/0xa20 [ 970.087526] should_failslab+0x5/0x10 [ 970.087799] kmem_cache_alloc+0x5b/0x480 [ 970.088096] create_object.isra.0+0x3a/0xa20 [ 970.088429] ? kasan_unpoison+0x23/0x50 [ 970.088724] kmem_cache_alloc_node+0x248/0x490 [ 970.089065] copy_process+0x2f73/0x6cb0 [ 970.089374] ? lock_is_held_type+0xd7/0x130 [ 970.089690] ? find_held_lock+0x2c/0x110 [ 970.089986] ? lock_release+0x3b2/0x6f0 [ 970.090276] ? __might_fault+0xd1/0x170 [ 970.090580] ? __cleanup_sighand+0xb0/0xb0 [ 970.090892] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 970.091293] ? _copy_from_user+0x139/0x170 [ 970.091612] ? kernel_clone+0x2f8/0xa60 [ 970.091915] kernel_clone+0xe7/0xa60 [ 970.092192] ? lock_is_held_type+0xd7/0x130 [ 970.092511] ? create_io_thread+0xf0/0xf0 [ 970.092830] ? lock_is_held_type+0xd7/0x130 [ 970.093155] __do_sys_clone3+0x1dd/0x2e0 [ 970.093463] ? __ia32_sys_clone+0x150/0x150 [ 970.093796] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 970.094195] ? fput+0x2a/0x50 [ 970.094437] ? __secure_computing+0xb4/0x290 [ 970.094759] do_syscall_64+0x3b/0x90 [ 970.095035] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 970.095415] RIP: 0033:0x7f6494b08b19 [ 970.095682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 970.096967] RSP: 002b:00007f649207e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 970.097535] RAX: ffffffffffffffda RBX: 00007f6494c1bf60 RCX: 00007f6494b08b19 [ 970.098017] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 970.098524] RBP: 00007f649207e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 970.099045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 970.099556] R13: 00007fff47e2dd1f R14: 00007f649207e300 R15: 0000000000022000 [ 970.100074] [ 970.101425] loop0: detected capacity change from 0 to 40 [ 970.115306] FAT-fs (loop0): bogus number of FAT sectors [ 970.115724] FAT-fs (loop0): Can't find a valid FAT filesystem 17:13:35 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) 17:13:35 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x10, 0xffe3}) 17:13:35 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:13:35 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 1) 17:13:35 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) (fail_nth: 1) 17:13:35 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:13:35 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 4) 17:13:35 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 987.239431] loop7: detected capacity change from 0 to 40 [ 987.243178] FAULT_INJECTION: forcing a failure. [ 987.243178] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 987.244675] CPU: 1 PID: 13012 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 987.245774] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 987.246214] FAULT_INJECTION: forcing a failure. [ 987.246214] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 987.247709] Call Trace: [ 987.247722] [ 987.247733] dump_stack_lvl+0x8b/0xb3 [ 987.247776] should_fail.cold+0x5/0xa [ 987.251149] _copy_from_user+0x2e/0x170 [ 987.251666] copy_clone_args_from_user+0x147/0x780 [ 987.252537] ? lock_is_held_type+0xd7/0x130 [ 987.253094] ? sighand_ctor+0x40/0x40 [ 987.253786] ? lock_release+0x3b2/0x6f0 [ 987.254289] ? ksys_write+0x212/0x250 [ 987.254924] ? lock_downgrade+0x6d0/0x6d0 [ 987.255443] ? lock_is_held_type+0xd7/0x130 [ 987.256045] __do_sys_clone3+0x9d/0x2e0 [ 987.256762] ? __ia32_sys_clone+0x150/0x150 [ 987.257323] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 987.258313] ? __seccomp_filter+0x5ab/0xff0 [ 987.258960] ? wait_for_completion_io+0x270/0x270 [ 987.259606] ? lock_is_held_type+0xd7/0x130 [ 987.260171] ? seccomp_notify_ioctl+0xdc0/0xdc0 [ 987.260748] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 987.261417] ? fput+0x2a/0x50 [ 987.261852] ? __secure_computing+0xb4/0x290 [ 987.262428] do_syscall_64+0x3b/0x90 [ 987.262920] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 987.263594] RIP: 0033:0x7f9fb3b18b19 [ 987.264073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.266311] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 987.267325] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 987.268347] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 987.269354] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 987.270383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 987.271409] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 987.272436] [ 987.272792] CPU: 0 PID: 13015 Comm: syz-executor.5 Not tainted 5.17.0-rc1-next-20220124 #1 [ 987.274214] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 987.274331] loop0: detected capacity change from 0 to 40 [ 987.276082] Call Trace: [ 987.276094] [ 987.276107] dump_stack_lvl+0x8b/0xb3 [ 987.278333] should_fail.cold+0x5/0xa [ 987.279020] prepare_alloc_pages+0x17b/0x500 [ 987.279778] blktrace: Concurrent blktraces are not allowed on sg0 [ 987.279786] ? find_held_lock+0x2c/0x110 [ 987.281279] __alloc_pages+0x131/0x4e0 [ 987.281989] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 987.283043] ? rcu_read_lock_sched_held+0x3a/0x70 [ 987.283786] ? kmem_cache_alloc_node+0x344/0x490 [ 987.284395] copy_process+0x617/0x6cb0 [ 987.284968] ? lock_is_held_type+0xd7/0x130 [ 987.285584] ? find_held_lock+0x2c/0x110 [ 987.286201] ? lock_release+0x3b2/0x6f0 [ 987.286768] ? __might_fault+0xd1/0x170 [ 987.287375] ? __cleanup_sighand+0xb0/0xb0 [ 987.288005] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 987.288768] ? _copy_from_user+0x139/0x170 [ 987.289379] ? kernel_clone+0x2f8/0xa60 [ 987.289966] kernel_clone+0xe7/0xa60 [ 987.290513] ? lock_is_held_type+0xd7/0x130 [ 987.291134] ? create_io_thread+0xf0/0xf0 [ 987.291734] ? lock_is_held_type+0xd7/0x130 [ 987.292364] __do_sys_clone3+0x1dd/0x2e0 [ 987.292963] ? __ia32_sys_clone+0x150/0x150 [ 987.293595] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 987.294379] ? fput+0x2a/0x50 [ 987.294856] ? __secure_computing+0xb4/0x290 [ 987.295488] do_syscall_64+0x3b/0x90 [ 987.296084] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 987.296977] RIP: 0033:0x7f6494b08b19 [ 987.297538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.300051] RSP: 002b:00007f649207e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 987.300997] RAX: ffffffffffffffda RBX: 00007f6494c1bf60 RCX: 00007f6494b08b19 [ 987.301853] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 987.302682] RBP: 00007f649207e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 987.303524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 987.304376] R13: 00007fff47e2dd1f R14: 00007f649207e300 R15: 0000000000022000 [ 987.305288] [ 987.310282] FAT-fs (loop0): bogus number of FAT sectors [ 987.311360] FAT-fs (loop0): Can't find a valid FAT filesystem 17:13:35 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x4aa002) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:13:35 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 5) 17:13:35 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:13:35 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 2) 17:13:35 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = epoll_create(0x4) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000300)={0x0, 0xfffffffffffffffd, 0xa7, 0xfb, @buffer={0x0, 0xe7, &(0x7f0000000080)=""/231}, &(0x7f0000000180)="3f654effdad73231048d70aa90ed7e8155dcc5416be9ef4c01f9e037b851d848831608f3bfabc322a62da67d1b112f86f9c94e1b86c0c2202c7132144fb0edaf1abb1da0a857446b05e3534d3231400385f7f5a390ef3b13d8dd739bae665123550468a0ad61600633221ebc1f13dbb98b60e717e641cab77580621b3e2a139d5b9c57a67b215ee0a1e156dfa8ad495f9c00faa67c9b7275402ab726fe8417fb86a88b47631610", &(0x7f0000000240)=""/70, 0x3, 0x21, 0x3, &(0x7f00000002c0)}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 987.746896] FAULT_INJECTION: forcing a failure. [ 987.746896] name failslab, interval 1, probability 0, space 0, times 0 [ 987.751918] CPU: 0 PID: 13325 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 987.753770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 987.762102] Call Trace: [ 987.762515] [ 987.762874] dump_stack_lvl+0x8b/0xb3 [ 987.763495] should_fail.cold+0x5/0xa [ 987.764099] ? copy_process+0x2f73/0x6cb0 [ 987.764761] should_failslab+0x5/0x10 [ 987.765351] kmem_cache_alloc_node+0x55/0x490 [ 987.766121] copy_process+0x2f73/0x6cb0 [ 987.766764] ? lock_is_held_type+0xd7/0x130 [ 987.767444] ? find_held_lock+0x2c/0x110 [ 987.768086] ? lock_release+0x3b2/0x6f0 [ 987.768713] ? __might_fault+0xd1/0x170 [ 987.769360] ? __cleanup_sighand+0xb0/0xb0 [ 987.770105] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 987.770942] ? _copy_from_user+0x139/0x170 [ 987.771605] ? kernel_clone+0x2f8/0xa60 [ 987.772241] kernel_clone+0xe7/0xa60 [ 987.772835] ? lock_is_held_type+0xd7/0x130 [ 987.773510] ? create_io_thread+0xf0/0xf0 [ 987.774244] ? lock_is_held_type+0xd7/0x130 [ 987.774937] __do_sys_clone3+0x1dd/0x2e0 [ 987.775591] ? __ia32_sys_clone+0x150/0x150 [ 987.776305] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 987.777146] ? fput+0x2a/0x50 [ 987.777703] ? __secure_computing+0xb4/0x290 [ 987.778426] do_syscall_64+0x3b/0x90 [ 987.779008] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 987.779815] RIP: 0033:0x7f9fb3b18b19 [ 987.780392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.783094] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 987.784217] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 987.785226] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 987.786252] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 987.787245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 987.788254] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 987.789301] 17:13:35 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) 17:13:35 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f00000000c0)) r2 = fork() r3 = fork() tkill(r3, 0x9) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000040)=0x0) r5 = socket$netlink(0x10, 0x3, 0xa) r6 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r6, 0x801c581f, 0x0) kcmp$KCMP_EPOLL_TFD(r4, r3, 0x7, r5, &(0x7f0000000140)={r0, r6, 0x4}) tkill(r3, 0x2) tkill(r2, 0x0) [ 987.934547] blktrace: Concurrent blktraces are not allowed on sg0 17:13:35 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:13:35 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:13:35 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 3) [ 988.142865] loop7: detected capacity change from 0 to 40 17:13:35 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:13:36 executing program 4: r0 = fork() lstat(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) r2 = getgid() setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000500)={r0, r1, r2}, 0xc) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffc, 0xaa, 0x3, @scatter={0x2, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)=""/204, 0xcc}, {&(0x7f0000001040)=""/4096, 0x1000}]}, &(0x7f00000001c0)="fa0c1abed8fa9b6db86dbed24b614426fcabdb2c9ec0e1425843090b645177e14b4c790dad31bf9f4144e71ed70dfb6f48787160deac7721d4c54acd83e2d0cbba3f1919a2ec7e1e9b90fb413000039a12d4f4638a07c8759174c1c4c256736435d897048f0cb651be408b8af354d7068cc10822efe06d32e4be3e5db1696552131f02e6e2deac0c32999a8b022a7f806c0d52993f305edb39d98a7d9cc52e5c6c65ddb64275d0be03db", &(0x7f0000000280)=""/235, 0xefb, 0x25, 0x1, &(0x7f0000000380)}) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 988.204528] loop0: detected capacity change from 0 to 40 [ 988.247225] FAULT_INJECTION: forcing a failure. [ 988.247225] name failslab, interval 1, probability 0, space 0, times 0 [ 988.251304] CPU: 0 PID: 13691 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 988.258138] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 988.262201] Call Trace: [ 988.262968] [ 988.263612] dump_stack_lvl+0x8b/0xb3 [ 988.264722] should_fail.cold+0x5/0xa [ 988.265898] ? create_object.isra.0+0x3a/0xa20 [ 988.266127] FAT-fs (loop0): bogus number of FAT sectors [ 988.267642] should_failslab+0x5/0x10 [ 988.267689] kmem_cache_alloc+0x5b/0x480 [ 988.267726] create_object.isra.0+0x3a/0xa20 [ 988.268659] FAT-fs (loop0): Can't find a valid FAT filesystem [ 988.269985] ? kasan_unpoison+0x23/0x50 [ 988.270040] kmem_cache_alloc_node+0x248/0x490 [ 988.277473] copy_process+0x2f73/0x6cb0 [ 988.278844] ? lock_is_held_type+0xd7/0x130 [ 988.280354] ? find_held_lock+0x2c/0x110 [ 988.281867] ? lock_release+0x3b2/0x6f0 [ 988.283359] ? __might_fault+0xd1/0x170 [ 988.284833] ? __cleanup_sighand+0xb0/0xb0 [ 988.286408] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 988.288349] ? _copy_from_user+0x139/0x170 [ 988.289924] ? kernel_clone+0x2f8/0xa60 [ 988.291313] kernel_clone+0xe7/0xa60 [ 988.292625] ? lock_is_held_type+0xd7/0x130 [ 988.294150] ? create_io_thread+0xf0/0xf0 [ 988.295573] ? lock_is_held_type+0xd7/0x130 [ 988.297059] __do_sys_clone3+0x1dd/0x2e0 [ 988.298473] ? __ia32_sys_clone+0x150/0x150 [ 988.300018] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 988.301971] ? fput+0x2a/0x50 [ 988.303045] ? __secure_computing+0xb4/0x290 [ 988.304555] do_syscall_64+0x3b/0x90 [ 988.305959] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 988.307726] RIP: 0033:0x7f9fb3b18b19 [ 988.309015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 988.315507] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 988.318034] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 988.320403] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 988.322926] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 988.325361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 988.327743] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 988.330255] [ 988.395661] blktrace: Concurrent blktraces are not allowed on sg0 [ 988.448115] blktrace: Concurrent blktraces are not allowed on sg0 17:13:52 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:13:52 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:13:52 executing program 4: fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)={0x0, 0xfb, 0xf6, 0x5, 0xa1, "400147fe4daa255a602a30b89b2309ec", "c9d2b026f21835a03f27965577f873d8695dc55b5b90f06b73bbea54ccd8e149d5868a790f88b148fa3bff5ad9fcc32928a4db7ec300d568f14cec681dbe3766449e2521ad0282a0e57d0cc8c8715ef18d8ce63e7732c1d2084d0431dcd05ff014efd3cb473b4d85d0c402cbb773927870d362b23e44ccdd599066892f35b715c744f2050712fd5ff647a401ede926e2813f1eae04fb2cdb76c685aa085bbdc649aa9be9d9976e2017be146a9575785dac9bb510b0ed7c51c16d06ffacbf848948b5e65424ecd5952b3edc9667319057762b3f1d6038a0f73e0f504ce1ff12c08f"}, 0xf6, 0x1) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x64200) r1 = fsmount(0xffffffffffffffff, 0x0, 0x87) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000200)={0xb6, 0x1f, 0x5d, "cad9159692f62950b89c123cd6d5d4ec26e4372295244b94ac9382080844eefb6d1ae854d73f7eab6f5cd9df9b5bd578299410ed80941b45e16f58206257b049cd4486b7fa5731e2f78482a2239149134ffdc7f2e36eec1227476064050103eff9b5d24b2dc44f01783ae99672f7adb8e4dece49bd95a77d7e639942b4f13ed5e69e3c8db0c3b5477adef92cfd88d59ca982eccd00151f7204a29eaff4919916527280693b2d9fb9a036820d599c011d1d2ff49f73b8"}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000080)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000000300)={{0x1, 0x1, 0x18, r1, {r1}}, './file0\x00'}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000340)={0x8}) 17:13:52 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:13:52 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x1}, {0x0, 0x3, 0x40, 0xf8e}]}) r0 = fork() tkill(r0, 0x0) 17:13:52 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x8, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:13:52 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 4) 17:13:52 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x3}, {0x1, 0x7f, 0xfa, 0x8000}]}) r0 = fork() ptrace$peekuser(0x3, r0, 0xd1) tkill(r0, 0x0) [ 1004.217409] loop0: detected capacity change from 0 to 40 [ 1004.255041] FAULT_INJECTION: forcing a failure. [ 1004.255041] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1004.256715] CPU: 0 PID: 13780 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1004.257931] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1004.259316] Call Trace: [ 1004.259645] [ 1004.259936] dump_stack_lvl+0x8b/0xb3 [ 1004.260435] should_fail.cold+0x5/0xa [ 1004.260929] prepare_alloc_pages+0x17b/0x500 [ 1004.261490] ? find_held_lock+0x2c/0x110 [ 1004.262023] __alloc_pages+0x131/0x4e0 [ 1004.262521] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1004.263313] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1004.263917] ? kmem_cache_alloc_node+0x344/0x490 [ 1004.264526] copy_process+0x617/0x6cb0 [ 1004.265033] ? lock_is_held_type+0xd7/0x130 [ 1004.265591] ? find_held_lock+0x2c/0x110 [ 1004.266142] ? lock_release+0x3b2/0x6f0 [ 1004.266650] ? __might_fault+0xd1/0x170 [ 1004.267186] ? __cleanup_sighand+0xb0/0xb0 [ 1004.267742] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1004.268433] ? _copy_from_user+0x139/0x170 [ 1004.268979] ? kernel_clone+0x2f8/0xa60 [ 1004.269492] kernel_clone+0xe7/0xa60 [ 1004.269997] ? lock_is_held_type+0xd7/0x130 [ 1004.270557] ? create_io_thread+0xf0/0xf0 [ 1004.271110] ? lock_is_held_type+0xd7/0x130 [ 1004.271672] __do_sys_clone3+0x1dd/0x2e0 [ 1004.272203] ? __ia32_sys_clone+0x150/0x150 [ 1004.272786] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1004.273468] ? fput+0x2a/0x50 [ 1004.273895] ? __secure_computing+0xb4/0x290 [ 1004.274482] do_syscall_64+0x3b/0x90 [ 1004.274972] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1004.275621] RIP: 0033:0x7f9fb3b18b19 [ 1004.276093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1004.278318] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1004.279256] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1004.280130] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1004.280999] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1004.281870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1004.282789] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1004.283672] 17:13:52 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:13:52 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1004.413074] loop0: detected capacity change from 0 to 40 17:14:09 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x11, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:14:09 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:14:09 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0xffff, 0x0, 0x0, 0x6}]}) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0x1d, 0x5, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed5028a3d5c028f7b69f143afd05a4631a6ac553f096dd6e8a33af79500", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4b0680996102355937587a7b5f223600ad00815e00", [0x1a5, 0x1]}) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in={{0x2, 0x4a21, @empty}}, 0x0, 0x0, 0x50, 0x0, "846375f8ab1ced61b53dc9711449c64e51e4599c0d2b1ac87a01c0b836c14e85faf67235b08a86f6774bf1b1409a4e415e71dbde1b2e3a21a27bc50c83042e22d1406e8b61cac36adcea9336a1039345"}, 0xd8) r2 = fork() tkill(r2, 0x0) 17:14:09 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:14:09 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = accept4$unix(0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000001680)=0x6e, 0x80000) recvmsg$unix(r1, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000001880)=""/243, 0xf3}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/241, 0xf1}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001b80)=ANY=[@ANYBLOB="0996d25d500000c96a5b1aa26ac8af3bee172c3a000100fff8010100000000", @ANYRESHEX, @ANYRES32, @ANYRES32, @ANYBLOB="8305c5957ea9ea1a2bd0bd2bf6c7a323e2b5c481622088fe25c612afe50d8271b8bf1f95895ba493351112982be00d56c000c96e14a3ff245b5ba0c0054a532391498b03fda206fcfd9e77beda0e8908c181c2c8840e3c1ee555c006021a608f0dda138ef247d053f1e9eb2d6e79c83ee52baf24259d17879aa1cc6dd35f9893f24ac47eb6e8baeed24645d5c0be2166fc3120d6ab61ad3b6571244d937af97407d82174c81d660c75f81c666b337b5f3ef626cfd9251a56dd2f27913f4f5bf53b9e28f29eafda4096972918cc8176d48fc649e7e89465893eef0d15d84e35d99f1e69166fd685a73a18250bc4e09ba7f31744986763d0e013bc676c858cf6c1e26cc7326e302a93d011292be15d53dc30518f39837a2a75f4503a27f6813081d27e6bcddbd000fdaf4e56ce72db8b31a793abe6bcf03559e3987a1706d4145beb0dfb8274576e6fb83bc046fd578f1d22f6406bf51902b8e160bcb0d555df2b01588baefd68c10197f20523ed2a306cd68ea095ee36c4c7f7e44dcb20b07acd459589a0608a9525a4e5b3a9e8abf1ff80464a60bb5df2fd161f74e64da737120837693104b37d98a151d2d4e5734be5706991a3c78de7ffc6222fce9ce281ba55555b45cd5f42d9f53ea5fa35edaa91a75e6d3284c3cf3826eb3970bd6548bbce644e496595c99bd37b18094a62cdb2976533b86370a34c29d5ea4f07655ceaceb65853eb37eec6443601216b75dfd9cdccecaa17958a6382991a1cc841eb90bc27db17c7fde333ad03ae1771dff0028a1ef4d3575b76a9f9f0c1753edfbd62396d267f61ed94cbe5149803d0ef7f608d7a355a01c9944354bd0e8f5ad81d1223e88cbf15e0332e899f8cb2787879c1e1c5daedce8667e6c7aaa2ea30709be82bf6242af192caf9d8097d79ac2e063ace0f049d4460aff18144a6b8f33cce82490c494703c15af09b8ddd4ff5d7aff993ca00ee3f41d262ed6157d5ee460359bf84f784ea98e1d9e9b2509e48652167e5057a81e3e5e6dc7ac1ac7959ce809cdb6cdc241b3fb1a27e6cc1fa2edfcc45ecee3bfaab13d12f0df7c9ac8444d6d48bb8dafcd6c97d1844463b568282c49be0f5863178058dccf56bc74071c66a1b78f5be8a5af1d521faabb1e79e3e167a57060ec4ab2d862222bb188666a6b88f20f43564a9dd02b0c11efc8655da87b0797d058de332cda7884c801d8fc7b161cd54aca48b2b5c65547de8efecaeb44e64b22110394056287fc3c68333a8f94b3f4c92b5bece8416351d7814c5bca2437cd7dce01a26ecad925321834dc189f248c99178f4b3cf672c418aa310835af07989783f6005793c51583eb2a5d402b0521e79fd5601436a55f38545001fb2dae85f19e5baae5fd8bd367e714fc33366fd6ea5db0b780b8ac22d6a95244bcd01e225cc97820e3cc7c1f3520fa166f1d57c562040ae28ac7281e0ccaf20d029473d1c5ba189bdc9443b7415d838043d1af03c3b5491bbde820a9b65fd2e1b571279e628434e2929fb0d341c6f4de7f9e4dfa550745a75c8599d3bc463e833594ff553ac98d54d2a2c86ac6d03ecb2c45667d1d1f0c4d1f812de896deb926fa17e2eb9ffc33a168fdefe6f9ab030d73f717540c9e90d1c73032b2ddb376223aa846a3420ea1134787d06f793b7f4831fdbb0a2563dcdaef2d1c12a57f272cd22166d7e24924188f624243ad1e57c2d967dd805488d20943402dbdd0ab62a1e96e3752c0c4884bee80a14f7deb6b59b08ded00c890a7884a838e23ab02b9f55fd0175010cea3cba698cce69e65ed1f2cd160d2c6dcf58dcffd7559e4348e65060849f7c446082818b9ad4d8b5baf52329e8cb34a046396a97b2f68b135d3d5a6b221f6bbd1e3977985843b715bfcbaeb7327e550a4482ffcba867cf2e4b4e192ce6d31aa0fb872ca4d65166e849a7bf08e407d04f836153656e72c102f086b04da54bed0349f5529eee7ea5cadeb2fd8a1974ed445ab510378a8aaf5638ef4752967784047516933e96bf44b442de1ab3cb789f99c9c813e53a9b027de9917b349858b63039709b567a1d4248e6ba232eef6b1922afbe9eed4aa10c29bd94317cfa2ffa1582ce77bcb3c6a2613e5f246ad63008e2ca1708d41d288c0ca37357df84b5aceca33164313a8c04befdec294845cb0679019d0c2295ce590df6e22be346a0856ccdd5d21951309451e81de801b2a3197a9a61c5ebe08d5a1eb5daa8fe1147e51a5bf4994355e974fd622070c06891c447c99645025a86ae4c390a98b09a584aed8d53bec78c9cbadecfb240eea93cf35b4e24349f25b61d150819d00645016371d9402b97a1e388993bf4c3cb3ee186429405d4d4a989e4a2f8fa090f03ff9c309283df0b45bea71fa31fe92b313cc7f85feadfeddcd183a79c76376aa91e25386f16f2406be70906699b56d19b6a29a7f50b68ae34048b2ddb565ba25da96bdd5dc54e7decba3bbd5a95d3a2f13bf9e3229f417be8e1a1dac3620aa9d40b50f3f3fe8f86db14bb440127923390260ceaba522435f365e3f730cb0f40b5c3ef99bb8a933046d09f3e892478a8bb4ce8138d6209d5f52f3b4a7b06b3cc77deb061ff5849cfffd86c10d351e286ce1dd1f092df9dd22690999f9db81e72356a9eaf838400d2d0c46c0d1d2cd8afbdc7c51a456a53961d2bdf03c42013c58e268053ddd0afce73fe6cd80a2c42b9d179a2a9ab44d8dd8d2df7e5d79660e6eaa99ea47b0c9d2d17609fa46ea7b13c8e590ae1b2924f887314edf36ebd4ccffe4cddc3808b8fb53e42bacc4e5c7e1c72796ea89ac27c61b32ceafa8c1ae8fb1c896e739d47a9572cdace6ae0d8e174164aedc5936dfdd8089b1073aca1e86a1a753f6efab6ded73a2c95e4b8de16d52274a41abb07e3c922de92a4d57c5b2a8b4657455a56a89f5335adcab153fafeaccfe69f585978ded153f95dd2bba073d7b6626be1041ebd9b979079aaa07189fc80c17b78082d67f88ce510842b31663c7b0a7422f611d75e2b4e978cc601643d3ce39f4d8fa696a12ad162ef480f1f4f433393ef1883a4c6b17cc820ad21c569a8a11bb4a2bb905cce1c22b2b32a5400b794fd9d45882dc6022a59064856c978aff0683ac10ef7b3c5acd8af07574c95d94697347159dc252ef2bda6aeacf50bf1a82ce7b42ab46c5c58c3e61f62c31dd5eb48e9c5591d443bc625ef50e526dca2cb0378711b52e1117dc764eae8e574b37b7f4973794297afbbb49395cd1aa7e26e9e59d9a3baa9bed3325af049bff348ad1431ad474eb12ce4fb3f2b4ef795b5ed4c51c304dda3df6389200cf657a717ad4464a6d664980c1054f3a65e92afd199840a237f069f3d7254dcb44a46954d73b479088f087bb3d0e637165fc18d4966c4c7462c053d42227e629b07b6282cd59e29e0bfed6641695b8668f0cb6c3856c0f5f9ed78d401fcf8cfd47999a41909a074fe72ba69c8dff073953af972d1a726dd3a18afbe60a1c71125ba8c33165e74ec3b93dfbb1fd3c90587b614135bf38c01880777070432b6ddb9743a1c8c4585fc97839db3d83463ef28d8343dbf7e978cc2a3e74a3b219dbc4f36cfcf7b47470f169e33b280b5eb6e1527773e7f942e1198fced5685a32972df65cb6684a5ee2ae88fe2fd638b228ed80cbb3862f147d6ae0efa7b9b26711627276b8103298a94fa1a31b77249436202810ca295dd41b1627fde00a980bdf5db117808ee3f943be8faba3334212b33f2896cbb3a682ebb5dd1b1e60d58a6639241ea08e58fc11b6fe6803aeb0cd3d25c9ab3860fcb2df7a2bf9140609e3c1627dcc881cea438c414b78910647ba699405e7619659582a9a1666a474ed8631ca5fc77757c46c91cef1276da0cf72e8e1289f7c816b6ab0493d134098d82c21214a7065846eee3a4852cce2884cd5264ff7edde2bda7fa27b727e06ccffae7161a7cd9ebd1bd1bdc14f06ae9759528e51218ae7fc0e382091e0d51f95f5864f2c562bc508517c99f6b75211b484249d81ed570bd0eb08da3549dfb3e55277141f09b2a9024aadb0d30cc533641c115c1fb4e040e4d07a2fcb04dfc423439ad2d4ae7f5bf1d1426b42aa5178ebb5e1352c3f5b85a768d996edfa2a47806667b1b7cb27db5684e99db03ac82ddcb0998d2b28ad6a0f632e0841f4d8a5f9d742de0c9b442ca345330d3ce06589e51b491e274b98b991b53ae5b441b56c683b9575ae386f3c48c190f8a38aae11e17350f797b6689c0db410e1049f44fb8fc8b5ac995c9b1249eb5df8cc380387572e8092b02df133fae07e4dd92fe01cf247c9c27dd9823f7ec5e1cf89a7290a84bc06e7c5014efab93f79a56f4c3aeca8b3da64da09e4cc5dd35d0bd9cfdc971cc285eeca9da751744121851a7e37d264dff1f024c58f1fc0294ac2426f251d372b8169a1a25d9e90ebb379db017178f57df7d65f8cb1e7f559516b89ae3007cf71fa7c354c12574544b26bfb017fb9c31e4d0f3b78e5c3c0065b782fdc19f080428f4542837ebdfa6af2547eafe281e043c1fc0f91d0bdaca81c6db9f5004fca8e1d62f61d556d7a875049353ac06021e0eaa6df3edc17ad9af8e9656ff4e8be8aeec4ae350412d2cbbd56c5cea91ef76be99a2ba666f6f4f9c5c7ef7c92e3ac5d05eb7644950c0f0cbad814c55c19814aeff3007cb60e2e3e7ccf9951b0e654bca16dc8554b2888c6e07be5e04badf81aedc1378c7896bf25c1489696b9ebac2b9cbb9d69867627b8939638fd10757f38f3a7293af32bb0627b79e7e750b01f3a0631f81293bafa4fcbc644c075e20cd5ace3117f310aaa72a974c8d1a018c247fc58f7ea74adf63d79e35c6ecdd5fd55c116d251112ab8b1deb9234d13344de7bbdeec8284c6bed8d080c1ff900f52f756ae5f052c70f8a81bd56143d356adf1afe1b0efd2c58e16d7d76299c923836550f2116569574ecce292f386a3ac16132616d62ac473808731d6d39fa7755f164ca68fc6005aa7bc597d919dfc75cf90e904b2c910766a130217bcb8129ccaff2b0276ba6148413219f7b88a5f3124da69173e993657b3592431014ebe2911ea224f96378183ea29bf940684023d2149127587a028865ac006d5e7eb8249b461c82618387bd05185b16fde4c7477a3ffcba3d52a7efe1c2eb05499c7f452f7e8fc741b8a421270dc0f556d7dcb0a9e13cd61f46069fa4a241808c103be58cc9cbcc652eca6c281434953b32905da9883348ba479a2956bda46f9275b1f78144fe7e0947ba254fff9ab22ffe70cc73ad4610840ac93cd5cac21e6d6e2bcc8c495c7ff6e72c7d81edf826185a29188a57de1863e23ccbe9bf128dd94734066ca6312619fcbee8489dc0f51b2fd9037c7ee6b8f29fe740ab5aa10d81d842fdcb9919ce8a69376cd2e7680bc1cccf7ed1ad852211fdc27dbcf918b5f3288ea71221f7138560ab0d3e2bc429990f6376cb400aed084aa4a644f97808552afa309990ae34e2bee971d702097e6428acf3e96ba5d4e7aad348add1c5dd6252a55f5c293f2cc109b389d3c88fe49a65abe590fa946b4d956a2dad96157e545b91bc3158be4f4ee6d0719100b7cbeaf8aef6a7469585a3fe962de8b24e97240c3ae85038c3a6dc6a7956307e7443ee0781b2ea22a81d00338269ca4cbcfefe365c919acd7b7727781b73e300620eab886fb7f10c0febfe9d320be1598c2ded043889ede6694b3d75f4e85707aaa5c2ab7a78e5e76320ef42482ad5d5a5cc15142fce32f2e8cba84467f6cb2c17f721bf0dacdce59734dc8895904d", @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYBLOB="2f8e303bda116a7ec5ea885b62aeb3ce285f190ca8071b3199cb9816c7865239ea6efa955d05e7bb1c071fccf5193c5d3a50c38eda74018969f05e0cd810d5e6d6077a71ebf0304c60caf96ffb27946e28ca70c12a3a10403dd3d3905500000000000000006369056da8334d954dfab80542ca6f93df64a63c5245caff65f7e0f21b60b2e5621d38177bd0a1f8960aec35e4b3c4780db062e727160b4781c2815f437cf6a3f264e0f341000406b05ef03c64f80d1d4b11dd7bd79166ed54009c3ca60942274c2efc62b88252c4ca99b9ad37b236774d3ef617651ffe851cbe9e6176d2a4ad5a35b222cf0a9224205de555a247a598c744f9d588007ead3535493c29fb348a7e7dbec6154f4c00ccc7829ad22afba17b4f27c3410e52cf8af5642344bafef053e20bea7fe3e4265939eec809f39c608d3ce0f68a878d796808370e5ddd49e86ed1094c7667897fa5a9fc41731f706de2d607c593d37b31a3958b30ff88b9e9", @ANYRES32, @ANYRES32, @ANYRESOCT=r1], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r2, 0x4c01) r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101000, 0x40) fstat(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(r3, &(0x7f0000000340)='./file0\x00', 0xee00, r4, 0x100) ioctl$SCSI_IOCTL_GET_PCI(r2, 0x5387, &(0x7f0000000080)) ioctl$SCSI_IOCTL_DOORUNLOCK(r0, 0x5381) r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x100) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r5, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x6}}, './file0\x00'}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:14:09 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:14:09 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 5) 17:14:09 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) fork() [ 1021.531618] blktrace: Concurrent blktraces are not allowed on sg0 [ 1021.543435] loop0: detected capacity change from 0 to 40 [ 1021.546991] FAULT_INJECTION: forcing a failure. [ 1021.546991] name failslab, interval 1, probability 0, space 0, times 0 [ 1021.547923] CPU: 1 PID: 14104 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1021.548571] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1021.549498] Call Trace: [ 1021.549748] [ 1021.549952] dump_stack_lvl+0x8b/0xb3 [ 1021.550302] should_fail.cold+0x5/0xa [ 1021.550694] ? prepare_creds+0x2b/0x6f0 [ 1021.551056] should_failslab+0x5/0x10 [ 1021.551382] kmem_cache_alloc+0x5b/0x480 [ 1021.551740] prepare_creds+0x2b/0x6f0 [ 1021.552079] copy_creds+0x72/0x930 [ 1021.552415] copy_process+0x107e/0x6cb0 [ 1021.552766] ? lock_is_held_type+0xd7/0x130 [ 1021.553147] ? find_held_lock+0x2c/0x110 [ 1021.553509] ? lock_release+0x3b2/0x6f0 [ 1021.553864] ? __might_fault+0xd1/0x170 [ 1021.554231] ? __cleanup_sighand+0xb0/0xb0 [ 1021.554635] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1021.555093] ? _copy_from_user+0x139/0x170 [ 1021.555458] ? kernel_clone+0x2f8/0xa60 [ 1021.555811] kernel_clone+0xe7/0xa60 [ 1021.556148] ? lock_is_held_type+0xd7/0x130 [ 1021.556523] ? create_io_thread+0xf0/0xf0 [ 1021.556895] ? lock_is_held_type+0xd7/0x130 [ 1021.557282] __do_sys_clone3+0x1dd/0x2e0 [ 1021.557896] ? __ia32_sys_clone+0x150/0x150 [ 1021.558986] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1021.560081] ? fput+0x2a/0x50 [ 1021.560718] ? __secure_computing+0xb4/0x290 [ 1021.561530] do_syscall_64+0x3b/0x90 [ 1021.562213] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1021.567676] RIP: 0033:0x7f9fb3b18b19 [ 1021.568367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1021.572171] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1021.573588] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1021.575066] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1021.576300] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1021.577581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1021.578965] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1021.580319] 17:14:09 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x1100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:14:09 executing program 4: prctl$PR_MCE_KILL(0x21, 0x1, 0x0) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:14:09 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 6) 17:14:09 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x4, 0x7, 0x2, 0x2}, {0x3, 0x1, 0x4, 0x3}]}) r0 = fork() tkill(r0, 0x0) waitid(0x2, r0, &(0x7f0000000100), 0x80000000, &(0x7f0000000180)) [ 1021.752860] blktrace: Concurrent blktraces are not allowed on sg0 [ 1021.781458] blktrace: Concurrent blktraces are not allowed on sg0 [ 1021.809735] FAULT_INJECTION: forcing a failure. [ 1021.809735] name failslab, interval 1, probability 0, space 0, times 0 [ 1021.812864] CPU: 0 PID: 14359 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1021.815157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1021.818270] Call Trace: [ 1021.819023] [ 1021.819641] dump_stack_lvl+0x8b/0xb3 [ 1021.820740] should_fail.cold+0x5/0xa [ 1021.821726] ? create_object.isra.0+0x3a/0xa20 [ 1021.823033] should_failslab+0x5/0x10 [ 1021.824150] kmem_cache_alloc+0x5b/0x480 [ 1021.825324] create_object.isra.0+0x3a/0xa20 [ 1021.826903] ? kasan_unpoison+0x23/0x50 [ 1021.828156] kmem_cache_alloc+0x239/0x480 [ 1021.829352] prepare_creds+0x2b/0x6f0 [ 1021.830575] copy_creds+0x72/0x930 [ 1021.831601] copy_process+0x107e/0x6cb0 [ 1021.832864] ? lock_is_held_type+0xd7/0x130 [ 1021.835156] ? find_held_lock+0x2c/0x110 [ 1021.836468] ? lock_release+0x3b2/0x6f0 [ 1021.837765] ? __might_fault+0xd1/0x170 [ 1021.839084] ? __cleanup_sighand+0xb0/0xb0 [ 1021.840261] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1021.842035] ? _copy_from_user+0x139/0x170 [ 1021.843182] ? kernel_clone+0x2f8/0xa60 [ 1021.844333] kernel_clone+0xe7/0xa60 [ 1021.845454] ? lock_is_held_type+0xd7/0x130 [ 1021.846808] ? create_io_thread+0xf0/0xf0 [ 1021.847963] ? lock_is_held_type+0xd7/0x130 [ 1021.849167] __do_sys_clone3+0x1dd/0x2e0 [ 1021.850315] ? __ia32_sys_clone+0x150/0x150 [ 1021.851718] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1021.853234] ? fput+0x2a/0x50 [ 1021.854171] ? __secure_computing+0xb4/0x290 [ 1021.855501] do_syscall_64+0x3b/0x90 [ 1021.856630] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1021.858115] RIP: 0033:0x7f9fb3b18b19 [ 1021.859355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1021.864478] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1021.866801] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1021.868805] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1021.870692] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1021.872495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1021.874433] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1021.876350] 17:14:09 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x2000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:14:09 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:14:09 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) open_by_handle_at(0xffffffffffffffff, &(0x7f00000000c0)=@FILEID_BTRFS_WITHOUT_PARENT={0x28, 0x4e, {0x5, 0x0, 0x839b, 0x4, 0xe8e, 0x401}}, 0x141001) 17:14:09 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = open(&(0x7f0000000040)='./file0\x00', 0x16f4c2, 0x10) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) r1 = fork() tkill(r1, 0x0) tkill(0xffffffffffffffff, 0x1c) [ 1022.039527] blktrace: Concurrent blktraces are not allowed on sg0 [ 1022.052751] blktrace: Concurrent blktraces are not allowed on sg0 17:14:24 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r1, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:14:24 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fork() r0 = fork() tkill(r0, 0x9) tkill(r0, 0x0) 17:14:24 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) ptrace$peekuser(0x3, r0, 0x1f) 17:14:24 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:14:24 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 7) 17:14:24 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x3f00, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:14:24 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000080)={0x5, 0xfffffffffffff9e0, 0x1, 0x0, 0x0, [{{}, 0x6}]}) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r2, 0x4c01) r3 = epoll_create1(0x80000) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r3, 0x8010661b, &(0x7f0000000140)) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f00000000c0)=0x1dfe) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:14:24 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1036.974313] FAULT_INJECTION: forcing a failure. [ 1036.974313] name failslab, interval 1, probability 0, space 0, times 0 [ 1036.975403] CPU: 1 PID: 14757 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1036.976149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1036.977208] Call Trace: [ 1036.977457] [ 1036.977672] dump_stack_lvl+0x8b/0xb3 [ 1036.978057] should_fail.cold+0x5/0xa [ 1036.978433] ? security_prepare_creds+0x10a/0x180 [ 1036.978830] should_failslab+0x5/0x10 [ 1036.979085] __kmalloc+0x72/0x440 [ 1036.979320] security_prepare_creds+0x10a/0x180 [ 1036.979630] prepare_creds+0x505/0x6f0 [ 1036.979896] copy_creds+0x72/0x930 [ 1036.980138] copy_process+0x107e/0x6cb0 [ 1036.980408] ? lock_is_held_type+0xd7/0x130 [ 1036.980713] ? find_held_lock+0x2c/0x110 [ 1036.980986] ? lock_release+0x3b2/0x6f0 [ 1036.981246] ? __might_fault+0xd1/0x170 [ 1036.981517] ? __cleanup_sighand+0xb0/0xb0 [ 1036.981799] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1036.982158] ? _copy_from_user+0x139/0x170 [ 1036.982437] ? kernel_clone+0x2f8/0xa60 [ 1036.982740] kernel_clone+0xe7/0xa60 [ 1036.982995] ? lock_is_held_type+0xd7/0x130 [ 1036.983300] ? create_io_thread+0xf0/0xf0 [ 1036.983582] ? lock_is_held_type+0xd7/0x130 [ 1036.983870] __do_sys_clone3+0x1dd/0x2e0 [ 1036.984147] ? __ia32_sys_clone+0x150/0x150 [ 1036.984447] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1036.984805] ? fput+0x2a/0x50 [ 1036.985025] ? __secure_computing+0xb4/0x290 [ 1036.985325] do_syscall_64+0x3b/0x90 [ 1036.985590] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1036.985929] RIP: 0033:0x7f9fb3b18b19 [ 1036.986187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1036.987324] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1036.987803] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1036.988252] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1036.988705] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1036.989154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1036.989634] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1036.990110] [ 1036.995631] blktrace: Concurrent blktraces are not allowed on sg0 [ 1037.006494] loop0: detected capacity change from 0 to 40 17:14:24 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x4000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:14:24 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 8) 17:14:25 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) [ 1037.205875] FAULT_INJECTION: forcing a failure. [ 1037.205875] name failslab, interval 1, probability 0, space 0, times 0 [ 1037.206816] CPU: 1 PID: 15074 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1037.207338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1037.208024] Call Trace: [ 1037.208194] [ 1037.208342] dump_stack_lvl+0x8b/0xb3 [ 1037.208602] should_fail.cold+0x5/0xa [ 1037.208851] ? prepare_creds+0x2b/0x6f0 [ 1037.209119] should_failslab+0x5/0x10 [ 1037.209368] kmem_cache_alloc+0x5b/0x480 [ 1037.209662] prepare_creds+0x2b/0x6f0 [ 1037.209919] copy_creds+0x72/0x930 [ 1037.210192] copy_process+0x107e/0x6cb0 [ 1037.210460] ? lock_is_held_type+0xd7/0x130 [ 1037.210781] ? find_held_lock+0x2c/0x110 [ 1037.211070] ? lock_release+0x3b2/0x6f0 [ 1037.211329] ? __might_fault+0xd1/0x170 [ 1037.211623] ? __cleanup_sighand+0xb0/0xb0 [ 1037.211928] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1037.212286] ? _copy_from_user+0x139/0x170 [ 1037.212590] ? kernel_clone+0x2f8/0xa60 [ 1037.212858] kernel_clone+0xe7/0xa60 [ 1037.213126] ? lock_is_held_type+0xd7/0x130 [ 1037.213413] ? create_io_thread+0xf0/0xf0 [ 1037.213714] ? lock_is_held_type+0xd7/0x130 [ 1037.214005] __do_sys_clone3+0x1dd/0x2e0 [ 1037.214294] ? __ia32_sys_clone+0x150/0x150 [ 1037.214593] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1037.214983] ? fput+0x2a/0x50 [ 1037.215209] ? __secure_computing+0xb4/0x290 [ 1037.215499] do_syscall_64+0x3b/0x90 [ 1037.215766] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1037.216105] RIP: 0033:0x7f9fb3b18b19 [ 1037.216348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1037.217482] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1037.217956] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1037.218406] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1037.218857] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1037.219300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1037.219745] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1037.220211] 17:14:25 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000040)={0x0, 0x2, r1, 0x7fff, 0xb053a0ff1bc7c011}) r2 = fork() tkill(r2, 0x0) r3 = fork() ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000000c0)=0x0) r5 = fork() tkill(r5, 0x9) r6 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r6, 0x801c581f, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r7, 0x4c01) kcmp$KCMP_EPOLL_TFD(r4, r5, 0x7, r6, &(0x7f0000000100)={r7, r0, 0xffff4aab}) tkill(r3, 0x9) ptrace$setopts(0x4200, r3, 0x100000001, 0x71) 17:14:25 executing program 7: socket$netlink(0x10, 0x3, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1037.284113] loop7: detected capacity change from 0 to 40 17:14:25 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x20010, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:14:25 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) r0 = fork() tkill(r0, 0x0) [ 1037.317284] syz-executor.7: attempt to access beyond end of device [ 1037.317284] loop7: rw=2049, want=124, limit=40 17:14:25 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x20200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1037.335215] syz-executor.7: attempt to access beyond end of device [ 1037.335215] loop7: rw=2049, want=128, limit=40 [ 1037.335904] Buffer I/O error on dev loop7, logical block 31, lost async page write 17:14:25 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 9) 17:14:25 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:14:25 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1037.419611] FAULT_INJECTION: forcing a failure. [ 1037.419611] name failslab, interval 1, probability 0, space 0, times 0 [ 1037.420460] CPU: 1 PID: 15260 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1037.421015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1037.421716] Call Trace: [ 1037.421903] [ 1037.422054] dump_stack_lvl+0x8b/0xb3 [ 1037.422333] should_fail.cold+0x5/0xa [ 1037.422591] ? dup_fd+0x89/0xca0 [ 1037.422846] should_failslab+0x5/0x10 [ 1037.423097] kmem_cache_alloc+0x5b/0x480 [ 1037.423367] dup_fd+0x89/0xca0 [ 1037.423584] ? audit_filter_inodes+0x40/0x40 [ 1037.423897] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1037.424261] ? security_task_alloc+0xe6/0x260 [ 1037.424592] copy_process+0x1c31/0x6cb0 [ 1037.424867] ? lock_is_held_type+0xd7/0x130 [ 1037.425184] ? find_held_lock+0x2c/0x110 [ 1037.425470] ? __cleanup_sighand+0xb0/0xb0 [ 1037.425774] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1037.426131] ? _copy_from_user+0x139/0x170 [ 1037.426410] ? kernel_clone+0x2f8/0xa60 [ 1037.426709] kernel_clone+0xe7/0xa60 [ 1037.426963] ? lock_is_held_type+0xd7/0x130 [ 1037.427253] ? create_io_thread+0xf0/0xf0 [ 1037.427538] ? lock_is_held_type+0xd7/0x130 [ 1037.427855] __do_sys_clone3+0x1dd/0x2e0 [ 1037.428123] ? __ia32_sys_clone+0x150/0x150 [ 1037.428421] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1037.428818] ? fput+0x2a/0x50 [ 1037.429042] ? __secure_computing+0xb4/0x290 [ 1037.429361] do_syscall_64+0x3b/0x90 [ 1037.429616] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1037.429993] RIP: 0033:0x7f9fb3b18b19 [ 1037.430241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1037.431393] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1037.431872] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1037.432326] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1037.432774] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1037.433219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1037.433668] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1037.434129] 17:14:25 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) [ 1037.496407] loop0: detected capacity change from 0 to 40 [ 1037.506506] loop7: detected capacity change from 0 to 40 17:14:25 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x80000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:14:25 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 10) 17:14:25 executing program 6: recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r1, 0x4c01) fspick(r1, &(0x7f0000000200)='./file0\x00', 0x1) modify_ldt$write(0x1, &(0x7f0000000080)={0x2cb2d54, 0x1000, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000001700)) r3 = fork() r4 = epoll_create(0x4) r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r4, 0x3, r5, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r5, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000001780)={0x0}) r7 = syz_open_dev$sg(&(0x7f0000001800), 0x9, 0x101000) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000001840)={r6, 0x0, r7, 0x2}) tkill(r3, 0x0) waitid(0x1, r3, &(0x7f00000000c0), 0x20000000, &(0x7f0000000140)) [ 1037.548860] syz-executor.7: attempt to access beyond end of device [ 1037.548860] loop7: rw=2049, want=124, limit=40 [ 1037.561651] FAULT_INJECTION: forcing a failure. [ 1037.561651] name failslab, interval 1, probability 0, space 0, times 0 [ 1037.563405] CPU: 0 PID: 15412 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1037.564694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1037.566231] Call Trace: [ 1037.566605] [ 1037.566955] dump_stack_lvl+0x8b/0xb3 [ 1037.567512] should_fail.cold+0x5/0xa [ 1037.568058] ? security_prepare_creds+0x10a/0x180 [ 1037.568755] should_failslab+0x5/0x10 [ 1037.569288] __kmalloc+0x72/0x440 [ 1037.569799] security_prepare_creds+0x10a/0x180 [ 1037.570482] prepare_creds+0x505/0x6f0 [ 1037.571073] copy_creds+0x72/0x930 [ 1037.571598] copy_process+0x107e/0x6cb0 [ 1037.572169] ? lock_is_held_type+0xd7/0x130 [ 1037.572815] ? find_held_lock+0x2c/0x110 [ 1037.573442] ? lock_release+0x3b2/0x6f0 [ 1037.574032] ? __might_fault+0xd1/0x170 [ 1037.574656] ? __cleanup_sighand+0xb0/0xb0 [ 1037.575269] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1037.576043] ? _copy_from_user+0x139/0x170 [ 1037.576658] ? kernel_clone+0x2f8/0xa60 [ 1037.577246] kernel_clone+0xe7/0xa60 [ 1037.577797] ? lock_is_held_type+0xd7/0x130 [ 1037.578455] ? create_io_thread+0xf0/0xf0 [ 1037.579085] ? lock_is_held_type+0xd7/0x130 [ 1037.579756] __do_sys_clone3+0x1dd/0x2e0 [ 1037.580378] ? __ia32_sys_clone+0x150/0x150 [ 1037.581073] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1037.581891] ? fput+0x2a/0x50 [ 1037.582405] ? __secure_computing+0xb4/0x290 [ 1037.583103] do_syscall_64+0x3b/0x90 [ 1037.583666] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1037.584430] RIP: 0033:0x7f9fb3b18b19 [ 1037.584966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1037.587564] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1037.588635] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1037.589640] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1037.590660] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1037.591668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1037.592667] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1037.593706] [ 1037.595631] syz-executor.7: attempt to access beyond end of device [ 1037.595631] loop7: rw=2049, want=128, limit=40 [ 1037.597508] Buffer I/O error on dev loop7, logical block 31, lost async page write 17:14:25 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:14:41 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:14:41 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x0) r0 = fork() tkill(r0, 0x0) 17:14:41 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 11) 17:14:41 executing program 3: r0 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x9, 0x90000) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) r1 = fork() tkill(r1, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRES32, @ANYRES32=r2, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r3, 0x4c01) ioctl$HIDIOCSFEATURE(r3, 0xc0404806, &(0x7f0000000180)="bef282db486970315ec9516ea198731967ef740c1af4aaba64d4979db2c81eba0ff827354574a0c502085cd0374d158897eff3d51ef15cea43c6bb3a746f1434c24fc15a7ffd2dd733d1483ae368f835f2782c9e74aaacf51eec1519eb7aed854e4cd1c8dafff656242a351b6b96b648933624da037fd31d") 17:14:41 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x40, 0x202) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0) openat$cgroup_ro(r0, &(0x7f0000000080)='cpuacct.usage_percpu\x00', 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000580)={0x0}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000780)={0x0, r1, "4a78e36c1b84b38b6566853708261d4fcbc2e0ed4fdeb3c460dfa494c80ed9a1d95c09b8a2c645b10d3e9c7c955b7740c9f531c8629e21152fb9aa2fd01ae3d2a27ed7e334328c41a0610ac1c3b0dfcb7a8a600ed2fdd4df746f360b109f2d48cec174dae9e120018c202cc28582f105929601d250383267fd86560fe5dfaa200add7c7d4689a0a8dff3ad1b1dc092cfb84b211b259b54095f918141c7419f5055d18980d697443bb3215f60534eeff02dceb65705851cee77d727954fa15ffa9e6ac297570278b1db62546d96e564bd04ea0eb7cbdef22d8bfa1814e93fa3df8e043d2ac16f0f47835c9be869141072370b53efe43d95c4758fe37ceaaa0702", "ec696e6f251429618514201dde6e68549fb748f980e6344d2c78e6a63d78597fa7d142a8dba35384a5d06a7fe905640676b9aae3f716f8bc0ffcce34beebcac7573f9fb44cd103eb7f8d4afb09ea26b7a6adfdebd1e28b034a400e56e639dbbbd57961d5da63142cc7e011c4e90cfaadc647e75827ee59390288bef076a035c324cca139fa941815e051fcb192c896ad54e701ad45c427ee48f0ba41927814a957afba8b805ad0dac0ff0d2108c0db3696515e08e895d3ece873e273fd4476530981c12e7bca510bd4ecfc3001be3b0966cac28478cf68c66977fd68ffc618cfd3c3a3202aa29139b974f6a62f3f0ae16f18c6cf33a0ce0d31b221b187d25abb78249f030c2405c0907b6cbc7510485de7f5791992566de3313acd6d16235c55a707ccef7bde0aec0f8fa26cfdd86aca8830dee00e5715865b71dd6439604d1c105bab5400b082162e2e2d75915de02c7f08e220e9d59d2290cc52164582cd93d22b6188513767c20c715e5e21a919c90bb42d2635b908a9f5d6bab29d4616b34f8c8c9865658bd6ce5d00feb96cd1fe26c2edb769b43f48e5fa35ce53109f7ae28674434da6cfe8b2f8d086bb1dd9237b54839afff091dcea602c55efca34b61f77715f9509c196716a64e806944649a441b3292c012060f1b3961c3bde3ab950ef6a6b646b7c83e3290acd204ae733f46f18ad7fbc23d200fb1347fc01c98ab7065c018354002f607fa212de5688b2c1fd418d7ae44b9a0f31da675adfd2e0b5ea6d2af4f4aadb7a169f8b710132142186faf97a75f61ed64f3381fa0115948bf83f26636af2feef7081509b44b33c004df06fc98f94fe01d8352f05335acd95ed77083513372337b1e93085add66d4a1b25e16f8584943bf2179cd77a29c19b4e5d08c9893dae796055a3b8014c8d6cfa6f84af5d219bd29c92beea8433293dc5773a886ca0bed530f63eb87ac74628df724525d9aa1929c04eb6bf97d8ae9cdd2a5dfe131d59bcfb241662ea78fbfd06cf984eee43c41f2f5adb883c576a16467aaebd441701b2ed6528e5d28c8fa1529db02f8c59c4749d6b9c4635f33fe3affa99085096e4d20e1c1c07d7375fdc160f45975740e9a243f3a05655aa9133822cbc57ccef20870c62dc2596e939aa786fe6fa5cbb1353777f9e5189d006d7c4a6259b0caeb092ccf563c104e284ad51c772c7327723b010210922f6002c61a051fd94cf5024796d94aa404e9142c20f070a5ea2f6685d041eff54e1037e75170ba0bf79729323dd5f14744144b2f1792e6c5fdf0f991f57c48e04051e5ce8174e6f3431744fc90012231bcab0b23120e6600f258e308a27473cc1860e9a728968c37d8c9bb68a881e7060d861e363ca04601706bc123076aec15c799dc787899f35fedac511211f2e14475a3a7d2d04fde363fc8cfdfce7bcb938854c6e151595ea57fe750bbd442427ba1f586f936649fa899a2c8044ff630ce73c8d56d74e76a54f58edb253072bfa349c9f4ed3e7ab58be782de1d31d289ebb5f503a2915e3d35176e09e3d5d459fe839bdc576f07226e1bfdeafaba613f1648b8f9a8b0a534ac7c861d8a25222005faba8c129a22ecce1e06a605654d4ef8a132e462c303afbfe097d717ffc90900086f5240470108516b69748e2575f59168ad6d0aa30a092d652ddff09a1a75fd3b8421eaad98618ffc82f7627fe301757769846a0a9281b734649c5e17358cdea98f459b5976bd7480120d6a9a224f6ea899afc31c0d2cee955b43672851a67c3a80609c1f70e4e931f7598aeb4dd18987b837843a43e855003bb622ef226753400cc744d885bbac401189fcc0bfbe3be92cef54dbec4470da6f4e97c6915c6f65f378b5da7e6c494921d0ce2aee3b4368c07b5954e96699dd57adfcf39450e7147eef18dc6c5125fab3b543ca8fa8bd5dc78a075708a7b7777a3b0bec8c31bc99bea6bb09b4feaa108b1041b96f279560a3ddc43565f8698d100f16cb931f986734dd9be9b163458b91dd0e8fe9be219d18ccde9ab95ab91c5662a15d8ba215ef90f832271a367c44e758e102babc956d4e4a4befbd61be84feda9e3bca97065e8b85a55a7b387be6aaea6ca0073acaeed166970c0382a50bb9544b409b799372f3b8b76602c32adf9eed48d37141e6de104ef2110674380086f3f98c0d7f9e3492db4982a054dabde334589752fe7fc429a3efeb54bd8475fb8a327eb7c5bbc1f7631bf511edc4ec9b9245f2b2a713f9327bf14fddce59e59a43f2c10c32b0e700a34ba9232f9652ad376c68bf37e93bdb6040722b11d11d4b7f89960cfb4aa2d4c0b07be6a1415a4f8e7af21d4aa5857f2c2b927409f438fba050b47902716f55810c4efaf1dffc5b2d40e9557ec59d6ae76efa26f68ab38585a2e2d9d831bd79702be5bd2766a707512d028ca1faced949b8d75bc6a30252718e1332c0b75ff950d46edc7b7fb52af44fdb7ab3384942ee58a90a3b1903bdb2da35b907333a4111bd980464ee1e803789c1462ce240e00e5bc16f203848bf9f8763597e8d6af00afc8a728660caf7e973dc8d72e6f7b8fce5dc1457894f5a415b9e2421980f09b50d6698d94da683661454ce166e5561ca8f2921f083102002ca97992ee1a469de9b6234c700414f152f309295ca692e84ed9f81882fc208c0169ed01277e6032048c62dd751e2a73830494448e47792399cacc0678bb098d7450c5e8ca0a90e25069a0ebd531609c9db4effcc6b41eabed5f5a584cf379a5810d54a3c83347c73b3db5b5cf13e78d950328b9736093780c7349d749ed0e2133da934493bb97594536dd605e72e12942afd4ad8215b2dbd964a5736089fb441bfd2eb131a7d16ded81a1c4fc6bad0cc42b3e3daa45bf72fbc76e2cd814481218505735c1c733912257607eb652fa19092421ffedbcba53bfaa9fc310b5f9586253e7393c1728d5e576104903e2439b6f162c8ff106975a0b110e94de4f6fadea6afde5199620e292081fc4cc0120d68e63be98ffd01f35bef91e66cc7874538a12cb030ca5d4468178de46c4613066167798d5fd69199e30bad73b25d5d6cd9b6f81f000aebdabe3eae8a85442742eeda07b37285e324ff74d46858a2ed59fc8ae771b0a37bf5265809153be77c6f06c0d00d33786ea4bce5eeed2c6a4cbe026f5d2dc64a1ac9f7fcbde5decede5f5d155af3e9debad59136c777ca3ed2de7358a3ffcc3786ec3a0c813c372263bcf53b0551a0a0855475c90f0097035c4083af2c9c25982dcc2315699e59749895ae3411b76e1af5cce1f9813cbaedb7913fb3d502c74ec52c89aac7257be63643d561aff1abed1460d60751ac2d93fbe703fcaa6a0c29618b2338c585d75c653e849fecdcb0a2796069ea8fb234958fb184cc3faa76eafd0cefe662284737cf70b9153e9fa728835a3a443be57dab906451ff9bab255ee0569749a476b158e0b3813e750e7d557ca669d7509f0d95742a1d767326a516efc1b061a99b68a9e202792d1d7d3c19c1f0d2c5e991450de04c85a590f275297b9eed8313b64f0f1184ee5bb396123ddc445694cd15718f67a5a46963d7a482dcdfec2b4584cae0489cb9b248605b0e1235b22fa2060b7ebcbbddca8541e4e52cf90851145bf1d57c3590b63ab3d22ecfae8367a2de2d3a56abc357686af317908a105fdf8723d9005bcc2cfead34226c82b2c401fd2e0b9a7803b85cb31c18f3e338e023a162e874c829c7e0851e581091379a2b93171bdd96c39a0348e933db9b95dff27b1754472053d6ec2e86328028f789d2933396cd5595e788c26119a5e1a19b58cc23a1d55755b4c88acb9ec48117b832e25bb853bf6a210cd697df5395d6fbd3ad6f2f92dd00496ff323a70a4bb152481662ffef2aa3a5ed5e47996e3a1850aa45d7680451b3ff22e0c916b36eaa8af6d6139c6beb3be66ab3a10e188a73051f426998d2468fac2cd66d87a7dc44c083ae27b84a35179133f913c703489dcb44eded77ddc38cbdd7b8ca4399e9eee73e30c64e837ea4fde400fdecf8b7ab314d71ad0b99b3b12e4b5239adfd21c0d7c799c5f6b783a4602ccae4cb0e968f43f0391f91c88fa3190a0d63916d79bc37f0baa4cf38f8774664061d3c2443b6a1288507afa18bcae5417163def0cd95171cad68dee586d428d9a37d4b5f19d3bebf4e7969eaa2b745e934bf757a8bf9033786601f88e954002ec4a43d19f7c9ed3e0a4ec0e6e85f570dcd79114fcd8056ae0832fed127a94ff3d6de10a3ea22137a9f4e2270984fd2458476cae3988e544617f177cc56514faa584fa97d5ab84ef1b83f044fed29a0e4d8191da47261c3a42ce7edc2efccf2d2c1ed5d59684dfe5bfc4819bac362351e6012e5c7d60e775c99ebddc463691da05cd235e2776d02ad7d4fd7c371ca5893f63eda215f5c6856bf0114b14e1d2505efd5167de95d066c928a0e936135ecd087d8f700c0c6314a0ba7dc4d965a286aeef2809a75cad093f29010f4c9aea20a3634ecdab7ab598f55bf5e5b74d333403498f469111d64ae3086692ab1a3d2c61dd5d9de11ddd5bbed5a13d1fe5b03f8f55da368b36c1ca4aa7ed4e7b2b134953d2cc4ce5181f57045161c67aa72629ff6f154acd59d72d1b55c8a1f24fe856e8a196e49ab73f4b6ae361b78168fc8a4b69e2cbc9533d71069b9d6cf121b19da65e7043a8512eb315d6082b3ba1e36878cb76ca38b6e3571034c8abad3393ce60678f7990aba9604ceec37446e694f8355f9811fe036b8cd33f1e03f78529c0e797395a48cf263d8b119bbc2ff58251c34f45764a4546bbac057d36b30fa3a0b63778cf2b2a9e0b4844ac433baf279e5e45edc4f9e8c0b1f377385afca5431e125228c6a795d09115a31238f99c782a308133d9475e8f8db3c6159021ca32e8589d2862639f8e50e64373deccf11c0adbad8d4706d55de1ecb7f1293850765115c96cb2d24fb6cd74969a7dd5ef9254aa27951188502ba7a77f4c7a8328fb3d3f3d5f21231fcaa103a944200f34dd838dbd578781d5a2343301810ce3f5c790d542c18a8a5986b5d807942b0132239ee7e9300fbf46240e5701e576b13012bf3f09e072a33d21c4da3f22db264132d13c4272ce1bb2e352552e16ccf8440aed40a20ed29ae347cc0beabbe4680c7fce45e22e0e05cdbf41c07b559a8eca04d0d2542a8d9c677f89892ae1ab33833dd0be8b0d0f530b105dcfcae0587a5e010da08da16a25e15e894fb1547f908e7f48eb36b14f3c78bfa866131f49559f25b88e1d2448cf0ee4fb7dc4112972f31a91e6a90406f734055778862caaf22bbf25876b1e995369eafd9b6a7bca8fdbd624403ed2130e8058f5f676a5e718bf1035b7f8f4408b3de821039d6404c7b65dfe86cf84f032fa6a"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000001040)={0x0, r1, "a85377393de9b7f8262e98f2122e707e41ff89b1ccfa4d92a6f5a5bec7a50bbd70316143c7c851122f3e4ea5f24e950d0acc86063218a38ebdeeeab13a11d80ec4b9c35f85f52ff656c3d4f13ee2f21150856a628a367433b83db1436752b677c96650864dddb3bce8bf13dc817603f2eb9fbcdc7f0c1d8247402c296f8957db9e9a5d9809e53e43308cf32e4240905da5d34bb2a02afb956c13b200bf361b704d3835a929b4bd5595f1d183f9bc655fcb4baba691f79cca097cada418542236034e6bbda142d3e257fc039d6e1408afc967f121ef7387dcb2a5be8412456f350c1cfbcc25c889a9a54e512667e1bcda04d105f916f80050ec7099f75f65e7c2", "046f1b3f535ab658a7a2a9657162c1e633a98df99b8621b04bd459b2da81601ae3fd3b5d04802dd70935b0edb8daf2e4ede1416ba7697bb151a893bd4bbfa2f0897e1e6d3204a1efb84fccf38a935cb8e2c3b079bfe4801d1cdf061d9ed1f2d8082418f4fb1087227e388415923c8bc25f20b3961d36e9422cbdd2a21c1c25997530c011066674bf3d139927612af87b1b7ce944a0efc93943f3820b8d01bbdbef6a1ce117a72ce341d9a2d2cc2cd3f4f63e28490ac1e31711a808b900fced74b262deb0b1ae7aaa3f9c4ebc6ef7539b247b297fc797a4553be390ca3504750a66f31e45460bf3a236ca6303564a50b48be1817b86711e92199fcd0ef6df5fb570fc2e72ec6ec842df8a19a86857ccdb2dc1c724f592884659596b26af71df0bff4b168ef040e6c46039aa724a415be99214ccb368fadd8b16cba2b9540569856dc02b485d43dc4413184365267a6040363f3b3120327e4c21223c189cde0b95f6cb7aa89fed7d72304a4f845e9d5ba4a40372ab9af0b546ea23434185c39ece8a2872c5c65b858f357b53e0ace8a32bcb8ed34ecff55126fa4eeba7ec1bee570011abdf9b64c4ba7825e5935c136c1e6525df509954596f4a938f1a9c337c5941d4f1e432cad4bf9988abfba5a0b8caf4be7f61f7f1dba419c8f3295b0954eba409b96daf538bd3977c74ee70084f28ab91eeb3b159bdf4616de5d3508e7ff9de3f9ed6117742a28cd6052cda428b05476799f87b681c6d5a33ac4facb7c2897c7094a97cf29525b56e621bf0176301fb73d2f34195ff6ad7a6a8df7f663c270e5b9d7558b64c04f2f7877dbe260a639c66c07c35cdddd3a4790005b994aa64af527f8e8cd78a26eeca87ae7a5ec53f3e83c5152ec19dc84789fc2905bfb73ea1df61772bc8c7be7b9b11fc1c78a78bafcc931a2f410cd637c8389ea04fd92daaeafb065370e40976c641763b48d4d01bb18a6ac31b82e19a7e4284654eeb74427e1ada602177d7a7cfa9215627f6dc7af46a0f1b1b0c017d6b2ac817ca3a2efab4d085c76cb118b7b3f0555353846f688d4e5a5d798dcec71a8702f02be33e93c772055add3dffcd043fb200238375380689a997f48e544a948f0628c7b63d6725174aa7f6125b0aa9f01b47ff52e704a6f05c402147d1094538981f6621caf419b819fe353836343aa9ff29cf1bc7098fd623e7774965a3bf067e5d1ddb7b5fcad8adeafe10bc5ebd21685d8570d72577767421151de4805af137205a69c48a5512b5561486fe02f1fb476b60a84a526d93c9710853dd8a1e55660185fe154cdb14f15d0b8620ef7a2d5f19008f106ce61c1c38d1bc062cb2dede5446deca9c95592a58408eb32bea03a121c0f29077b529b5ca166861fbeb112fe5f5f58004ecba306aa1aa417cd04cd7b0bbf606bccd039f7b1993ab66a25add7142ab8580146de9bf223405f3adaee4155c4a496472170c5ab44d87925c1fdce57d7dc5492aebbc736cb427dcf68f34a6e191abfbe7870f3c829a2c23fed24b249bebf7f0be13a0b0ccf5df4d7d34a9a06e8ecc5be2cd6973bc299aa31a0efa8da8c9f907a766e79b2a19d53ca9ece0c0e82323e2f8c25415066b6af00b0dce20200fec47ba20f366b63bd253e276e24e835b65375d49534b557f5da4abd17baea788b7a6f0e3ec7fbe0d45d5129b138c0ce99a7c0d5749bf3adf2a99ef80e7f4c3643f62ec74a9f3c3f8abd1b360593c19851d4e62ab88ebf509d53c28140860d9ff946fd82c547d92d5e4fc0de82da78c81a54d9806ea727777e10ab56fed268ae8a0f1b8d3560f5f220971a81896264513c6360b7f30054203ce843531133201d08dc77f4c782dd28bf5573c7e7603dc59f7bab43906d8806e319307bea7fee1108c60cc6d4e7bed9b52e01454269fa90b54853e1971193d9abcf9d57f24d484ad2194cee82846b0bbf69ee3cc0f1e111e01ff9151fedb297e646acbaf15a877258a49f9436a4a28617613e02654cd7207149237166114ae8844188c7a95486f4e4f7eef764788848bb3984eaafb4ac96f91467c14ca63c824b005db90f8316887496455ba4148cff73ee8bb58dd6d649a8ab6d96096be11a87806c2ea80b3a6de10726018019d71f40bc738707f690924510203a19e5dd0705f035173e9b3a5a1cd80628a64f5f997665c381488edb59b55860dd40b28cc654ebb50866ddc040faf5c9035d77193f52eb887d653d324914742f034178e963387e1686b646bf95c5ee474e5a3a782c2eb02e0de6e63f5e7cc59636be8670e9802f53af2c5684b2e8c68f228d8934d428d6aa7b995811ecd1293abda43dc94374e53bebfb28d9bd6682cea4dc56a8f515b5afa0055f63a222172d0097fede5558574e62c4bf0b96af7d3a6d7c72d098dd5c24d351b04d63caa324c59e904b11e2fcda74838a314c37739ad64aff57d9e6059f1bc51e1548b694227a9d048b33ae749f68978fd7d50e244d7ccc74cfae3fb5a7ca438040f0b166ebbb364561ccf98b698b31e27f2c0ca42e5ef215c6a1645729e65fff69c3f1edad8ab499ed5243156dd20084b52f5fd41fbb7c8cf207836021caac38662225d12071920cd7a693157cc90372dd2b901206e45b1aa637a3094c99612f0ec9eaaf7ea5e571a1f64cca071cd04f94c95d8842dba7b478a180aaa0ed0180a7c126597e7232d1b961bc6c39bbaec9751ab9491e023081568898f8ad234c38ee793901d65f12646d9c1e56218a1ff3606c683eddf1f846d88373599c80dccf4fb0def36ec18f104c8c686ab427209a0b2f8d0781b759f9abfa8bd139ab76749c216c2098bab40d873e1082b090665c806dfd5638591f3f8a92a4ec86f4a56eb0591e31a5b39e076d43efc87d512eda8535f8a05e5033ce8e2d068e66094fee89684074756b053ea801b1b21039796677ee5a473941af41896130cecafbb8d6de6ddabd6a29175d977987ef9ed9d5e69657394be2a08b792c186306ac74bf9405124bb04c20da2821ac37d8208b349b892b91f0c814e5451b286c105b5fabbba94a11ce65938e248add9d45b317bad1d1a2c6ef6cdbf94c110c5d44d99ee8e112899ee85c5f8b29e49f06af8f6369fbceb457705020999a908c4c3c5418705f41ed31fe658c88793068a2c708b8d7617238875e25ec5ab3e4655302e64d8f3286dc48c7c525f5133d20efc7bd34c4402202b42ad565016d02acf3c022c5efc9feb2851a56c057fd84e2f9e34f5bb3b0f55fc648af22266ea03aa0149bcf116c4e5fd92d65ecf07ee06129e0f2f983713ab0ebdb4ab05a5d088e0750cde5479ebf3e827cc1c6462a7537e5c027527b90bbec82283a36ade6fbc72f3fb9e26a26d747be250728e5fd4615a3cc91ee672ec011b66a0f4e3690d9860361ce807a9e6f8b094f8b8cbed2a75e3dc9f25be450eaf91e3179d210803c0e4dcf006f402103f783e750fed8d0f2a421da0ded11b61ca2aba5dcb77a216197a84338e09278c5b953d62645924b80dd464359345805189f7584da0d40f12ac10353a41a498f22989205d058ce0425a0d18cbe8506f45d402556ca05a75babd6199ceaf96db2b96b148a89f7c96ef910f3254a42b9503666e1531c4f172071084c86742c1b0371c453251a2e3272eb08a5543bbc691c8bcb675ad4bfe69c797c32538c796e2fa296e174960ebde19b2910c7e12441d80cac84bad5e105d0cd2a146cc4dcc13be9ca2e37ebc84e0b3aeb9fac90d8ccef5cdfe81c754ae7642a4c9419c5d1dce09700862bd5147ceea28b48239b47f6f28cc9d232812ace4843e81cf8b5ab32b2ceb5b6886a913fa7f9c3edec98e645d6783d436697ec6804f955bace4ecd8116d86852f7c6a6df9bdd997fd8de7d8c1b9457aa1beb1b9aad63ecfd91a2f4e0015f3a6ddb185831cbdeb806c66b6efc1b21e987fed1d9a4ef0072e5bb2ba776198dec3871a6553f9beaa27598f054e52c6710db74bb138259fb355d573dca920b3d786556ef94b8578913cf554f4b8d9d3bf922891164e226e84e0b8ba1caeeffe8c4832c80d9d323bd6933ef8850b9902266b1c6e9976bc09e8ee9338dd0fe409a81c6db8b2dde9ac3b70d63b8888dc68bb012cd5a0236ee35eb002b7ba2450b3f35fd5e0975c9d7d5443d97135953079182ebd0ec3f61757ca9ec0618e2d6a6210f469408d745437029b8445b314bee9f40ddf0cf08783b7f28f3a7df031d2d2e36524a8f8de9ae1aad224cbcb5fc41389ec252360d47b921e0fb4e59491beba69da7259899fe420b91b6effd8745cb0a7d6bd7bd28d86dca2c871725bb8ff002a5c0e8edbaaaa783325cf3984d6d82bc399205391086912392f5be8982cdaad5cae6f1ba4d5f13374188a68b85dfaaaab2fd3f643095d3189c77736f88daa025ce0f02d1ef7907c7b9daca10b8bf3c401e2b5d3238257ef9d6f61ed8f61362fb36f14bbeb30654e181a43376472134a77bd4d32aa24e4f93104d718fd38c0f9aeee53cfb8c8511f6eb4f4bd7d4bec0c69690d20de002434407a7ca008179059e72f771dfaa10fcae8d71cd3a5acae352b5ba1c750eb8126d94867d211c6d25a8bd88b9b90d03a3270ec584709be269fd1642d79566f203fabeb6f82e89968351bebaa766a2fbea446a049686404b98a578d0385056e2322a289a7c9b203a1480c105c678fcd0d221b8091ffd7b92083d460c68c555bfa3fd4df09bc1195445eb0f2158ac18bc642aa36bc42c05ae52028fd6d20d54fac30034d32b9b7b972ed5088e059795fc649b1f52d2d26ba3fc89bdbcd0dc86ce898abd75067196d24d28789fc1b261c400217f6fe673ce128a73d6abac5f311d019a3ee8d1fe08426ead0cd2c467e2f9c76362658ccd0d60c808bd67f691eda36d6ff276e106b6d4a79559c311abe113cfac77f7201aca119b6c5039e1194b6abf8b87b10f9e389b55651981454a43997bc96af84f05bed2f8e5cb8ad2cbffeb499e272a3136b597219ffa644c4d5f4ec7582855da41818128063d9fa6d6d828689420601d796ce67c97ec0cd90fa59a525bd26ce5bde70ec9556eb1c4cee1284ffb255fe8230aa8b03e9f909be6bf03da412f9abd41bd6a8cd4bd615765f3c1de4525e1b51d47e144ffb9b57f6bfb970664b724c0b2e14691ac40e04b2e7003c6911236889e625bb6a25a96aa9b872e51bbd7b11d43ef199e76ba7dc8e23902f7a3173de9793178f8455ac865f9be54544322e56467cdb2ed119a4c36f4fdc61263dad5d515a7ad968607c049e61ae57b273acc97a9b5f314b5b0a70559c1601d969296c0163e2d1cd26d9bf8942fa04c412fbb3746cf6d42c149fcbbe788932c8c06ec881281be6dd7caf8765f4101d224dd630215e5866dc830cc723c5f9282deffe2565bca872fab0dbf7"}) 17:14:41 executing program 7: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:14:41 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:14:41 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x101000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1053.987261] loop0: detected capacity change from 0 to 40 [ 1053.997827] FAULT_INJECTION: forcing a failure. [ 1053.997827] name failslab, interval 1, probability 0, space 0, times 0 [ 1053.998977] CPU: 0 PID: 15733 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1053.999769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1054.000787] Call Trace: [ 1054.001024] [ 1054.001236] dump_stack_lvl+0x8b/0xb3 [ 1054.001659] should_fail.cold+0x5/0xa [ 1054.002007] ? alloc_fdtable+0x7e/0x270 [ 1054.002374] should_failslab+0x5/0x10 [ 1054.002841] kmem_cache_alloc_trace+0x55/0x3c0 [ 1054.003285] alloc_fdtable+0x7e/0x270 [ 1054.003709] dup_fd+0x718/0xca0 [ 1054.004037] copy_process+0x1c31/0x6cb0 [ 1054.004410] ? lock_is_held_type+0xd7/0x130 [ 1054.004859] ? find_held_lock+0x2c/0x110 [ 1054.005243] ? __cleanup_sighand+0xb0/0xb0 [ 1054.005705] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1054.006196] ? _copy_from_user+0x139/0x170 [ 1054.006685] ? kernel_clone+0x2f8/0xa60 [ 1054.007077] kernel_clone+0xe7/0xa60 [ 1054.007423] ? lock_is_held_type+0xd7/0x130 [ 1054.007878] ? create_io_thread+0xf0/0xf0 [ 1054.008272] ? lock_is_held_type+0xd7/0x130 [ 1054.008734] __do_sys_clone3+0x1dd/0x2e0 [ 1054.019499] ? __ia32_sys_clone+0x150/0x150 [ 1054.019934] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1054.020425] ? fput+0x2a/0x50 [ 1054.020740] ? __secure_computing+0xb4/0x290 [ 1054.021147] do_syscall_64+0x3b/0x90 [ 1054.021498] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1054.021967] RIP: 0033:0x7f9fb3b18b19 [ 1054.022303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1054.031950] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1054.032613] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1054.033231] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1054.033848] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1054.034468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1054.035078] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1054.035678] [ 1054.044355] loop7: detected capacity change from 0 to 40 17:14:41 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0xf0ff1f, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:14:41 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=ANY=[@ANYBLOB="38000000000000000100000000000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000080)={0x41, 0x80, 0x4, "3ae0f88a52fa57c6df0fae520f584ae9435d680ce5f5a7a321966ff666dee336ed0dc867cf7aab65d4e722cf3232a5cf11455f20c804eb1272d9b88ef283a746f3"}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 1054.156468] blktrace: Concurrent blktraces are not allowed on sg0 [ 1054.159240] blktrace: Concurrent blktraces are not allowed on sg0 17:14:42 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() r1 = fork() tkill(r1, 0x9) ptrace$setregset(0x4205, r1, 0x3, &(0x7f0000000040)={&(0x7f00000000c0)="0841c777fe5412bdd39183458a37383b93062ac89aaa23a88473e02b3f4361cadb092a2b34b87d2b4495a8fbdbe0f990f0f6e31341dd13a1848732ba654a2623e57bb81f19447d23ad863a13614ed7437eefec9218ee856d2a192e768a4822bef7bc9fb2273653680d9ce53e519971a3ca1baa6e", 0x74}) tkill(r0, 0x36) 17:14:42 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000080)=""/55, &(0x7f00000000c0)=0x37) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:14:42 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) [ 1054.253252] blktrace: Concurrent blktraces are not allowed on sg0 17:14:57 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:14:57 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = fork() ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000001440)) tkill(r1, 0x0) r2 = gettid() r3 = fork() tkill(r3, 0x9) recvmsg$unix(0xffffffffffffffff, &(0x7f00000014c0)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000040)=[{&(0x7f0000000200)=""/147, 0x93}, {&(0x7f00000002c0)=""/102, 0x66}, {&(0x7f0000000340)=""/226, 0xe2}, {&(0x7f0000000440)=""/4096, 0x1000}], 0x4, &(0x7f0000001580)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000140000000000000001000000010000003270b1118e78e752d52c6a45f68708faf3b1482885e6039a5fe33fe73c140ce41d172619ddcb1bd04f590ad8f236357f9f2a3d811eff20470ec55db07509c274ad849edec11de816c13be6348dc37f6587dd999e76a4c0cd69ff1d49e3cf603197be799493ce1057f55a6444f33819f3d8615486afca12f4b033d512d140d3f5098de6db5695b7c917d2555c3fea772bb9beaa8d7d847c3405f6fb244f36fafc06429c8ddc8027d4682d22bf384439db33", @ANYRES32, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x68}, 0x100) kcmp(r3, r4, 0x5, r0, r0) ptrace$getregs(0xc, r2, 0x8, &(0x7f00000000c0)=""/164) 17:14:57 executing program 7: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:14:57 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 12) 17:14:57 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x1000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:14:57 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x40040, 0x2) ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000180)) ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000080)) read(r1, &(0x7f00000001c0)=""/99, 0x63) read(r0, &(0x7f00000000c0)=""/88, 0x58) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:14:57 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x0, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:14:57 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = fcntl$dupfd(r0, 0x406, r0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x168, 0x2a, 0x20, 0x70bd2a, 0x25dfdbfc, {0x1d}, [@typed={0x8, 0x41, 0x0, 0x0, @fd=r1}, @nested={0x83, 0x10, 0x0, 0x1, [@generic="1c77773668a9f12243888dcc95a3ff0e7abd8058cdbef5a4bf7ce27eb16e4616642ba2292bcadb5c6bdfc4df1d55d0b0f05c1d55509ae0b33a114308af9c5b5f9ea36abed988b7fc6832d58bb25b67d40171ac603852774198ba1b84a7ff74b4d7ce136a425c6f83b99f82d75f0146917d64039520a2f4", @typed={0x8, 0x23, 0x0, 0x0, @uid=0xffffffffffffffff}]}, @typed={0x8, 0x4, 0x0, 0x0, @pid}, @nested={0xbf, 0x44, 0x0, 0x1, [@generic="e3814bd460701744b7d86323c6b10ce4f4eb6088a7243a4245dc59108bc448a27847ed0d8fb13cfd94ee103d2432af5f75747469c7cb1e44c00f2d7cab2b652c450fef12c201016dd2f1fe50976a92bb946871a0b0ba6ea5894851f00dc7b69acf441aaa1d9f3f41a10c8fe09ac132268ace3fac3220f13aeb3543ff52e1cf90901c894ccae203d274da24d96618b9493f7b6e75108cfa3139996bd531d24488031f0a04e6b115", @typed={0x8, 0x6f, 0x0, 0x0, @uid=0xee00}, @typed={0x9, 0x2d, 0x0, 0x0, @str='--!,\x00'}]}]}, 0x168}, 0x1, 0x0, 0x0, 0x8004}, 0x4810) r2 = fork() tkill(r2, 0x0) [ 1070.166043] loop0: detected capacity change from 0 to 40 [ 1070.174433] FAULT_INJECTION: forcing a failure. [ 1070.174433] name failslab, interval 1, probability 0, space 0, times 0 [ 1070.175359] CPU: 1 PID: 16269 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1070.175966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1070.176789] Call Trace: [ 1070.176987] [ 1070.177169] dump_stack_lvl+0x8b/0xb3 [ 1070.177451] should_fail.cold+0x5/0xa [ 1070.177725] ? create_object.isra.0+0x3a/0xa20 [ 1070.178069] should_failslab+0x5/0x10 [ 1070.178348] kmem_cache_alloc+0x5b/0x480 [ 1070.178648] create_object.isra.0+0x3a/0xa20 [ 1070.178979] ? kasan_unpoison+0x23/0x50 [ 1070.179278] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1070.179615] alloc_fdtable+0x7e/0x270 [ 1070.179892] dup_fd+0x718/0xca0 [ 1070.180141] copy_process+0x1c31/0x6cb0 [ 1070.180430] ? lock_is_held_type+0xd7/0x130 [ 1070.180748] ? find_held_lock+0x2c/0x110 [ 1070.181054] ? __cleanup_sighand+0xb0/0xb0 [ 1070.181369] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1070.181761] ? _copy_from_user+0x139/0x170 [ 1070.182073] ? kernel_clone+0x2f8/0xa60 [ 1070.182372] kernel_clone+0xe7/0xa60 [ 1070.182644] ? lock_is_held_type+0xd7/0x130 [ 1070.182956] ? create_io_thread+0xf0/0xf0 [ 1070.183280] ? lock_is_held_type+0xd7/0x130 [ 1070.183595] __do_sys_clone3+0x1dd/0x2e0 [ 1070.183895] ? __ia32_sys_clone+0x150/0x150 [ 1070.184226] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1070.184611] ? fput+0x2a/0x50 [ 1070.184852] ? __secure_computing+0xb4/0x290 [ 1070.185175] do_syscall_64+0x3b/0x90 [ 1070.185449] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1070.185818] RIP: 0033:0x7f9fb3b18b19 [ 1070.186091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1070.187350] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1070.187877] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1070.188380] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1070.188878] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1070.189375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1070.189863] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1070.190372] [ 1070.203775] loop7: detected capacity change from 0 to 40 [ 1070.250871] blktrace: Concurrent blktraces are not allowed on sg0 [ 1071.033762] blktrace: Concurrent blktraces are not allowed on sg0 17:15:13 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x0, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:15:13 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/thermal', 0x0, 0x149) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0}) r3 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000140)={r2, 0x3, r3, 0x3f, 0x80000}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r4, 0x801c581f, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f00000018c0)=ANY=[@ANYBLOB="38000001ddff000000000000000000000b7a442cdc75c4f81a9613abfa48682cb31779403f180ad5768c5ba0669d5720b67b236168177b80a8a956a846b4f93e16cc18fc2ffa13de376b463107e6347fe091b4a68b5dd81bc71d14af71ee5a20c17551017453d1d8cabad348b31804714078207d941168d0a0fa987bbf43f14076f5a09e", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYRES32=0xffffffffffffffff, @ANYRES32=r4, @ANYRES32, @ANYRES32, @ANYRES32], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r6, 0x4c01) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000001740)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f00000017c0)={r7, 0x3, r0, 0x40, 0x80000}) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r8, 0x4c01) getsockopt$inet_IP_XFRM_POLICY(r8, 0x0, 0x11, &(0x7f00000001c0)={{{@in6=@private0, @in6=@mcast1}}, {{}, 0x0, @in=@local}}, &(0x7f0000001800)=0xfffffc46) r9 = fork() ioctl$KDSETKEYCODE(0xffffffffffffffff, 0x4b4d, &(0x7f0000000180)={0x4, 0x1ff}) ioctl$TIOCL_SELLOADLUT(r5, 0x541c, &(0x7f0000001700)={0x5, 0x3, 0x100000000, 0x9, 0x4}) tkill(r9, 0x0) 17:15:13 executing program 4: sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042cbd7000ff8ed9122ea4921d8dd5250d80a3f5b5dbdf2512000000050029000100000008003c000300000008003a029d000000050084452900000000000a000900aaaaaaaaaaaa000005002d00010000000800310004000000f47942005cbe3872de17f248bfe20fa446aa68b0931a01fe673c8654d3956995f12b56b95efd850a9760fef2e77f9313023e2fb2e6825c63158f6d412d4edf029dee5aedce11a00d6c2da3fcad5ddee10c5c6b45b8"], 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x40080) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, 0x0, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}]}, 0x28}, 0x1, 0x0, 0x0, 0x4044058}, 0x4008000) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wpan3\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000200)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2202400}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x5c, 0x0, 0x300, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0xfffffffe}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x7f}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_CCA_MODE={0x5, 0x23, 0x1}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x44}]}, 0x5c}, 0x1, 0x0, 0x0, 0xc804}, 0x4000000) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0x6}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_KEY(r5, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x54, 0x0, 0x402, 0x70bd2b, 0x25dfdbfd, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4480}, 0x0) 17:15:13 executing program 7: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:15:13 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x8000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:15:13 executing program 3: ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, &(0x7f0000000040)=0xffffffffffffffff) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = fork() tkill(r1, 0x17) tkill(r1, 0x0) io_setup(0x4e, &(0x7f0000000000)=0x0) ptrace$setopts(0x4206, r1, 0x5, 0x4a) io_submit(r2, 0xffd0, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/keys\x00', 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000280)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0xf4, r0, &(0x7f00000002c0)="72378b7072cc5e4f168beefae693373c3c45ffe2f3750d53ed3b5927b14aa6415dd824c1a368c51f0ae4989e71d6de7f0ec58a458c1d49d450e0d01bd0243749a00600000000000000be60b5096c90ee7323bd8abd6f273b54b35355e946f53af0f3826d045d07b418b80f0127d527d508bb5dac7df13bbdfc180d2e", 0x7c, 0x5, 0x0, 0x3}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x6, 0x3, r0, &(0x7f0000000340)="16cc3069ab3d6b75b0d41008966a5f4123f119127779ea19a04c0fdf5c36405af98c59a62fbce8d797a6a98824e7fd8f2c0a23a1dd73ff27a5e26c3cf4e3a40ff91dc7eb5135755b98e9c5dbdbba66039c63b9532c9cc3505ede79b6ec962e4dfc1e8b31962b6df1332e6c69064f08", 0x6f, 0x4, 0x0, 0x3, r3}]) write$tcp_congestion(r0, &(0x7f0000000100)='yeah\x00', 0x5) 17:15:13 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 13) 17:15:13 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1085.278909] loop0: detected capacity change from 0 to 40 [ 1085.288587] FAULT_INJECTION: forcing a failure. [ 1085.288587] name failslab, interval 1, probability 0, space 0, times 0 [ 1085.289456] CPU: 1 PID: 16600 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1085.290078] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1085.290891] Call Trace: [ 1085.291097] [ 1085.291277] dump_stack_lvl+0x8b/0xb3 [ 1085.291573] should_fail.cold+0x5/0xa [ 1085.291846] ? kvmalloc_node+0x3e/0x100 [ 1085.292139] should_failslab+0x5/0x10 [ 1085.292422] __kmalloc_node+0x76/0x470 [ 1085.292714] kvmalloc_node+0x3e/0x100 [ 1085.292994] alloc_fdtable+0xcd/0x270 [ 1085.293280] dup_fd+0x718/0xca0 [ 1085.293537] ? md_open+0xc0/0x2e0 [ 1085.293798] copy_process+0x1c31/0x6cb0 [ 1085.294101] ? lock_is_held_type+0xd7/0x130 [ 1085.294430] ? find_held_lock+0x2c/0x110 [ 1085.294748] ? __cleanup_sighand+0xb0/0xb0 [ 1085.295068] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1085.295478] ? _copy_from_user+0x139/0x170 [ 1085.295819] ? kernel_clone+0x2f8/0xa60 [ 1085.296122] kernel_clone+0xe7/0xa60 [ 1085.296392] ? lock_is_held_type+0xd7/0x130 [ 1085.296718] ? create_io_thread+0xf0/0xf0 [ 1085.297036] ? lock_is_held_type+0xd7/0x130 [ 1085.297364] __do_sys_clone3+0x1dd/0x2e0 [ 1085.297671] ? __ia32_sys_clone+0x150/0x150 [ 1085.298011] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1085.298411] ? fput+0x2a/0x50 [ 1085.298657] ? __secure_computing+0xb4/0x290 [ 1085.298980] do_syscall_64+0x3b/0x90 [ 1085.299265] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1085.299661] RIP: 0033:0x7f9fb3b18b19 [ 1085.299937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1085.301228] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1085.301353] loop7: detected capacity change from 0 to 40 [ 1085.301781] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1085.301792] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1085.303630] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1085.304146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1085.304658] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1085.305190] [ 1085.309795] blktrace: Concurrent blktraces are not allowed on sg0 [ 1085.321851] blktrace: Concurrent blktraces are not allowed on sg0 17:15:13 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:15:13 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x3, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:15:13 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x10000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1085.447621] loop0: detected capacity change from 0 to 40 17:15:13 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x0, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:15:13 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x3f) ptrace$setopts(0x4200, r0, 0x5, 0x3) tkill(r0, 0x0) 17:15:13 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000003200), 0x600, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000003240)) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, 0x0) sendmsg$nl_netfilter(r2, &(0x7f00000031c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000003180)={&(0x7f00000000c0)={0x3090, 0x13, 0xa, 0x301, 0x70bd27, 0x25dfdbff, {0xe, 0x0, 0x3}, [@generic="4f65f1ab2c7a90c12d5f42695e81779043333041a374d4ea10f4f938b951e1ad3069ce8e226d0a026d1ace5076da44240f10c16d1f4fe0156f09f01fa86abacf8a49f451ab61ee7bd3fe54cddcc280255c068d056648dbe524b6e4bc4c519b53a26b13f67ea5e5448f7f15a5b3d2e039352235fe3b10382847cac085f1b3c856c5edc39edaf51b0d54e272136db774051d728dd5be3128246b6dc2a59a6d0eb2478e964d69da8532a8d50c101504ac8908774f1d8d461026dc29d4eca9fbef3b08b6cb11c2d6403819146fc2641c37cac4941720c9a2119285e9cb05e8f4852599a153f977dd12f61d0a493c4be7c272e48691dfb01a9e2c6a4ee1f1b8460311021c98b6f961b3438457abf30b6b28e750ed121ca157d18de44a995a1257a4e44358c88fd00d4523e46aaaf5f4bafca422a46535ac63b11e106e20c57210bdcdc00bdb8d3565677a6462a56d605252aed2f8b268c437491a4595e6cb04761250e4a35059ff922bc259f5b89160f2acf12028cc35cef43ff0741eb896b7c93e323c8ea243ce591a724615a169835668bfa358f4633ed39b0a7e993f9e995c03af264dbbe3a557b0f1bccf878273ec3ff73168c3c4c07a5bda470eb5e02570a853557d7238eb1dd3d29b7f479240bdde5c9530d894ec5aa7eb4579576e848911b9474c5bb2144c7729a025add2107dea2535d591b72e03172209c7d34891d34be560e0b5da876f8d234090db2a942f50f5ded8c730c7f221796c8f79fa032e965f26f90407fc24826fc0f18738a9a8213816245bbd881d21405c0ef37ed0bf285f8a907fb1b1b741f8f5ea71040af4e95e5d10a6c41522f04dddf8e3da9ffef3a213c4a3dfe355f9767a88ff454d7b06568314e4f3ced37c3cb7522d71e2429fdc5aeeb6eea2d8f6ac0a436e2e70fced4d42fefbc192af6e8a7c373549d43e26f30898a99fc42c4f6f08d3661b61198160b5b453212c813dd5a7a08bd3d30f3fe162455f416aa6bfeb5a5db369b305aadd768a7cad4823451b9d5b0539450914a44959cfb3890768fccdb88dc426f98f2f2cd4221ae33c71e29763ca48401e3032b4cb23fa91b436bff715d8e84d3e5d535db0fd432098956a4d147d8426836b59abaae98a07082a3a8ddc51dd163bf85af33e1acea90db608598cf66f2d2ecebbda6a1dd29b9b133e4aa64b3e6593320de61b7030cb50e3ac46d6dc294a0e06eb7bf5c7a025c96675a489ebef45c7e6438f26e14537b4e2dec114e2129df2604aae4ca4b50114f761a66148212cdee7c280bf23625254f7071a2b08e13e2ec9ae591d8b3127fa2ad3ec21a4959c27ecf9ebbb016dd70d479404ef9e6b9273696604060e52b4574496ca6032ebc67f0060092f7a2d36a996330912f36b33f138e66c18ce4b0763968c303ec5898faec8b8fc3ebc0d872512e7950d5627212aa8b67ce7b7c872942e2db11fe53e347f16619b7790e474ed8f7ecdadf6fd59f591b2d1d0e8e960f46b31ea94a6bd4205df008a843fd6e4aef370b4e54ad56728f440a74ff02e1b2037572d065e06ed175403916b214cd6b3be1c061eefdd12b07892ee9cf6f89f5973233d220170599b03e5c342268f934742d2041e83ef1ddc270c3d942ddd69ba24a3cf484c8bbbbe2a776f090a2dd22254547099df18e1543e71520071d519934cedf18c3013d6278d26bf00e2a153174707ccd0fb43948fc900bd8f9ae4c2d184c21c0434ebe699caed7be9fadd263194fbe9f8d2142e665c5a4fc01d1d062d56a17677406467213f7ae468d960fb76ed12c365889ac7b6a1d150a6de803ad6941abafb29b840a38a5e6ad009e349af6ad6ce3df3b94d746179a7fab9fa8a34d8e9db8117a90303d3073d4e7e300da60f088cf0cdecc657aa29595937c8de4daac02942aa71cef6572014c96ad46b8c03cfbaf84f9e251d4a08cfb466b3000d72b632de073c1b6f04d543ecdf179135c3c138baa628f3c4f5ae90adcd2d97be81d0ae55fb9a2a16371b4a5762d6eb1fc27d2fc5b87ab9897a05e18cdca5c9e6619ffabbd844ab1362248dc3303c25fd4093c3cdb67b21dd12091c87a0086bb98ceb91b8bf410b7ad358269fd4d198a4af45d6fe16d2de47e3783a1f9efbf11d933a5d3119fef31528dd1a72226f71fd3471cc7f597e9330cf9898709a015a254ada3367fb25c1b3af8d8c5113b58d826a99095866bb2caa098e657923bd3b8e4635360029b9394dd46ba82227efa42067e1fccfed4a9b3ce940200b998593a332404752795d9a8f10a7681666beeef03440cd8069cc9b77acd408cc91dc6899bab4eea036841e3c7fe5805f98dba0908c406428dc6031ad22d5a52bd5400bfc66ae55de78e92ed3c57f32cf83b2dc8a2f36b5f92b63c31e56de6a3b867df72377f0848dcca6920e8d0b7103d9b358870367bde999eaf424a650c183bbd09698207db5c53d0f1624c3d64c4216344fad8b910a14a7dd1e338611ed537c3e8bbc487e8e238ad29109be5282444d701e467203d43d49fa5331877bde8b483c03beea25fdfc922fa620578f997b12ed19a22d16aa2fab8fb48ab46d1c2736d6871244879e3e444d54f69785775f564aefcf892f2d0815572095a8232bc63f2e1cfac1de593c33546bdbb7cea9fa6c94fc81b5f6a6cfed41133b60614d4696a094830bee3bf738aa7025d617a511afdb8cd27089f1e15984f880b527df395a220f797a67c27bd2e06305b55f24245ce2e61b05f39f22cb3f41d8fd1fd96a9861ff874b5879606afa5a1a3f6aa7d40ff10afaf231e9d32cf2c4dc165cbfd7b6dac1cb3e3546c426b559f8f9e93ca09a4d065a5958385cee31d40cd35383196fadf2d17e3ae705afd1f3554ed1694f2a685e4e397744479d445b0b0ea0df5fea165780e56cbeac82f50eb556143f0ec86d394352aef3b477b40db82a731639837da7a68ebece6a71b70988e3da0df1f9ce7b36581a86b5112395386fd2a4165b4868820ae7614606086c4873c2964d36b12c516b8e5db2bbc7853b744f3f43fbc7ba465be95da1f4aef5c3c9edb261fc2423ff1d1547a2b264547ab43b90c9cfeb69d208a68a1b9b92d2cdeb5e490729fe43765b7637afc66e1c4d45d56bbea9f086195c4c46188065cf518065354028875233c718d8e32c057206ef473739b1788bc4afe0d120574b2e44c197bc57b2576a4d0ca25e222458627cce9f1511e0a6496c08af37b1461c049a8c062307cb4b3821083333126972f04933b90cefcd218bd53ebd0510ed2f52e9167fa3b813429e5ae8a35658967619b4051797fbdf5f065ac1077430c38ed9d08f76b52c6ed32b323798d376488fea9099d02d8930858bc3b5e63d1087a22c548bf216f287798eda85de24ab415a3af4c4514ede8a3a701777698bf0e261e8dcca0dca51301469e75d06190931a938a930e615e93883366787bb548cf0065becff2b9ae713bebbf30235af9f72bb277af11625893546f90554b4b36b043249d31cefcfd853a6713c0f021c335a93a12fb2cdaccce1bd0a5d210310108d9c2b481e9458e6143d4bfb4da1c12aa450cbe46ba0d1177ac1d1e4b5cf1e3103885d18dcf3c371f4c7c24f60a8d202f187f502ba6571bc69cad2837982949e0dc38d2fb4da8e1ce1d71c7d0627913203b10c6945d6575a92d40edc902e677c0df06f139d41b83248e5b960b3fa646261989bad23128f25da60a4a96c1e9e82473be43862032058f28ed3c43bf92edb54e3ae3af46a510009defa7447448aa6a04f0f90080360174cc37dc2c66a1d03a4ef1a1250e1474ecfd7baf8a52c718ac03b311c833dd80eb7b4ba8e810d7065af863fcabea341f52f7b40c5da637bb6a8df039a3d87645b3a61976593b2676e32896ebd235b32cba00dedcd256da410e14f566a1d652fa8f004bd287268a5c275e116df84af5d27d27d1053a2d7bc5cbd761db743b4a8fb15bd382c5bec7ee49f20d6a3ed47b16d627ae01e9ba6c05268c0d97567f0a59a43bbfd9a9c5265c0a37fca7c77eb133f956d9ccb5dd847e87d31f6cd00022d09b2fd221a7eef518cd46f6c3eb3b35399d99252c20feaacaa7e663327b3471a5a711281addda03007f4388517f16ff2ed797d631282400a1c0ba7ccc4ba98236543a739e2179d9c211dba0315a8a0fe3f76521e3fc93a9ae1927dbfa988060db521fa0af19078a2b919abcccbecb1c7089442786f75bf1ef808dbdacabcd496c86fbe55c6a3fe0ebd10e2d3c8eb8c66ee95aa780ecf1fa24ad01a6638caeead62df0af44ad33f76d5b91af88751324e682c266b45e3c6f496c9d0cd150b1f9671e68d70128851772e17e4f00ecd683edd410fc28de10e578317e8f4f392bd200513d4b7f021b7da1be50af08c4314bc86574e181e9dac62f35ccec8e811d0d2287ce069e96d1f03eb384916616ed219a7cb83e1d7e99c20541532874831772448609be1b26ae1ed9d327468ed8c240383244495fb2f713e3dca816839f27f8bd4c596fa6a3914720dce1710129b11f3b63a5184c9107f1aa9118dcda15660d3462530b2d13a2d9dfc7a2d2be3bc172be715c6a477102efbeaf4fde32ece0d09b9976707b368a39b73dbb615cf350ed59fa76a329d0a2ea4af0c1f73dccb4ca3b2b2136c3e79ed224739eb2cb619113d7d3a9a029a7744c93710eb377cc52941061ce6b5ed53542ca31d089b8bb94c15c6ec26524a7604071f0e1b7f2e9632c4783fd975563f497d8a0c85a6174fc488c01201a1dc5dc5c8bb6a3c750ef273bcac8a15768b87436ed8d572ae4c976ff8a5a58d340bc1297cc06256005a1616cd2f6504b03dc46881bf74ecd67590e3e587c341b97d592b34565e0ce9d0dd32be473e21de314d9532e2bd94fedf2506bf20416161584380fcf03fc4e51114c81ba5b35c6b03b8620cef197ecb8154aaf9acd877f2c2bbe6d81b63ad54de2bd6719df9977482174135ef227915d59dc1fb8337fb798af473c0a61aa87bcf6758731846e04c4a3ba750c26910341b7cc98b1a05d153367913cfb5c5f995b5bc27c65f77448c921219fee3e3dcb7242d8c32d54994552aac714c347ff7d358604f15858442edf64985c11702e1e36bbafd215a23b8e84475e2934ea572be7006fc2767ca074b741cd49b82d663c3c64040dbe9d3f55a5a527cd938a9a288b96c2ee0de32169fbc5c395894a55365cec254f30f3e2791924b1ceb98a768df6932b1e8f95b7a31db34334619604f982ce499b8169657407bddb0888eb1857d0fb0f72e3c01ab4bce78466c353a562553e32e70e7299534559fd8b62122a1c7fdf879f35a47ba2a5ca4a9830a8fcc9be1032f5a96e28e93a3f4567f00718ab307552996c0193165b39e66818ebe2bba16e05b0fad69caa95dca5551614f37b28b7c4f10b04ab7a28d64161049e2f0dd51cce80fdc251cbc9cc10d03f2e1c70b86313746c93d5047bece47e428ea94c6086735eebcefb7dff825ed34ce3775bdafb75eb0d46e90f66131982acd39d228d88243796202cda1c3b9e50cac6d0ddf88f08147f7cf88e3adae7e20f640452e410582f4cd04856115c1635966b02581fc0087cd33e8b37dd1dbc9a6f81e4d802e2dba71fbfafc578ea0fdefb156d65d8a9fa146432c0ce3c7bf4c895d015fd2157ea89cd4c935b60cf8f507ce8c3ab03c69b15dd5ebdad2f8bd21982b0ef81657e1dd01b69b01378387d800e216799c7813c27698b8c0c0e13826383c95706ad80d154ad8217b8aa9339b57c152a33ccfdffc01c20ad5ce62bfd6456ae01ab8063676", @generic="3c795e743c3273f737cf08283e850873999ed4ddf7fd266cf69ca8472cbb7ec4b6db3b318eeeffd0", @typed={0x8, 0x60, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @typed={0x8, 0x6d, 0x0, 0x0, @u32=0x4}, @typed={0x19, 0x28, 0x0, 0x0, @binary="2257908c24b38f1ffbb29fee139d8f901b07780ff2"}, @nested={0x1028, 0x91, 0x0, 0x1, [@typed={0x1004, 0x7c, 0x0, 0x0, @binary="be872b55223c03467173633b7fc614199c9ecb7b8a1939876735449884330089183e435f86cfea68f212465089ac21f10973905dc09cfd7c6c1e15a9ba3f94ed614908cad65c31cddc6bb7cef26131afa68112ccd90cf0f83c9d92c1b4eac1137f1ad03c514b836c4902efa0d1911778f620fd4fe32b573e2b6d3b75f8680ca718b18029d142a352991d07f846c23f9218d33782d56797073d932a5cf76fb020fef2d2deecd4af2a6a79a2b21dac2a8b7c458a7089b7004698cb70f0d7ffd690f70e8989f4c36d47502b86854a30e0a42054cd0e25c80e632b21c2e0aaaab694ab63455ceb94e1d3e382d704249d33b51c05c57fd8f730efeaa198cf50b2d20542489aaaf55181e232298bdd3d501e93b440caa4b72409a4092a596fe8edd4f4a28c2013735aa21c3415b3648fc5782fcb1ec0382c8b544b7eb3769fb739d1a3ed09fb5d90a9507a4e48e7bca1d88d141c8f037ac6d058885b7c68a77f48378f3a462358100519d3c0fbe91b1eb6499328fec26d101a81397942f7f66f5dccc7b460d15b25ce052937e88fd3a1066023fffa8e81e06c44dad621f608da5d3bdc0a2c95ae1b8d2857e875b963988ddf1bf80c071cb60e4f3ad39e14fa736f4f675a5b418b32938dcea958a2b65bb71a8e972e8585731c00e6a5c467b9f94167afac489352179962ad370818c00617a1533df28f00dab04bbc0f1411c603f40398e47de013b47433310a8916486d2f1e6340bb8c135f9b134852a82ad9cd041fa578b48a6d965eb36959e5e2225e71120502b8af77a3ff7f56ac541166037ed816be5c39c8b13c7dd0f51935f2fcffcd62dfe72bdd4e7c7a486e02b8fe080cb44c9c47e526b7c916c9fcbfb8e86d9462d32d05c1ad72498d800905946e4e1f4061d26c5d483cfa83734cbf9281a3914fd53b44bd91f7224b72484d92491335f4c26c07c465de113a20468eefe8690c0ce15e1cf96fbb0b8665f57a376e4d5aa05f35c9485968397a993dc33ee68b8be7468758ab24b68ad2b83ce4cd9a1e675f323f185856c8166f9a04adbcae7b39d38082e3ca68baaea1a0406265102fb737a0450fd17cd48adab535b2c72e722e7f7fdd6eed6acbb4bbccfd7b7aed4744bf1672c94580d7cce26374d92e7409ada83ff946c3af36a5c2de8b1bc68ccd1405bd6947149a0b84d362d9845835033733f51b84db11bfe12b67718de886a5ce0510aa7a91212fd05ead72f9dff54f269f698d66ec9d4bc16e1ff4552ea1d5418804604d1934081566c196bd692433c64e0b7f93a48ad391460226c35f4abb74343ddf36a24e3b489d99ba2f093321a04a105270828b36369a969daf356e30a09b462881750a75d4df4760df96552497eec95df8365974ea73f3db35baad4358539ca659b3d0f3bcb30aa1cbb76fa17f8a5e2dce9a38c30cf145bbfab5960bb716dead1891e6f6e2068916f9c5fe9d0fd22fac4d2c878a24c4ad534aad3b9ec296dadb1ef920fe588264249f31d5a561d25744f74eb89dd8b38727dc9227b5715c54878c98da499952f9e7a3dbcca46e6743b0f948ef4a5740e277eb4a5c2a06cf1772fc978f86f21236f188d556b5c43245cc378ef1bc4219b1559cd3adf96ecb181d17d482fcfe2bc705d6788c12e7478bbd0fc5bc33876b1216a8236ca20cdd0d68b95b55c651623b1b5cb65b4988d714240b14f1cab5900b9c722e1140d6ede657379639544c0096555697a3029374c84ce92fe7540255e94cf54de57465f8c135bb407354f75ec0b36eb65d3f922e8ee063ebabf23f2efc573315caa49542f666f133784afd2c37d3aae31ea2189974fba7874cf27d47fc044d6813583d6e08f9f5a695c105bd0271923039c686081d328643b0aad011be49f13a503d0494126f9d4d17cf0c72b835e38a0d6189f1df3852f55389ea39925c4db30b84db0ead5381751d7a250c76953e19bd8baa86ac856066634342be10b16b761d9a75daa40f11b766bd9fa68d8b8311dc5aa1aec55ee1c70a28beddb6e2cb6345a118a4b0d3d1aad14106e945966edd26a4d601f89143cb1b37f2b8d3c903e35b2a4f98828fb62d43c2296202047c687d38df407a4d43d4e2fbc26cf5eb83f76ce58b97d416651d37fcbac4eca6b51981acc3717854da4514049af9848413b871d273d00dc583b226f48fd9e92b6067366befa59467e87c69afe493cae7091914bf3d5ec1f670b1fc21d2c4a8db9aa28caa4706cb002f4f1a7f35f998372b4074911a22af77e657376c5edab2890161dbcfc763c1e109d61023c0512db2ea7a96c577679ff7ca39eb3590744f8c214b501a570bbbfb7f0900413fd360c0427ab87f218461cb7f8164bbc5a7e2afe3401b7e6dcc1f9b5eca543e7127cd691dabc74eb7f63652f7bb11a47ab8c559be9807b4095b55aa1bc1f52881e96030e1cb082d73ed74f528d2510d4a29a95c9f5a981f5c9565b91ea7ea86dbdbb89fd82961ec03f85e9121c6d0e0268a72cb63100a542c1655e4db2151be68cdda94ca22bc8d89d0d932b0300c6566d515e13a6f02faa988f519d9757ddc849a755c5972a70d59d6fcccfd22d1b6af7be8217ead1ca73306aaaa265705ff77bb119d297f17f2a3083c8741a3a312ddf5ac06ee887f07bfa8031262924a769a5a32e69ecb057012bec9b21481200d50f825d896091caf5eeb62467e172b687d8c789df435a48e885f04b1a215ca05ff4144f2f17b413f883eb7e80f2f2b35cd84f0d4ea337e20127f3cbce9759960b0295cb1f42b0c503f962e88474a45fbdd0d14120dc91de3c3b6aed61f393b1a35f87e9f4a9e56b2b32073d45c8b1593cc5ada14d2bcf40efa00a476708465892c68663cb1b484029ac9563f592cee8fbedc6d3e2fa9b122f9dde9278fac6357a8ad644972f0c6928e82611cfdcb67fe1e3a9e19c4969951922b18ab461d37a63e879ff1c4d6aa874dd32340a1e01d9423a5666b18eb92a73f081c10c85e54c0c36462c7b7aa2cda631c5d16cd56a83d0c627abfbf5f5af3d7cd6e87c58986da4f8385934ed537f515a625b12f7e3005a11bdf2ff1aac85a0d1fe2d3f77b38fd2d2568133f81e0eb9554603400bc9400fe98786f32650c5b6237b69e40469b8a10800ef135c5034584d3604593f9985ab2dedc472b8af083b8de8df8c23380d6702d9a365d5ee374ef7fb22edf207a7aee95b8c11a021e773615ecf355c147db3baf0abd55ee3b62db1a9c0241c4c2d6b0fad283e778033bf8d01b4efb6ad1694783362bd7375dba7e4e8705e884d5e44109de45147a1d3a7f02778aee4fd9b127c8963e735db5f5e6f7e4365330a31382f727771a25c3ae80ab65450672c0441e9571ca7b2240bfbe94ecf832191dbd8d9ef92ce97337b5aa3d4f0d46d9bc0e122144b42ec159047bcce648fc42650b75c5e0df05f6e390cb127323d40135e080893c5ddc0e51fb61b8c9082bfd7ab0b93fc39193577384f4d2dba2d7a3cf72f6ab9f66f8b16ccc04654a18308abd36e44266adbd3b3515044d8675c7b407e952d8b6725148394e6f1b250c0fed9cfd62e8ca8e6b01ed6cd4f4305443aa267abc3288a93c5b41a7b6eefdfb2281f615602b84f4f1d30f4de117d78578db2573000dabc6aff3c942d2265963984066af765b9544f5f41b21712d25a73e249f0adcc0a828e46b2dd15bf3d7d41604e3a60b02dd68fa686cb0f58b6e55bab8bad07be833d82c9f285d77d6eabe72f4017f218bd4a0742d45399ca8bb7ca49571c56af1e76b1db005c6370c594cd9aed8da49b13b084ac812ec2f94772c6534e9a49314b6a4b6b07e3164ef521403f1955986e7f554496eb690047ec892667fbd3d141b067a3cbf32d7a051e8a9f87fe0dcd4706b5ec653a4439972ed0fa2b7640cba6ad5b582f5304bbc2afeb6f4f8b9a9043108a71c19a3476e51ee1d8748eaca23cbfc0a104ced82c134283011d8aa251234a1ba0f49b7a3df6c8c3d42be0b07956e1dbab9f4199321425d6a7f1135d851dc55d751a07681215f1f1b961916d6dd1091f3a2d9680aa0235c04c8b99e8da09581c22a02e263e647e62c955ee01e5515c0325735ca47ca918db01a7d8e6bca4e6c1a502fda202e9325e628435d480257b7abd8d2e8c48824ada301797ab3ce4937fce63beb85c8af97489cb25f00a3e0f0ae6600bdf9e414caca5c09476b9bba8cd1ca795ffedcc9345886c435b3eef7b27177892d7425f176fbac833d4bdc0d47f0ee7375dd14ef5e2f82b58ef3fe19249a1f2057200f7fbaea5107c3d9d19a4adbab6686fc5d304ed3b72ad93a32408fe4b56e150400385a1a1a01f9a409e65c906284d0e1549cd700d4e04aa0d0b19b9a6c7b16bb092985bdc8fff4f049fb1bdaf5ef0a1ee0a8b8251e86fa87b0074ea61f8beee69d476c2f08331679bfa79ffdf58f463cfed0779fafee335bc0283fbe1e6caa9952e44309ae8c73404ada0ab1066683ac5fa216068b3ff18e7875141b0d1a72ad4787f6bd268ef2d4a4989bad9ff3f359f1adccecc8a084577377711b67130c4678a083ad4d7f596b028049ea17d2b0b3845369858317d9c353ce93b970f2d7d6d5c788a64d8844563fc398269ebcc3ca1de06d1a901e49a83dc37964a1f33aace96e3c37de5a90d8a539216f62320d87b487ab201e3bab56ee883e008b2a97eaebaf4452c44d835f222895d9536bff1a82c9cac19ad83f0dbf0f61994f945c70333d45cf7fb5bc1f103b1061ed11bfaf2ef73927752c0cae5b1fb19ed0263ac748df5eac1ed82ffeb9b9af6bc0c3d25d388c64f377f3fd3945bbb2af49e2120771270188785913468f62e34e08d5108906df2286c8b99308af6794c3a620f9a5efbd0c9517c018436bce4c65bb849b940d66a28cd63d65cfe4358b3e8607fe947d4db294a5662e24ecf4399c1e4977f28e5fcd190b2e9eae81c3b3a020e21a7b44120383031282a411bfe9e4e94b12056afaadb0eaabd046aef76e70f887814befca846e940ad118f174bf609f8c79025b80b7d8ea3d5b33b896e888701f2cf29b7f52082a66a646117b59087aeb2874b31f07cb17fa007256d4990c6281e0240bf8c47645d7231b1b06ff4f0cc4717160916dc8850ea9bb3835d52f824432ce2fe9e18b2e3806de49a5fa5c04562297f797b216d6f713623f499e65dad6c7d29592a67ef570970620a14b143319c467a34827d669c2fae3f72bfc4fca1e901ab38b9cea86bcaadc04ca4289b3b13ed94da7e22b1c1148c94aba746cf0aa6b39db7996abbfedb72477843280cecc44fc65f4ed6182d9c2ee4c2cb25808c9e3cad7d2697ba57f6ee8898b74ba06a48f791d5b198fc3f4a1fb1926dbf7fe5cf85a8c60b8d43fdc7f75df4aa40d64ece072f8bbb74c0f1861448f62902673acd3f2a3df2e045843a95db30181ff5a21d2b1450504d51f042af915a434cafb51c1fd3c3cc655535b514035effb38c9254cfd04781354958f7f61df956ba04346715bdf9cc94b2315e64ff45aa538628fcbe756da0a00c6da8ef46788a686879b400e463ce977635a57358bd422f1d1d9f04a9b60544057357e5715813a9ba98f8af7a5e918a68b26e20b1f078de96189cdbf12edb31117926b05fcb56812b0ed7887b9ac5400034c100282fa26342fc307a3c6406c0d9fbc27fcdf2a337c63e0d3b524677d65bb961f51502f7bbb2d1952e9a9f958313538871e4f1d4f1bda00497e362af1304fdb370cc9668b977c9af005c12fed8f12a4ac64aa6a882a1562805dc0ab505cb33d3c4e38c9feaf70eb9f615170f8"}, @generic="67a2a1e1749c17c4498808e7a2a83cb9ff881d150e562cf8e9ecb00024a20037"]}, @generic="3bc888e7a85e66a770d59ef50b2dbc49cddc9775b4897e499ee5dce215578e816666a8e334676c219f6fc0912071af10f42d4e07007164ccae0a25e18573b1fdfb435fd799177a50995e15d147601a01ea8912b29db535e11b41f5370f2d9358fda8f378e2491d71b4abf6126d68d285701e6bc22bf816af504b205f000af7969d366cbf627e37c3489e2b3e6795284877fd4b3de628b57a177d4c7e45d9be34067445e3deeedf158ce892a602cc18da962619550e4298a582c63dd37c41e7d3cc7f57dbad7ccac824e8ddeb56f7595fe552ad0cd236752c897aeb21077954b57633bbeb9eb9a1df7bb79521a84670edba73ddd84cfc889dc26295f686790d68e38cb0be2c8d8099814adbb1c3e1a0bd6af77fd4f6c0c0aa36d266c568b700aeecac0a9bcdf732dcfda066dc3d362a40c76b6b7d033991663744a48b8c7133ad4c30f4a35b5cc3a5019d065eaaabbfaf017357b46c2896db302ec9b6148ed175e087535dd5b39b84d675e62d999ff97aaed7b2f43fbcd812d83c517d9909a9e1cbad07e226854f4c3a246d1231d9fb4232fd8aad1697fc8fd9c9d9c6e8f71f1fed6115f2c90c0bc0991f0a36dfcfa77d46f32857fa7159e5114251a457f0459f93427a1a585b529a277dec720240498a990cec647b6aa4c7a84e1c594f37cb0f834ccf13c76955c67db8f6a64e21cc3d5e6f8bec21d741c02f9806b1fba88fef24e4640d282834946629ee2c72206a132912793fd1d13ae544ecd306c62662fe7d1547dc8734fd0ee3ffd01636545762005da544cec4ea5efd644208beb1d3420410f47365a5e1cd2036ccc2a09ac75fa6361da5a47ffec3dca5fcfa1ef51cfb778a5aff13d2d006b1cf24d5e4d0d89e5177fd07e653fc3a69b358fc85282060e157bbe75bacde778299cd71ee49199e0e1ab508548a51fd565f06f385e3d7f68692d424c591e896edee9b212602f80aa9ff13b3a7feee26018f561a647327a4253a6c0aa017e30e900854be0c2a75b6beff05a5126f0aa2e548dded7dfad6e7c006cb4ee3b32dec66d38d83ef7780420ccf8ab63c7de36d44ca373b800c55d2b2a4536ada01edcda8c13f097e148326153e39734fc0cdb75ba3fc6b6e5af4369281ee26bc9c9a5ecd21d82afe208648502b211a13fc608689cf20d88f8b09cd96bb4943fd70a366159285eb4e2f9f8db5e2e94170ed42a430b52d533cae02abec56f54a3224197f0eb856c0dcbeb286f3f75f51c0d37c06d918958c8de47ec54b5c13cbff192ffadbd08f9533b069e7cc4cd4bf20ed1215bb262459e222f765ce03be1064182f529a5dbeb19e4592d96add46404d5c6d18c5b7a5afb0f778d992fc5de9664382c49ce8bdf0b95dedd57cd82eabc7782abb4be185eec8b60b4163c5e12b2b61bb45c7535a0ec7783c08e44bb4e2e5df4206b64099757b0f976da422c153c3473e7d8c4e00170b27899bc6dafb4edb34e6ff0ffa6596f9c4b41669905891cea25bf4344815ffabb8e48e437ee66a90606442acea7b2762c92f0995203fe98468c3de3e7f766ff95bc8683d22a86a1a3e31d2ff1b448194de1ec4711aef1269a582a8ce1ee29f74a6c22cbe6596c61b6d095d6ce1bf1ce73ebc309b3ad4e685bee16006aa2fcbe1e4477f22f0a0e290ea772c5e1ed84e4706f26df8c0c03a6402bb334c88e8c5f4aa819d9ceca8629062db0cf79758dca6bb400a63c5dd59131d631fe7e98c89808896ca519004433d637eec77f5e54219d9bdcf2c37bf8a57a5f0ac5519527438e154195b18cd36b67c5f12a5cd46e0f19e6ec29ab9707973ce752ff45161c077731a406db8d56952b16e400ce268648a32cbafd632e59c65bf43760764b872c06e7a72156e366a01d945413c123593fa819fa5950fcdc91dbe4dca15396d6a9ee20c3cd81fd67b6767d508a876bbf67b4e2e7b0c908c826b070cd9943f25c29617043402ab8d3fd3365cdd4ccb8950fa69dd54aeac8c5363b6cbd77f440bbe3d6d860d5cbd55e7e3e6446b2f2782bf57ebb1dd3a6c349e5333508cbfe409267de694a850e2023127a6a7ebe879db2473f6556df49137db87aae2e9c54e58349a59413302c2169d2c90243c377c76196dfe4de126655b035d6c5d59bc078a18f382c1891b01f6df776abbacd27a7335962f47231d1929324ee6cffa6f637fe5258477d8a0e0fabdd5e0e63ae7990011b8f04dac3dcaa13cacd5760a28c9d322c17808488704ddad15907a8e588d528128ccafde38f79a61ccbc1f0d949720fc0b368a84f149f1b3a85fc4030aafaee97a364fb05f9a7399c3a5e46256a88dc61e05eaf45608df68b752061bd3f9d61e864a2e6ec45a3d5ce22e2b912662ca3409def721d394161db4c7f877c1fa6c6e876d771b2d9ba7d950a7c483eaa5967b1a1f53efffe2d64fdd84064fa803659d059caa06c23ff46bd6a94f750acb1950cb352314d38b57524890074fcb856a3f72578add6ed6a99c5c0ef02ae6674857feb57d70d2c747ebedd599bc779555d11fe6f0ba4adc3b5be2339d0734bb3f67e018cce30fc57cba942af3c791c73f25a0668edb9d7d3a0edb38ffce247322809a4eba9e3c410ede9f2ac1eeff0e0cecfb7f47357f478e3552053cd0a7aa018b627ce60bf7062e51dd2ccfc4dbdb77129b79f9243e61c265811e8fb9546c6f265d9477bc683503c54b31e5f144bf0c18f8eab5c0273ba44527fac80e7f8c6b978d01bd43ddfac53e35276f68a35bf5c4b6a9848c30a05d34db01910eb12f650b5093a94f3b03160e4026af6cf9a69c12ca499a60808c654256e95e9a8fcec6fcb509d0acb1507fc7a233879c40931b13b9a98ad1c05fdebb0813688693d743a8acf964e69bc4be8d83a07a1f5169269f42af92b8dc06669b1f3d6159a081bcd3b8b48e409d4c0d6302891e868010e0b35e3685c07446a103647713b815eafcda7fe29a909eb41b679e0075374b9a8d907fe830e10398446b4bfd847ef58a26ff6fbd0963367627069f0eb10f4a1ae097baaa9f032421387c37ad263e285ac19d9613529905391f984668597753557e2716aa41b4870a71b09ac13b0eba18e1ce9001323dc504e8b9d5a289209bd20d94633de0f53b775c91fb54340400c45800fb402d75d522530693a0049cbe5f18df41a04409eaae9cd9b425880615876cba18b53df0685ff41d945d05329465ed4d46e3779507eeac61f6cec5adfe0bc825f2b0ca5e65d77d9282018b2981ff45ca1523159181429d0e34482464c5e7e441bf969f929ab3554320268d0a5d061ec17063ba518092b8e40d51fe29519a60ace8814a594bcc99e9946cc6de3d80296f3109bf0967475177768e2a5c9f94f28b46fd5802a84b843240e5b9fb134b5c46e55f78534072d2093a3d15e6ca8982c0b0878eafc9a1dbcda62a75b8066880610424eef0174047fbd146377dea76d61976d1497ef595e911da5baf3b1cc704dd4ed836b284543a3bbf117230cb9d5e70104948d7fc69c83abeca1910e077d6f47af4656cd79887d525235959092d867674b85dad3eed73e70b9a16ccc5229f65a4cd76652c0da41c175d6c85be00fc7a4e04265490cc2de28965366909f3d07ece763dfbffc30b5894140f3c59e70a955ebf7350949851de34e4b41e0b62faaf8a5af71f1e00f5ac2d7fc11dd82302d3ca41106ba100595a1894ed3fbd6dad195573530bb92a87a2fdfcf35ab58128d66896f05bcd25d4d418f0ae7cc5c533343bd8b635090fe7a370a23e597ccf1f15fa74a015a04ed6d49259c396f6ab3ce0f6354803f66aa44045bae28aa20243ff449eb58ca532a7e5fb467d821878075501a6b24d163a01350e5fdaa5c643c7749b573b6d28ab5bd9497020bd4bac35181bb04c6df834e600e7e408426aa1156c07cd8e6aa5f630cd3d7e9aadae88559c21b56ce4b8af9d0ea946a8d1e5a7f12f66d60a3b6915c679bfa17e0858cc945fb82ef962cced5e2836be6a362d62f4cbbffcec131d53ca9ff999b1cd9c72c74c35a3c85dfe31720504bceacaa5771d1264c84b607f131d8a0a32b15582c67049b742d6175a4e625029dd42ec4a85929fca1fd2b9e236bd0aa38826745afa4c3efa7e27719e6b33091c3c557464a906f3cbda6b50e85f5207c9fead9b609b908f78b4c521a75832e3269182143056572562418f93cf905338ac0b99200bcc72740904a81cd4f6aa1d7326a21c160a044d535aa95b989a6d411bc75beef0238aacd413aa7bdffab495165f56eb47cd6de59fa960150ed4028d2a5d9d0faaea031991f5bda5abedf2021374fc852384a1cc6e6a336279a1c1786a5882c598e9843f079c898e8fa350858a32d24aa6b63ca5a80106f6cb95271cf250ce4aae04566fc02468c3aba528efc352f2bafb22e83b049250064b72197d9f1b89b0ec44dcc2dfda2d776e233035e877b770567e41bf4dde9767e48730ebb660464be01a046016071ad17dee8f511eb3c57f5c6590abfd6ecebc0aef4a68eed15b60d65e58904dc3fa8951de0c80868b1b86bf636f5bd08820672101b24b7814d03f82de6fac99b64c48be573250349f664fa234a3da0bf95f7641a9cac20e22a268e24a3f4026098fb36a7f3ddde45921d8be1038842074294acab6cf47eedaf64c9683ae631be7ac567fb21447470de83f12ede947b8478262d852d2ed4991f714fe2bdaa27320b7499d7bd7d0d744fd4909605d20964309b13aeb7d9af6abef1df6dbce5756f56eff2ab1950f01fb9239ecc3715d3c4f8f0ebadc72666d5e00a14251bf09f0717708b6e980c3c448ec6e58dd744299ea15978c349defd6667f0f3ceaddf9ee4740635442af67aa209774aed5e6c35c021a3824478d88ead08161f123b1c64ec5cccdee7df54f25d89b00d7f470bd589824799d6e6917b238e09d4c30ac269ea79f7bb58352db28ba001ac4147e39cc6b6f2e7f7b62d6d95a14c04aee729d58336bfde175b2e7ff63960612e83d0a1b915a7812bd8707db91f582734e9fb039e695d1a3fc99f5d870ee27a3eda910a5aa7b7ce7d3ebc053e12ef30c8462f34b6063565982704614ecae0e1e03782efd1c7c4fe40abdf2973232ee6c930c323441bfe9acef8094fa4d9636eb63c16e01b60a7dd32d3fbf6c9e0a3c23efdc0253f9f43afbadde86db69e42325e41d2e7423d4f1aa7761ea1b470e8558dd1d7cdf2279a53bddba2721a8b125c6799086faf43d0cf87c5fa2b7786b45780444a6e8c5c6c6dd4d3651dbdd8b7d84da5eb5589ecc174008fa956aae898845b4b65097860f929dcda3518e6aa8371b8deff905350e8302e66f083b6f06e035c9759441e63dec1c0ecd818a9eda7025da99700b27f075ed2cdda0b85ac36d656a788ace151bac571e3d0e92f618b5e5e3aa70385a4db7d355471209a8af7005129a43c6f1f33ad319231f5fb931d028af5f6decabd6a5ff23447e68b65490585d439e388dcfe7cf22e8a14cb90af0fea5172da65d8c899f7c366e6ef19a2cba9ac7dc56ad0d8a30e77587cc54de1d2a0d37944ad55ccd8dcd9a2718d27de24f0086904f2b6d716c8147392f199017e5b6fdb4bfe8d4b390b878b1d310c6a70194d1e67b69f368be8d8b609d4ab15709e96180f578d381a250b3a4afdb7ecdcf44e44e26d0a78201c0cbbfde571de166b9f74f3aad1d9cc73abc7ab80e7ae521f987de41459963c6b24e1928d2e4b4b61b8dd1975b1f6234aa97b8510c00cc93d6a1e735d7f4def3e27b0279545a9b62d627d122f28fb81ac036f046739464e5910a4817d7d503"]}, 0x3090}, 0x1, 0x0, 0x0, 0x8009}, 0x20000004) tkill(r0, 0x0) 17:15:13 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 14) [ 1085.578370] FAULT_INJECTION: forcing a failure. [ 1085.578370] name failslab, interval 1, probability 0, space 0, times 0 [ 1085.579256] CPU: 1 PID: 16928 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1085.579833] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1085.580586] Call Trace: [ 1085.580767] [ 1085.580926] dump_stack_lvl+0x8b/0xb3 [ 1085.581208] should_fail.cold+0x5/0xa [ 1085.581476] ? create_object.isra.0+0x3a/0xa20 [ 1085.581814] should_failslab+0x5/0x10 [ 1085.582083] kmem_cache_alloc+0x5b/0x480 [ 1085.582380] create_object.isra.0+0x3a/0xa20 [ 1085.582693] ? kasan_unpoison+0x23/0x50 [ 1085.583005] __kmalloc_node+0x26f/0x470 [ 1085.583295] kvmalloc_node+0x3e/0x100 [ 1085.583608] alloc_fdtable+0xcd/0x270 [ 1085.583898] dup_fd+0x718/0xca0 [ 1085.584158] copy_process+0x1c31/0x6cb0 17:15:13 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1085.584460] ? lock_is_held_type+0xd7/0x130 [ 1085.584918] ? find_held_lock+0x2c/0x110 [ 1085.585237] ? __cleanup_sighand+0xb0/0xb0 [ 1085.585561] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1085.585972] ? _copy_from_user+0x139/0x170 [ 1085.586291] ? kernel_clone+0x2f8/0xa60 [ 1085.586595] kernel_clone+0xe7/0xa60 [ 1085.586878] ? lock_is_held_type+0xd7/0x130 [ 1085.587203] ? create_io_thread+0xf0/0xf0 [ 1085.587521] ? lock_is_held_type+0xd7/0x130 [ 1085.587869] __do_sys_clone3+0x1dd/0x2e0 [ 1085.588174] ? __ia32_sys_clone+0x150/0x150 [ 1085.588515] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1085.588916] ? fput+0x2a/0x50 [ 1085.589165] ? __secure_computing+0xb4/0x290 [ 1085.589492] do_syscall_64+0x3b/0x90 [ 1085.589772] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1085.590161] RIP: 0033:0x7f9fb3b18b19 [ 1085.590440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1085.591753] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1085.592299] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1085.592813] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1085.593336] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1085.593850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1085.594358] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1085.594886] [ 1085.598887] loop7: detected capacity change from 0 to 40 17:15:13 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x3a3d, 0x9, 0x2, 0xffe6}) 17:15:13 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x11000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:15:13 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1085.648891] blktrace: Concurrent blktraces are not allowed on sg0 [ 1085.701676] loop0: detected capacity change from 0 to 40 17:15:13 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) r1 = fork() tkill(r1, 0x22) 17:15:13 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0x0, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:15:13 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) r1 = syz_open_dev$loop(&(0x7f0000000200), 0x0, 0x200) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000000580)=[{&(0x7f0000000700)=""/146, 0x92}, {&(0x7f0000000180)=""/66, 0x42}, {&(0x7f00000002c0)=""/164, 0xa4}, {&(0x7f0000000380)=""/223, 0xdf}, {&(0x7f0000000600)=""/58, 0x3a}, {&(0x7f0000000480)=""/228, 0xfffffffffffffeb0}], 0x6, &(0x7f0000000080)=[@rights={{0x10}}], 0x10}, 0x3) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) syz_open_dev$sg(&(0x7f0000000640), 0xfff, 0x400) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000680)={0x41, 0x6, 0x3, "dce9689d74b6cf4d07b836f43f66acc7537b694f3b2fdd85d62b4f7651b2793cea71e57ed18bcf8f82012e1bd400a62793e5152c46d36eb20e8ed5fede35823d47"}) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)=ANY=[@ANYBLOB="01fdffffff000000b4757db3", @ANYRES32=r1, @ANYBLOB="03000000000000002e2f66696c653000"]) ioctl$SG_SET_FORCE_PACK_ID(r2, 0x227b, &(0x7f0000000100)) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 1085.796526] blktrace: Concurrent blktraces are not allowed on sg0 [ 1085.804488] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1085.815331] blktrace: Concurrent blktraces are not allowed on sg0 [ 1085.816086] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO 17:15:13 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:15:13 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:15:13 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x1ffff000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1085.873636] loop0: detected capacity change from 0 to 40 17:15:13 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = fork() fremovexattr(r0, &(0x7f0000000040)=@known='trusted.overlay.origin\x00') tkill(r1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xc4202, 0x26) ptrace(0x4208, r1) fchmod(r2, 0xf3) [ 1085.913384] loop7: detected capacity change from 0 to 40 17:15:30 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 15) 17:15:30 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) r0 = fork() r1 = gettid() ptrace$setopts(0x6, r1, 0x8, 0x2a) tkill(r0, 0x0) 17:15:30 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000100)={0x0, 0x1, r2, 0x3e, 0x80000}) r3 = fork() socketpair(0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x6, 0x8, 0x0, 0x5}, {0x6, 0x0, 0x1, 0x8}, {0x928, 0x5, 0xc8, 0x3f}]}) tkill(r3, 0x0) 17:15:30 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:15:30 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0x0, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:15:30 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x20000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:15:30 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:15:30 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000840)={0x53, 0xfffffffffffffffb, 0x7e, 0x8, @scatter={0x7, 0x0, &(0x7f0000000640)=[{&(0x7f0000000180)=""/102, 0x66}, {&(0x7f0000000200)=""/51, 0x33}, {&(0x7f0000000240)=""/231, 0xe7}, {&(0x7f0000000340)=""/215, 0xd7}, {&(0x7f0000000440)=""/167, 0xa7}, {&(0x7f0000000500)=""/118, 0x76}, {&(0x7f0000000580)=""/133, 0x85}]}, &(0x7f00000006c0)="3f4ec27890ebbc5f7ef460b1ce74e7ad153793f2590cdf1da629bcc24cfeebe4be981b22ac17599e72cf41e2d585cce317d527fa47809aee364bbfbb71fb8aedffe74f10e69bdde8cfb09f245b4b8d8e0c8c567ed18113447f5b1af454742e4d3bb763820e232aab9d8959383c71a885c1bab692b8c26864198942aaca04", &(0x7f0000000740)=""/152, 0x9, 0x10015, 0xffffffffffffffff, &(0x7f0000000800)}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) write(r0, &(0x7f0000000080)="030da36a4f2139bc813ff8b84715aa20fbac2c929d857d393ea14fb9a4134803fb113f968ae9d52a49f8ab56e869d9b1aba3c0038b7e8a868aab84246f164dc9b5ea88bf250f4d26b126041f6e1700b8379993234a9730e7e105f2fe1f0bcf9b36af5a4d279270fe96140ba1ed2b525dd8b3aaead236eab6a04872997870c3e066185d5e8e52bbe14c60de1df07c3e1bd14b9491d5a67f04157b816df661578cd577d9f1281c577f27c3632ab86e89370b2589d9764fac1518a5612cceb4734aa11e1123b5d5f018bded24f017fafef9", 0xd0) ioctl$MON_IOCH_MFLUSH(0xffffffffffffffff, 0x9208, 0x3265) [ 1102.520371] FAULT_INJECTION: forcing a failure. [ 1102.520371] name failslab, interval 1, probability 0, space 0, times 0 [ 1102.521465] CPU: 0 PID: 17567 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1102.522614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1102.525247] Call Trace: [ 1102.525744] [ 1102.526199] dump_stack_lvl+0x8b/0xb3 [ 1102.526927] should_fail.cold+0x5/0xa [ 1102.527767] ? kvmalloc_node+0x3e/0x100 [ 1102.528212] should_failslab+0x5/0x10 [ 1102.528535] __kmalloc_node+0x76/0x470 [ 1102.528875] kvmalloc_node+0x3e/0x100 [ 1102.529211] alloc_fdtable+0x139/0x270 [ 1102.529550] dup_fd+0x718/0xca0 [ 1102.529852] copy_process+0x1c31/0x6cb0 [ 1102.530206] ? lock_is_held_type+0xd7/0x130 [ 1102.530582] ? find_held_lock+0x2c/0x110 [ 1102.530944] ? __cleanup_sighand+0xb0/0xb0 [ 1102.531311] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1102.531765] ? _copy_from_user+0x139/0x170 [ 1102.532240] ? kernel_clone+0x2f8/0xa60 [ 1102.532581] kernel_clone+0xe7/0xa60 [ 1102.532907] ? lock_is_held_type+0xd7/0x130 [ 1102.533282] ? create_io_thread+0xf0/0xf0 [ 1102.533653] ? lock_is_held_type+0xd7/0x130 [ 1102.534030] __do_sys_clone3+0x1dd/0x2e0 [ 1102.534390] ? __ia32_sys_clone+0x150/0x150 [ 1102.534796] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1102.535317] ? fput+0x2a/0x50 [ 1102.535616] ? __secure_computing+0xb4/0x290 [ 1102.536032] do_syscall_64+0x3b/0x90 [ 1102.536372] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1102.536817] RIP: 0033:0x7f9fb3b18b19 [ 1102.537139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1102.538603] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1102.539238] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1102.539821] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1102.540452] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1102.541038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1102.541649] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1102.542261] [ 1102.559529] loop0: detected capacity change from 0 to 40 [ 1102.566526] loop7: detected capacity change from 0 to 40 [ 1102.568889] blktrace: Concurrent blktraces are not allowed on sg0 [ 1102.574829] blktrace: Concurrent blktraces are not allowed on sg0 17:15:30 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 17:15:30 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:15:30 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 16) [ 1102.774351] blktrace: Concurrent blktraces are not allowed on sg0 17:15:30 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x3f000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:15:30 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = fork() tkill(r1, 0x9) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x337, 0x10001, 0x9, 0x2, 0xffe3, r1}) r2 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f00000000c0)) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) [ 1102.847976] loop0: detected capacity change from 0 to 40 [ 1102.854853] FAULT_INJECTION: forcing a failure. [ 1102.854853] name failslab, interval 1, probability 0, space 0, times 0 [ 1102.857476] CPU: 0 PID: 17874 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1102.859043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1102.861532] Call Trace: [ 1102.861776] [ 1102.861980] dump_stack_lvl+0x8b/0xb3 [ 1102.862327] should_fail.cold+0x5/0xa [ 1102.862676] ? create_object.isra.0+0x3a/0xa20 [ 1102.863096] should_failslab+0x5/0x10 [ 1102.863434] kmem_cache_alloc+0x5b/0x480 [ 1102.863801] create_object.isra.0+0x3a/0xa20 [ 1102.864823] ? kasan_unpoison+0x23/0x50 [ 1102.865774] __kmalloc_node+0x26f/0x470 [ 1102.866736] kvmalloc_node+0x3e/0x100 [ 1102.867703] alloc_fdtable+0x139/0x270 [ 1102.868694] dup_fd+0x718/0xca0 [ 1102.869501] copy_process+0x1c31/0x6cb0 [ 1102.870455] ? lock_is_held_type+0xd7/0x130 [ 1102.871481] ? find_held_lock+0x2c/0x110 [ 1102.872474] ? __cleanup_sighand+0xb0/0xb0 [ 1102.873484] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1102.874795] ? _copy_from_user+0x139/0x170 [ 1102.875742] ? kernel_clone+0x2f8/0xa60 [ 1102.876344] kernel_clone+0xe7/0xa60 [ 1102.876685] ? lock_is_held_type+0xd7/0x130 [ 1102.877065] ? create_io_thread+0xf0/0xf0 [ 1102.877427] ? lock_is_held_type+0xd7/0x130 [ 1102.877810] __do_sys_clone3+0x1dd/0x2e0 [ 1102.878177] ? __ia32_sys_clone+0x150/0x150 [ 1102.878581] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1102.879057] ? fput+0x2a/0x50 [ 1102.879352] ? __secure_computing+0xb4/0x290 [ 1102.879738] do_syscall_64+0x3b/0x90 [ 1102.880119] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1102.880575] RIP: 0033:0x7f9fb3b18b19 [ 1102.880896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1102.882407] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1102.883056] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1102.883662] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1102.884294] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1102.884913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1102.885533] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1102.886158] 17:15:30 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x7ea, 0x1f, 0x3, 0x10000}, {0x20, 0x1, 0xfa, 0x9}, {0x4, 0x4, 0x6, 0x20}]}) r0 = fork() tkill(r0, 0x0) 17:15:30 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f00000000c0)={0x0, 0x2, r0, 0x8, 0x80000}) r1 = fork() tkill(r1, 0x0) ioctl$EXT4_IOC_GETSTATE(r0, 0x40046629, &(0x7f0000000100)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000001c0)={0x0, 0x0}) fork() r3 = fcntl$getown(r0, 0x9) ptrace$peeksig(0x4209, r3, &(0x7f0000000040)={0x9, 0x0, 0x1}, &(0x7f0000000140)=[{}]) getpgrp(r2) 17:15:30 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:15:46 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0x0, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:15:46 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x40000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:15:46 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:15:46 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)=0x0) ptrace$setregset(0x4205, r1, 0x6, &(0x7f0000000140)={&(0x7f00000000c0)="5206a2c1208f8f820972fdd87fba649996024cd39f5a80ab1117af0a84194cdec5b1e27e7b368ad6b8409cc9a9ef618b764ea5387ec284df6c2dd3429cda019703c32dbb37f5bf4667e310f23335eee81135d53099fcebc6e70f1f6a86f25043eb21461b7ab7ee6adfc54d620eac4e13aa58ca8b41b3", 0x76}) r2 = getpid() ptrace(0x4208, r2) 17:15:46 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:15:46 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 17) 17:15:46 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)={0x5b, 0xd1f, 0x40, "33e1c12ec836b41771f24b5f900140aad9e1767076c8cd388be97fd0467eb14b1b645853ecca3286cab029e27999315f501b214de119cf9b22e79aba8dbadf8fbe050a7a093d2bc4f12e5a315de49caf8dd4f655719c94a3e8d561"}) [ 1118.999202] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO 17:15:46 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="3f000013000000002e2f66696c653000"]) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x20000000000001bc, &(0x7f0000000000)=[{0x3, 0x4, 0x7f, 0x20000}, {0x1000, 0x5, 0x3d, 0xc8cd}, {0x3, 0x71, 0x2, 0x7}, {0x7ff, 0x6, 0x80, 0x7fffffff}, {0x800, 0x1, 0x16, 0x1}]}) r1 = fork() tkill(r1, 0x0) r2 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)='io.pressure\x00', 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r4, 0x801c581f, 0x0) r5 = epoll_create(0x4) r6 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r6, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r6, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$AUTOFS_DEV_IOCTL_FAIL(r6, 0xc0189377, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x1ff, 0x101}}, './file0\x00'}) poll(&(0x7f00000000c0)=[{0xffffffffffffffff, 0x8000}, {r2, 0x45e3}, {r3, 0x2100}, {r4, 0x12}], 0x4, 0x2) fork() [ 1119.024652] FAULT_INJECTION: forcing a failure. [ 1119.024652] name failslab, interval 1, probability 0, space 0, times 0 [ 1119.025722] CPU: 1 PID: 18137 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1119.026701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1119.027994] Call Trace: [ 1119.028268] [ 1119.028564] dump_stack_lvl+0x8b/0xb3 [ 1119.028976] should_fail.cold+0x5/0xa [ 1119.029423] ? copy_fs_struct+0x45/0x340 [ 1119.029932] should_failslab+0x5/0x10 [ 1119.030336] kmem_cache_alloc+0x5b/0x480 [ 1119.030809] copy_fs_struct+0x45/0x340 [ 1119.031273] ? copy_process+0x1cc2/0x6cb0 [ 1119.031721] copy_process+0x3323/0x6cb0 [ 1119.032149] ? lock_is_held_type+0xd7/0x130 [ 1119.032681] ? find_held_lock+0x2c/0x110 [ 1119.032991] ? __cleanup_sighand+0xb0/0xb0 [ 1119.033477] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1119.034091] ? _copy_from_user+0x139/0x170 [ 1119.034584] ? kernel_clone+0x2f8/0xa60 [ 1119.034983] kernel_clone+0xe7/0xa60 [ 1119.035429] ? lock_is_held_type+0xd7/0x130 [ 1119.035858] ? create_io_thread+0xf0/0xf0 [ 1119.036150] ? lock_is_held_type+0xd7/0x130 [ 1119.036568] __do_sys_clone3+0x1dd/0x2e0 [ 1119.036849] ? __ia32_sys_clone+0x150/0x150 [ 1119.037265] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1119.037624] ? fput+0x2a/0x50 [ 1119.037925] ? __secure_computing+0xb4/0x290 [ 1119.038221] do_syscall_64+0x3b/0x90 [ 1119.038585] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1119.038932] RIP: 0033:0x7f9fb3b18b19 [ 1119.039271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1119.040418] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1119.041134] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1119.041593] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1119.042584] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1119.043958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1119.045391] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1119.046794] [ 1119.050663] loop0: detected capacity change from 0 to 40 17:15:46 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = fork() tkill(r1, 0x9) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080)=0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x4, 0x2, 0x0, r2}) 17:15:47 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:15:47 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 18) [ 1119.339829] loop0: detected capacity change from 0 to 40 [ 1119.357253] blktrace: Concurrent blktraces are not allowed on sg0 17:15:47 executing program 3: add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x400800, 0x0) ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000100)) r2 = epoll_create(0x4) r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$KDGETKEYCODE(r3, 0x4b4c, &(0x7f00000001c0)={0x8000, 0xf6bb}) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) fallocate(r4, 0x1, 0x7, 0xfffffffffffffffe) tkill(r0, 0x31) 17:15:47 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:15:47 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ftruncate(r0, 0xffffffff7fffffff) r1 = fork() tkill(r1, 0x0) [ 1119.439725] FAULT_INJECTION: forcing a failure. [ 1119.439725] name failslab, interval 1, probability 0, space 0, times 0 [ 1119.441317] CPU: 0 PID: 18451 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1119.442812] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1119.444896] Call Trace: [ 1119.445393] [ 1119.445829] dump_stack_lvl+0x8b/0xb3 [ 1119.446571] should_fail.cold+0x5/0xa [ 1119.447298] ? copy_fs_struct+0x45/0x340 [ 1119.448073] should_failslab+0x5/0x10 [ 1119.448784] kmem_cache_alloc+0x5b/0x480 [ 1119.449578] copy_fs_struct+0x45/0x340 [ 1119.450326] ? copy_process+0x1cc2/0x6cb0 [ 1119.451156] copy_process+0x3323/0x6cb0 [ 1119.451924] ? lock_is_held_type+0xd7/0x130 [ 1119.452560] ? find_held_lock+0x2c/0x110 [ 1119.453349] ? __cleanup_sighand+0xb0/0xb0 [ 1119.454181] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1119.455225] ? _copy_from_user+0x139/0x170 [ 1119.456046] ? kernel_clone+0x2f8/0xa60 [ 1119.456812] kernel_clone+0xe7/0xa60 [ 1119.457537] ? lock_is_held_type+0xd7/0x130 [ 1119.458371] ? create_io_thread+0xf0/0xf0 [ 1119.459200] ? lock_is_held_type+0xd7/0x130 [ 1119.460021] __do_sys_clone3+0x1dd/0x2e0 [ 1119.460614] ? __ia32_sys_clone+0x150/0x150 [ 1119.461446] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1119.462483] ? fput+0x2a/0x50 [ 1119.462952] ? __secure_computing+0xb4/0x290 [ 1119.463756] do_syscall_64+0x3b/0x90 [ 1119.464498] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1119.465496] RIP: 0033:0x7f9fb3b18b19 [ 1119.466193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1119.469563] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1119.470959] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1119.472288] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1119.473216] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1119.474161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1119.475130] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1119.476100] 17:16:04 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, 0x0, 0x0, 0x7a00) 17:16:04 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) dup(r1) 17:16:04 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = fork() tkill(r1, 0x0) r2 = epoll_create(0x4) r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000180)) r4 = fork() tkill(r4, 0x9) r5 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r5, 0x801c581f, 0x0) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r5, 0xf502, 0x0) ptrace$setopts(0x4206, r4, 0x9, 0x4) r6 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r6, 0x801c581f, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000040)={0x0, 0x2, r6, 0x7fff}) 17:16:04 executing program 4: r0 = syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x40700) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:16:04 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 19) 17:16:04 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:16:04 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0xf5ffffff, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:16:04 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1136.493811] loop0: detected capacity change from 0 to 40 [ 1136.501308] blktrace: Concurrent blktraces are not allowed on sg0 [ 1136.524698] FAULT_INJECTION: forcing a failure. [ 1136.524698] name failslab, interval 1, probability 0, space 0, times 0 [ 1136.525638] CPU: 0 PID: 18787 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1136.526316] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1136.527223] Call Trace: [ 1136.527450] [ 1136.527649] dump_stack_lvl+0x8b/0xb3 [ 1136.528000] should_fail.cold+0x5/0xa [ 1136.528343] ? copy_process+0x1d9c/0x6cb0 [ 1136.528745] should_failslab+0x5/0x10 [ 1136.529081] kmem_cache_alloc+0x5b/0x480 [ 1136.529450] copy_process+0x1d9c/0x6cb0 [ 1136.529810] ? lock_is_held_type+0xd7/0x130 [ 1136.530198] ? find_held_lock+0x2c/0x110 [ 1136.530581] ? __cleanup_sighand+0xb0/0xb0 [ 1136.530959] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1136.531420] ? _copy_from_user+0x139/0x170 [ 1136.531796] ? kernel_clone+0x2f8/0xa60 [ 1136.532160] kernel_clone+0xe7/0xa60 [ 1136.532537] ? lock_is_held_type+0xd7/0x130 [ 1136.536923] ? create_io_thread+0xf0/0xf0 [ 1136.537308] ? lock_is_held_type+0xd7/0x130 [ 1136.537706] __do_sys_clone3+0x1dd/0x2e0 [ 1136.538067] ? __ia32_sys_clone+0x150/0x150 [ 1136.538469] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1136.538948] ? fput+0x2a/0x50 [ 1136.539249] ? __secure_computing+0xb4/0x290 [ 1136.539636] do_syscall_64+0x3b/0x90 [ 1136.539980] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1136.540433] RIP: 0033:0x7f9fb3b18b19 [ 1136.540806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1136.542284] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1136.542921] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1136.543514] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1136.544119] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1136.544735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1136.545331] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1136.545944] 17:16:19 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:16:19 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0xfbffffff, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:16:19 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000200)=0x1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = fork() tkill(r1, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)=0x0) waitid(0x2, r2, &(0x7f00000000c0), 0x80000000, &(0x7f0000000140)) 17:16:19 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, 0x0, 0x0, 0x7a00) 17:16:19 executing program 4: prctl$PR_GET_ENDIAN(0x13, &(0x7f0000000080)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x7f, 0x20, 0xff, 0xfffffffffffffffc, 0x10001}) [ 1151.438509] loop0: detected capacity change from 0 to 40 17:16:19 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 20) [ 1151.446590] FAT-fs (loop7): bogus number of reserved sectors [ 1151.447189] FAT-fs (loop7): Can't find a valid FAT filesystem 17:16:19 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:16:19 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x3, 0xfd, 0x5, 0x800}, {0x8000, 0x80, 0x8, 0x10001}, {0x2a, 0x1, 0x4, 0x6}]}) r0 = fork() tkill(r0, 0x0) [ 1151.464959] FAULT_INJECTION: forcing a failure. [ 1151.464959] name failslab, interval 1, probability 0, space 0, times 0 [ 1151.466416] CPU: 0 PID: 19108 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1151.467461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1151.468864] Call Trace: [ 1151.469203] [ 1151.469498] dump_stack_lvl+0x8b/0xb3 [ 1151.469999] should_fail.cold+0x5/0xa [ 1151.470488] ? create_object.isra.0+0x3a/0xa20 [ 1151.471083] should_failslab+0x5/0x10 [ 1151.471567] kmem_cache_alloc+0x5b/0x480 [ 1151.472097] create_object.isra.0+0x3a/0xa20 [ 1151.472680] ? kasan_unpoison+0x23/0x50 [ 1151.473237] kmem_cache_alloc+0x239/0x480 [ 1151.473781] copy_process+0x1d9c/0x6cb0 [ 1151.474307] ? lock_is_held_type+0xd7/0x130 [ 1151.474875] ? find_held_lock+0x2c/0x110 [ 1151.475416] ? __cleanup_sighand+0xb0/0xb0 [ 1151.475980] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1151.476674] ? _copy_from_user+0x139/0x170 [ 1151.477255] ? kernel_clone+0x2f8/0xa60 [ 1151.477935] kernel_clone+0xe7/0xa60 [ 1151.478495] ? lock_is_held_type+0xd7/0x130 [ 1151.479052] ? create_io_thread+0xf0/0xf0 [ 1151.479598] ? lock_is_held_type+0xd7/0x130 [ 1151.480161] __do_sys_clone3+0x1dd/0x2e0 [ 1151.480700] ? __ia32_sys_clone+0x150/0x150 [ 1151.481312] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1151.482009] ? fput+0x2a/0x50 [ 1151.482438] ? __secure_computing+0xb4/0x290 [ 1151.483044] do_syscall_64+0x3b/0x90 [ 1151.483558] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1151.484244] RIP: 0033:0x7f9fb3b18b19 [ 1151.484758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1151.487099] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1151.488085] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1151.489011] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1151.489944] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1151.490859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1151.491763] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1151.492679] [ 1151.495933] blktrace: Concurrent blktraces are not allowed on sg0 [ 1151.509643] blktrace: Concurrent blktraces are not allowed on sg0 17:16:19 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0xfffffff5, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:16:19 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0xff, 0x4}]}) r0 = fork() tkill(r0, 0x0) getsockname(0xffffffffffffffff, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, &(0x7f0000000100)=0x80) lsetxattr$security_evm(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180), &(0x7f00000001c0)=@sha1={0x1, "99da3e04607ebf49a3b35341c0d34374a0578213"}, 0x15, 0x0) ftruncate(r1, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r2, 0x4c01) clock_gettime(0x0, &(0x7f0000005480)={0x0, 0x0}) recvmmsg$unix(r2, &(0x7f0000005380)=[{{0x0, 0x0, &(0x7f0000002440)=[{&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000001200)=""/4096, 0x1000}, {&(0x7f0000002200)=""/7, 0x7}, {&(0x7f0000002240)=""/117, 0x75}, {&(0x7f00000022c0)=""/242, 0xf2}, {&(0x7f00000023c0)=""/13, 0xd}, {&(0x7f0000002400)=""/39, 0x27}], 0x7, &(0x7f00000024c0)}}, {{&(0x7f0000002500), 0x6e, &(0x7f0000002a00)}}, {{&(0x7f0000002a80), 0x6e, &(0x7f0000004d80)=[{&(0x7f0000002b00)=""/251, 0xfb}, {&(0x7f0000002c00)=""/4096, 0x1000}, {&(0x7f0000003c00)=""/102, 0x66}, {&(0x7f0000003c80)=""/4096, 0x1000}, {&(0x7f0000004c80)=""/112, 0x70}, {&(0x7f0000004d00)=""/107, 0x6b}], 0x6, &(0x7f0000005500)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xe0}}, {{&(0x7f0000004ec0), 0x6e, &(0x7f0000005280)=[{&(0x7f0000004f40)=""/111, 0x6f}, {&(0x7f0000004fc0)=""/53, 0x35}, {&(0x7f0000005000)=""/231, 0xe7}, {&(0x7f0000005100)=""/156, 0x9c}, {&(0x7f00000051c0)=""/165, 0xa5}], 0x5, &(0x7f0000005300)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}}], 0x4, 0x1, &(0x7f00000054c0)={r3, r4+60000000}) 17:16:19 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, 0x0, 0x0, 0x7a00) 17:16:19 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x1000100000000000, 0xffe3}) 17:16:19 executing program 6: r0 = fork() fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)={0x0, 0x0}) ptrace$setopts(0x4200, r1, 0xffffffffffffad32, 0x40) tkill(r0, 0x0) r2 = fork() fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000180)={0x0, 0x0}) waitid(0x0, r3, &(0x7f00000001c0), 0x0, &(0x7f0000000240)) tkill(r2, 0x9) waitid(0x2, r2, &(0x7f0000000040), 0xffffffffffffffff, &(0x7f00000000c0)) ptrace$setopts(0x4200, r1, 0x1, 0x21) [ 1151.657815] blktrace: Concurrent blktraces are not allowed on sg0 [ 1151.664544] audit: type=1326 audit(1643044579.493:32): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19406 comm="syz-executor.3" exe="/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb2c6e79b19 code=0x0 17:16:19 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 21) 17:16:19 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1151.696211] loop0: detected capacity change from 0 to 40 17:16:19 executing program 4: ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) ioctl$BLKROTATIONAL(r1, 0x127e, &(0x7f0000000080)) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) 17:16:19 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x0, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:16:19 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0xfffffffb, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1151.730513] FAULT_INJECTION: forcing a failure. [ 1151.730513] name failslab, interval 1, probability 0, space 0, times 0 [ 1151.731525] CPU: 0 PID: 19428 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1151.732198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1151.733092] Call Trace: [ 1151.733304] [ 1151.733489] dump_stack_lvl+0x8b/0xb3 [ 1151.733816] should_fail.cold+0x5/0xa [ 1151.734128] ? copy_process+0x1f1a/0x6cb0 [ 1151.734475] should_failslab+0x5/0x10 [ 1151.734788] kmem_cache_alloc+0x5b/0x480 [ 1151.735132] copy_process+0x1f1a/0x6cb0 [ 1151.735461] ? lock_is_held_type+0xd7/0x130 [ 1151.735817] ? find_held_lock+0x2c/0x110 [ 1151.736171] ? __cleanup_sighand+0xb0/0xb0 [ 1151.736534] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1151.736995] ? _copy_from_user+0x139/0x170 [ 1151.737349] ? kernel_clone+0x2f8/0xa60 [ 1151.737686] kernel_clone+0xe7/0xa60 [ 1151.737999] ? lock_is_held_type+0xd7/0x130 [ 1151.738357] ? create_io_thread+0xf0/0xf0 [ 1151.738708] ? lock_is_held_type+0xd7/0x130 [ 1151.739077] __do_sys_clone3+0x1dd/0x2e0 [ 1151.739418] ? __ia32_sys_clone+0x150/0x150 [ 1151.739795] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1151.740239] ? fput+0x2a/0x50 [ 1151.740515] ? __secure_computing+0xb4/0x290 [ 1151.740855] do_syscall_64+0x3b/0x90 [ 1151.741175] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1151.741599] RIP: 0033:0x7f9fb3b18b19 [ 1151.741903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1151.743335] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1151.743941] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1151.744510] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1151.744855] FAT-fs (loop7): bogus number of reserved sectors [ 1151.745083] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1151.745095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1151.745104] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1151.745592] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1151.746110] 17:16:19 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 17:16:19 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x100000800, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:16:19 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000), 0x0, 0x7a00) [ 1151.917455] loop0: detected capacity change from 0 to 40 [ 1151.927071] blktrace: Concurrent blktraces are not allowed on sg0 [ 1152.501722] audit: type=1326 audit(1643044580.329:33): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19406 comm="syz-executor.3" exe="/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb2c6e79b19 code=0x0 17:16:35 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 22) 17:16:35 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:16:35 executing program 3: ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, &(0x7f0000000140)=0x5) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x40801, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) r1 = fork() tkill(r1, 0x0) 17:16:35 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x1, 0x280402) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={'\x00', 0x101, 0x7, 0x9, 0x2, 0xffe3}) 17:16:35 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() r1 = fork() tkill(r1, 0x9) ptrace$setopts(0x4206, r1, 0x4, 0x2) tkill(r0, 0x0) 17:16:35 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000), 0x0, 0x7a00) 17:16:35 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x1b0cc1f000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:16:35 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x0, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) [ 1167.939324] loop0: detected capacity change from 0 to 40 [ 1167.996113] FAULT_INJECTION: forcing a failure. [ 1167.996113] name failslab, interval 1, probability 0, space 0, times 0 [ 1167.997634] CPU: 1 PID: 19771 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1167.998679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1168.000064] Call Trace: [ 1168.000396] [ 1168.000688] dump_stack_lvl+0x8b/0xb3 [ 1168.001222] should_fail.cold+0x5/0xa [ 1168.001713] ? create_object.isra.0+0x3a/0xa20 [ 1168.002317] should_failslab+0x5/0x10 [ 1168.002800] kmem_cache_alloc+0x5b/0x480 [ 1168.003327] create_object.isra.0+0x3a/0xa20 [ 1168.003894] ? kasan_unpoison+0x23/0x50 [ 1168.004431] kmem_cache_alloc+0x239/0x480 [ 1168.004962] copy_process+0x1f1a/0x6cb0 [ 1168.005515] ? lock_is_held_type+0xd7/0x130 [ 1168.006100] ? find_held_lock+0x2c/0x110 [ 1168.006668] ? __cleanup_sighand+0xb0/0xb0 [ 1168.007246] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1168.007980] ? _copy_from_user+0x139/0x170 [ 1168.008555] ? kernel_clone+0x2f8/0xa60 [ 1168.009090] kernel_clone+0xe7/0xa60 [ 1168.009614] ? lock_is_held_type+0xd7/0x130 [ 1168.010190] ? create_io_thread+0xf0/0xf0 [ 1168.010759] ? lock_is_held_type+0xd7/0x130 [ 1168.011344] __do_sys_clone3+0x1dd/0x2e0 [ 1168.011893] ? __ia32_sys_clone+0x150/0x150 [ 1168.012500] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1168.013247] ? fput+0x2a/0x50 [ 1168.013703] ? __secure_computing+0xb4/0x290 [ 1168.014295] do_syscall_64+0x3b/0x90 [ 1168.014809] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1168.015494] RIP: 0033:0x7f9fb3b18b19 [ 1168.015990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1168.018389] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1168.019390] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 17:16:35 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) syz_open_dev$sg(&(0x7f00000000c0), 0xbe91, 0x40000) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x7, 0x2, 0xffe7}) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000080)) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000100), 0x202042, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000001800)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r2, 0x4c01) ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000001700)=ANY=[@ANYBLOB="40000000000000000100000065c90740d1441ee4e1fbd84288cdc14e6e329d79a1f1afb856a230fff1c5b1b6dce59c3dab399bfc72178538b8c07383978ac5161833dabf8177e60b9055ac2dc886cdfa6b9cb0e46dcca35adcbd6d710075647c931bc5902e61832f68d921a49bfa297677f9b96458dc16f6f0a4d6f5b91456dc42df87e01852b655247b501b958707ba8f86ba34f0db7b61d67c0bc54f6a233c99182fd9a09d60572c16e679130efab9c9549ca8c820ab40245619ce561e7b08a9e92c2d7a166a95afaf1096153e42b1162f0633eb8eae9c8a3807d8f7"]) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) [ 1168.020320] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1168.021489] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1168.022420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1168.023304] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1168.024212] [ 1168.034317] FAT-fs (loop7): bogus number of reserved sectors [ 1168.035288] FAT-fs (loop7): Can't find a valid FAT filesystem 17:16:35 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000), 0x0, 0x7a00) 17:16:35 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x10000000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1168.158050] blktrace: Concurrent blktraces are not allowed on sg0 [ 1168.166916] loop0: detected capacity change from 0 to 40 17:16:36 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000080)) 17:16:36 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x0, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:16:36 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x2a0f3ad34000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1168.336726] blktrace: Concurrent blktraces are not allowed on sg0 [ 1168.352127] blktrace: Concurrent blktraces are not allowed on sg0 [ 1185.838380] FAULT_INJECTION: forcing a failure. [ 1185.838380] name failslab, interval 1, probability 0, space 0, times 0 [ 1185.839572] CPU: 1 PID: 20307 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1185.840413] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1185.841590] Call Trace: [ 1185.841867] [ 1185.842118] dump_stack_lvl+0x8b/0xb3 [ 1185.842540] should_fail.cold+0x5/0xa [ 1185.842953] ? dup_mm+0x88/0x1250 17:16:53 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0x1, 0x0) 17:16:53 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f00000000c0)=0xc) r0 = fork() tkill(r0, 0x9) tkill(r0, 0x0) 17:16:53 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:16:53 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x553a286e8000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:16:53 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = syz_open_dev$hidraw(&(0x7f0000000040), 0xfffffffffffffff8, 0x4000) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r4, 0x801c581f, 0x0) poll(&(0x7f00000000c0)=[{r1, 0x100}, {r2, 0x1}, {r3, 0x2040}, {r4, 0x1404}, {r0, 0x10}, {r0, 0x10}], 0x6, 0x7fffffff) r5 = fork() tkill(r5, 0x0) 17:16:53 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 23) 17:16:53 executing program 4: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) r4 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r4, 0x4c00, 0xffffffffffffffff) read(r0, &(0x7f0000000280)=""/244, 0xf4) ioctl$IOC_PR_REGISTER(r4, 0x127c, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r5, 0x801c581f, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r2) ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000180)={0x0, {}, 0x0, {}, 0x4, 0x12, 0x9, 0x18, "0c085ee0d43737c7cce643311ec9d0b00b3e0eb0fd5250c5cd319444c5638d84f87683c5b18016b00b3a518f9239394dfd4370da74470a7db67281a92b689c2b", "f0f8dfa198bc2c801089c9cc1fd028f920c3ffffffffff000000002000", [0x7]}) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:16:53 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1185.843346] should_failslab+0x5/0x10 [ 1185.844124] kmem_cache_alloc+0x5b/0x480 [ 1185.844610] dup_mm+0x88/0x1250 [ 1185.844981] ? lock_release+0x3b2/0x6f0 [ 1185.845411] ? copy_process+0x23e0/0x6cb0 [ 1185.845885] ? replace_mm_exe_file+0x490/0x490 [ 1185.846377] ? __raw_spin_lock_init+0x36/0x110 [ 1185.846866] copy_process+0x3848/0x6cb0 [ 1185.847293] ? lock_is_held_type+0xd7/0x130 [ 1185.847746] ? find_held_lock+0x2c/0x110 [ 1185.848199] ? __cleanup_sighand+0xb0/0xb0 [ 1185.848667] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1185.849242] ? _copy_from_user+0x139/0x170 [ 1185.849849] ? kernel_clone+0x2f8/0xa60 [ 1185.850304] kernel_clone+0xe7/0xa60 [ 1185.850708] ? lock_is_held_type+0xd7/0x130 [ 1185.851169] ? create_io_thread+0xf0/0xf0 [ 1185.851622] ? lock_is_held_type+0xd7/0x130 [ 1185.852080] __do_sys_clone3+0x1dd/0x2e0 [ 1185.852514] ? __ia32_sys_clone+0x150/0x150 [ 1185.852993] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1185.853561] ? fput+0x2a/0x50 [ 1185.853895] ? __secure_computing+0xb4/0x290 [ 1185.854371] do_syscall_64+0x3b/0x90 [ 1185.854764] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1185.855316] RIP: 0033:0x7f9fb3b18b19 [ 1185.855705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1185.857549] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1185.858276] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1185.858924] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1185.859601] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1185.860302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1185.861146] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1185.861940] [ 1185.873885] loop0: detected capacity change from 0 to 40 [ 1185.882370] FAT-fs (loop7): bogus number of reserved sectors [ 1185.882960] FAT-fs (loop7): Can't find a valid FAT filesystem 17:16:53 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x2001000000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:16:53 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0x1, 0x0) 17:16:53 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x2020000000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:16:53 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) tkill(r0, 0x0) 17:16:53 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 24) 17:16:53 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000000c0)=0x0) statx(r1, &(0x7f00000001c0)='./file0\x00', 0x1000, 0x80, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$security_capability(r0, &(0x7f0000000180), &(0x7f0000000300)=@v3={0x3000000, [{0x2, 0x81}, {0x5, 0x5}], r3}, 0x18, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000100)={'\x00', 0x8, 0xffffff38, 0x2, 0x8001, 0x8, r2}) ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0) [ 1186.090795] blktrace: Concurrent blktraces are not allowed on sg0 [ 1186.128251] loop0: detected capacity change from 0 to 40 [ 1186.132615] FAULT_INJECTION: forcing a failure. [ 1186.132615] name failslab, interval 1, probability 0, space 0, times 0 [ 1186.133724] CPU: 1 PID: 20626 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1186.134374] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1186.135168] Call Trace: [ 1186.135355] [ 1186.135517] dump_stack_lvl+0x8b/0xb3 [ 1186.135808] should_fail.cold+0x5/0xa [ 1186.136092] ? dup_mm+0x88/0x1250 [ 1186.136349] should_failslab+0x5/0x10 [ 1186.136623] kmem_cache_alloc+0x5b/0x480 [ 1186.136932] dup_mm+0x88/0x1250 [ 1186.137180] ? lock_release+0x3b2/0x6f0 [ 1186.137485] ? copy_process+0x23e0/0x6cb0 [ 1186.137798] ? replace_mm_exe_file+0x490/0x490 [ 1186.138135] ? __raw_spin_lock_init+0x36/0x110 [ 1186.138474] copy_process+0x3848/0x6cb0 [ 1186.138767] ? lock_is_held_type+0xd7/0x130 [ 1186.139081] ? find_held_lock+0x2c/0x110 [ 1186.139389] ? __cleanup_sighand+0xb0/0xb0 [ 1186.139697] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1186.140096] ? _copy_from_user+0x139/0x170 [ 1186.140405] ? kernel_clone+0x2f8/0xa60 [ 1186.140697] kernel_clone+0xe7/0xa60 [ 1186.140972] ? lock_is_held_type+0xd7/0x130 [ 1186.141291] ? create_io_thread+0xf0/0xf0 [ 1186.141609] ? lock_is_held_type+0xd7/0x130 [ 1186.141929] __do_sys_clone3+0x1dd/0x2e0 [ 1186.142226] ? __ia32_sys_clone+0x150/0x150 [ 1186.142556] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1186.142945] ? fput+0x2a/0x50 [ 1186.143183] ? __secure_computing+0xb4/0x290 [ 1186.143506] do_syscall_64+0x3b/0x90 [ 1186.143780] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1186.144150] RIP: 0033:0x7f9fb3b18b19 [ 1186.144413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1186.145705] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1186.146244] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1186.146754] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1186.147253] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1186.147754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1186.148255] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1186.148769] 17:16:54 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:16:54 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x8000000000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:16:54 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:16:54 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000080)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x5, &(0x7f0000000d80)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d6f4655f000000000000000001000000000000000b0000000004000008000000d2c201001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000c7b2a4502ed64a6eb421652eb677bbba010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d6f4655fd7f4655fd7f4655f000000000000040020", 0x1d, 0x1800}, {0x0}], 0x4041, &(0x7f0000013800)) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x104, 0x1, 0x9, 0x2, 0xffe3, 0xffffffffffffffff}) 17:16:54 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0x1, 0x0) [ 1186.303237] FAT-fs (loop7): bogus number of reserved sectors [ 1186.303807] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1186.305957] loop4: detected capacity change from 0 to 1024 [ 1186.322019] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (60935!=0) 17:16:54 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x8000001000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1186.354945] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1186.358798] loop0: detected capacity change from 0 to 40 17:16:54 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 25) [ 1186.402040] blktrace: Concurrent blktraces are not allowed on sg0 17:16:54 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x10100000000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:16:54 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xff, 0x7fff0000}]}) r0 = fork() getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@private1}, 0x0, @in6=@private2}}, &(0x7f00000001c0)=0xe8) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) chown(&(0x7f00000002c0)='./file0\x00', r2, r3) fchownat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', r1, r3, 0x1000) tkill(r0, 0x0) [ 1186.453330] FAULT_INJECTION: forcing a failure. [ 1186.453330] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1186.454278] CPU: 0 PID: 20861 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1186.455051] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1186.455763] Call Trace: [ 1186.456010] [ 1186.456168] dump_stack_lvl+0x8b/0xb3 [ 1186.456548] should_fail.cold+0x5/0xa [ 1186.456811] prepare_alloc_pages+0x17b/0x500 [ 1186.457240] __alloc_pages+0x131/0x4e0 [ 1186.457523] ? __is_insn_slot_addr+0x144/0x250 [ 1186.457969] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1186.458391] alloc_pages+0x1a0/0x2f0 [ 1186.458759] __get_free_pages+0xc/0xa0 [ 1186.459136] pgd_alloc+0x84/0x4e0 [ 1186.459381] ? lock_downgrade+0x6d0/0x6d0 [ 1186.459784] ? pgd_page_get_mm+0x40/0x40 [ 1186.460057] ? lockdep_init_map_type+0x2c3/0x7a0 [ 1186.460516] ? lockdep_init_map_type+0x2c3/0x7a0 [ 1186.460836] mm_init+0x601/0xaa0 [ 1186.461173] dup_mm+0xd5/0x1250 [ 1186.461408] ? lock_release+0x3b2/0x6f0 [ 1186.461798] ? copy_process+0x23e0/0x6cb0 [ 1186.462080] ? replace_mm_exe_file+0x490/0x490 [ 1186.462395] ? __raw_spin_lock_init+0x36/0x110 [ 1186.462838] copy_process+0x3848/0x6cb0 [ 1186.463116] ? lock_is_held_type+0xd7/0x130 [ 1186.463533] ? find_held_lock+0x2c/0x110 [ 1186.463817] ? __cleanup_sighand+0xb0/0xb0 [ 1186.464218] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1186.464579] ? _copy_from_user+0x139/0x170 [ 1186.464991] ? kernel_clone+0x2f8/0xa60 [ 1186.465273] kernel_clone+0xe7/0xa60 [ 1186.465641] ? lock_is_held_type+0xd7/0x130 [ 1186.465935] ? create_io_thread+0xf0/0xf0 [ 1186.466340] ? lock_is_held_type+0xd7/0x130 [ 1186.466636] __do_sys_clone3+0x1dd/0x2e0 [ 1186.467021] ? __ia32_sys_clone+0x150/0x150 [ 1186.467460] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1186.467819] ? fput+0x2a/0x50 [ 1186.468130] ? __secure_computing+0xb4/0x290 [ 1186.468433] do_syscall_64+0x3b/0x90 [ 1186.468795] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1186.469140] RIP: 0033:0x7f9fb3b18b19 [ 1186.469515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1186.470656] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1186.471360] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1186.471822] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1186.472275] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1186.472735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1186.473403] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1186.474101] 17:17:09 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0xe) r1 = fork() tkill(r1, 0x9) ptrace$setopts(0x4206, r1, 0x5, 0x100061) fork() 17:17:09 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x40d33a0f2a0000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:17:09 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 26) 17:17:09 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:17:09 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000080)=0x0) r2 = epoll_create(0x4) r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x12, 0xe, 0x19, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584ced63cf1252925367d826dee4aed502dc498a3d0900000069f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x8001, 0x1]}) getsockopt$packet_int(r3, 0x107, 0x3, &(0x7f0000001780), &(0x7f00000017c0)=0x4) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f00000000c0)={'\x00', 0x0, 0xffffffff, 0x7f, 0x5, 0x4, r1}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r4, 0x801c581f, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r4, 0x40189429, &(0x7f0000001740)={0x1, 0xfc7e199, 0x9}) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001880), 0x0, &(0x7f0000001680), 0x12}, 0x3) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000300)={0x53, 0xfffffffffffffffd, 0x23, 0x1, @buffer={0x0, 0xf2, &(0x7f0000000140)=""/242}, &(0x7f0000000240)="f6a5e6ea24c00d3b0f5478ec9b6c6f1306aa3f9284d710103129178417498a4fe6873c", &(0x7f0000000280)=""/57, 0xffff, 0x34, 0x2, &(0x7f00000002c0)}) openat$incfs(0xffffffffffffffff, &(0x7f0000001700)='.log\x00', 0x41, 0xc4) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, 0x0) signalfd(0xffffffffffffffff, &(0x7f0000001800)={[0x1]}, 0x8) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:17:09 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:17:09 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x2, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() fork() tkill(r0, 0x0) 17:17:09 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1201.434793] FAULT_INJECTION: forcing a failure. [ 1201.434793] name failslab, interval 1, probability 0, space 0, times 0 [ 1201.436145] CPU: 0 PID: 20985 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1201.436831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1201.438656] Call Trace: [ 1201.439155] [ 1201.439585] dump_stack_lvl+0x8b/0xb3 [ 1201.440306] should_fail.cold+0x5/0xa [ 1201.441034] ? vm_area_dup+0x78/0x290 [ 1201.441808] should_failslab+0x5/0x10 [ 1201.442123] kmem_cache_alloc+0x5b/0x480 [ 1201.442468] vm_area_dup+0x78/0x290 [ 1201.442787] ? __lock_acquire+0xbac/0x5b70 [ 1201.443181] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1201.443661] ? vm_area_alloc+0x110/0x110 [ 1201.444021] ? find_held_lock+0x2c/0x110 [ 1201.444376] ? lock_release+0x3b2/0x6f0 [ 1201.444725] ? get_mm_exe_file+0x137/0x2b0 [ 1201.445103] ? lock_downgrade+0x6d0/0x6d0 [ 1201.445483] ? get_mm_exe_file+0x159/0x2b0 [ 1201.445983] dup_mm+0x53f/0x1250 [ 1201.446313] ? replace_mm_exe_file+0x490/0x490 [ 1201.446721] ? __raw_spin_lock_init+0x36/0x110 [ 1201.447131] copy_process+0x3848/0x6cb0 [ 1201.447481] ? lock_is_held_type+0xd7/0x130 [ 1201.447865] ? find_held_lock+0x2c/0x110 [ 1201.448238] ? __cleanup_sighand+0xb0/0xb0 [ 1201.448616] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1201.449091] ? _copy_from_user+0x139/0x170 [ 1201.449465] ? kernel_clone+0x2f8/0xa60 [ 1201.449846] kernel_clone+0xe7/0xa60 [ 1201.450192] ? lock_is_held_type+0xd7/0x130 [ 1201.450582] ? create_io_thread+0xf0/0xf0 [ 1201.450970] ? lock_is_held_type+0xd7/0x130 [ 1201.451363] __do_sys_clone3+0x1dd/0x2e0 [ 1201.451726] ? __ia32_sys_clone+0x150/0x150 [ 1201.452133] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1201.452602] ? fput+0x2a/0x50 [ 1201.452905] ? __secure_computing+0xb4/0x290 [ 1201.453296] do_syscall_64+0x3b/0x90 [ 1201.453627] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1201.454189] RIP: 0033:0x7f9fb3b18b19 [ 1201.454517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1201.455999] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1201.456640] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1201.457232] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1201.457887] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1201.458483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1201.459081] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1201.459707] [ 1201.474736] blktrace: Concurrent blktraces are not allowed on sg0 [ 1201.476924] blktrace: Concurrent blktraces are not allowed on sg0 [ 1201.487270] FAT-fs (loop0): bogus number of reserved sectors [ 1201.487879] FAT-fs (loop0): Can't find a valid FAT filesystem [ 1201.490332] blktrace: Concurrent blktraces are not allowed on sg0 [ 1201.490581] FAT-fs (loop7): bogus number of reserved sectors [ 1201.491588] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1201.497379] blktrace: Concurrent blktraces are not allowed on sg0 17:17:25 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) ioctl$TUNDETACHFILTER(r1, 0x400454cd, 0x30a) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:17:25 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000080)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x5, &(0x7f0000000d80)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d6f4655f000000000000000001000000000000000b0000000004000008000000d2c201001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000c7b2a4502ed64a6eb421652eb677bbba010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d6f4655fd7f4655fd7f4655f000000000000040020", 0x1d, 0x1800}, {0x0}], 0x4041, &(0x7f0000013800)) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x104, 0x1, 0x9, 0x2, 0xffe3, 0xffffffffffffffff}) 17:17:25 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:17:25 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:17:25 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 27) 17:17:25 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}, {0x6, 0x0, 0x8, 0x2}]}) r0 = fork() tkill(r0, 0x0) 17:17:25 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4, 0x7ff}}, './file0\x00'}) tkill(r0, 0x1e) 17:17:25 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x806e283a550000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1218.093432] loop0: detected capacity change from 0 to 1024 [ 1218.122817] loop7: detected capacity change from 0 to 40 [ 1218.155377] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (60935!=0) [ 1218.178851] blktrace: Concurrent blktraces are not allowed on sg0 [ 1218.183355] FAT-fs (loop7): bogus number of reserved sectors [ 1218.184364] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1218.200436] FAULT_INJECTION: forcing a failure. [ 1218.200436] name failslab, interval 1, probability 0, space 0, times 0 [ 1218.202381] CPU: 0 PID: 21414 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1218.203685] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1218.205367] Call Trace: [ 1218.205780] [ 1218.206172] dump_stack_lvl+0x8b/0xb3 [ 1218.214415] should_fail.cold+0x5/0xa [ 1218.215053] ? create_object.isra.0+0x3a/0xa20 [ 1218.215789] should_failslab+0x5/0x10 [ 1218.216411] kmem_cache_alloc+0x5b/0x480 [ 1218.217082] create_object.isra.0+0x3a/0xa20 [ 1218.217806] ? kasan_unpoison+0x23/0x50 [ 1218.218538] kmem_cache_alloc+0x239/0x480 [ 1218.219222] vm_area_dup+0x78/0x290 [ 1218.219846] ? __lock_acquire+0xbac/0x5b70 [ 1218.220568] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1218.221441] ? vm_area_alloc+0x110/0x110 [ 1218.222120] ? find_held_lock+0x2c/0x110 [ 1218.222786] ? lock_release+0x3b2/0x6f0 [ 1218.223428] ? get_mm_exe_file+0x137/0x2b0 [ 1218.224118] ? lock_downgrade+0x6d0/0x6d0 [ 1218.224827] ? get_mm_exe_file+0x159/0x2b0 [ 1218.225513] dup_mm+0x53f/0x1250 [ 1218.226147] ? replace_mm_exe_file+0x490/0x490 [ 1218.226910] ? __raw_spin_lock_init+0x36/0x110 [ 1218.227670] copy_process+0x3848/0x6cb0 [ 1218.228318] ? lock_is_held_type+0xd7/0x130 [ 1218.229010] ? find_held_lock+0x2c/0x110 [ 1218.229690] ? __cleanup_sighand+0xb0/0xb0 [ 1218.230432] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1218.231297] ? _copy_from_user+0x139/0x170 [ 1218.231982] ? kernel_clone+0x2f8/0xa60 [ 1218.232645] kernel_clone+0xe7/0xa60 [ 1218.233264] ? lock_is_held_type+0xd7/0x130 [ 1218.233979] ? create_io_thread+0xf0/0xf0 [ 1218.234733] ? lock_is_held_type+0xd7/0x130 [ 1218.235449] __do_sys_clone3+0x1dd/0x2e0 [ 1218.236119] ? __ia32_sys_clone+0x150/0x150 [ 1218.236879] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1218.237744] ? fput+0x2a/0x50 [ 1218.238360] ? __secure_computing+0xb4/0x290 [ 1218.239084] do_syscall_64+0x3b/0x90 [ 1218.239702] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1218.240534] RIP: 0033:0x7f9fb3b18b19 [ 1218.241126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1218.243882] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1218.245027] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1218.246064] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1218.247062] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1218.248048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1218.249038] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1218.250089] [ 1218.271480] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. 17:17:26 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0xf0c10c1b000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1218.306259] blktrace: Concurrent blktraces are not allowed on sg0 [ 1218.401619] blktrace: Concurrent blktraces are not allowed on sg0 17:17:26 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000080)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x5, &(0x7f0000000d80)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d6f4655f000000000000000001000000000000000b0000000004000008000000d2c201001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000c7b2a4502ed64a6eb421652eb677bbba010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d6f4655fd7f4655fd7f4655f000000000000040020", 0x1d, 0x1800}, {0x0}], 0x4041, &(0x7f0000013800)) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x104, 0x1, 0x9, 0x2, 0xffe3, 0xffffffffffffffff}) 17:17:26 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0xf0ff1f00000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:17:26 executing program 4: ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:17:26 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:17:26 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:17:26 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 28) [ 1218.750933] loop0: detected capacity change from 0 to 1024 [ 1218.800699] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (60935!=0) 17:17:26 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=0x0) ptrace$setopts(0x4206, r1, 0x20, 0x6c) tkill(r0, 0x0) [ 1218.846390] FAULT_INJECTION: forcing a failure. [ 1218.846390] name failslab, interval 1, probability 0, space 0, times 0 [ 1218.848913] loop7: detected capacity change from 0 to 40 [ 1218.849666] CPU: 1 PID: 21839 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1218.853448] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1218.857166] Call Trace: [ 1218.857833] [ 1218.858512] dump_stack_lvl+0x8b/0xb3 [ 1218.859504] should_fail.cold+0x5/0xa [ 1218.860579] ? vm_area_dup+0x78/0x290 [ 1218.861645] should_failslab+0x5/0x10 [ 1218.862863] kmem_cache_alloc+0x5b/0x480 [ 1218.863982] vm_area_dup+0x78/0x290 [ 1218.864973] ? lock_release+0x3b2/0x6f0 [ 1218.866026] ? avc_has_perm_noaudit+0x1c8/0x390 [ 1218.867615] ? lock_downgrade+0x6d0/0x6d0 [ 1218.868737] ? copy_page_range+0x2cc8/0x47b0 [ 1218.869953] ? __sanitizer_cov_trace_cmp2+0x22/0x80 [ 1218.871722] ? avc_has_perm_noaudit+0x1ef/0x390 [ 1218.872322] ? avc_has_extended_perms+0xeb0/0xeb0 [ 1218.872944] ? vm_area_alloc+0x110/0x110 [ 1218.873455] ? find_held_lock+0x2c/0x110 [ 1218.873978] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1218.874421] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1218.874652] ? selinux_vm_enough_memory+0x10f/0x170 [ 1218.876093] ? selinux_sctp_sk_clone+0x370/0x370 [ 1218.876699] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1218.877364] ? percpu_counter_add_batch+0xb4/0x170 [ 1218.877961] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1218.878615] ? __vm_enough_memory+0x184/0x360 [ 1218.879166] ? security_vm_enough_memory_mm+0x8b/0xc0 [ 1218.879753] dup_mm+0x53f/0x1250 [ 1218.880178] ? replace_mm_exe_file+0x490/0x490 [ 1218.880708] ? __raw_spin_lock_init+0x36/0x110 [ 1218.881240] copy_process+0x3848/0x6cb0 [ 1218.881703] ? lock_is_held_type+0xd7/0x130 [ 1218.882239] ? find_held_lock+0x2c/0x110 [ 1218.882729] ? __cleanup_sighand+0xb0/0xb0 [ 1218.883227] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1218.883836] ? _copy_from_user+0x139/0x170 [ 1218.884321] ? kernel_clone+0x2f8/0xa60 [ 1218.884785] kernel_clone+0xe7/0xa60 [ 1218.885221] ? lock_is_held_type+0xd7/0x130 [ 1218.885718] ? create_io_thread+0xf0/0xf0 [ 1218.886232] ? lock_is_held_type+0xd7/0x130 [ 1218.886741] __do_sys_clone3+0x1dd/0x2e0 [ 1218.887205] ? __ia32_sys_clone+0x150/0x150 [ 1218.887728] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1218.888332] ? fput+0x2a/0x50 [ 1218.888713] ? __secure_computing+0xb4/0x290 [ 1218.889214] do_syscall_64+0x3b/0x90 [ 1218.889643] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1218.890251] RIP: 0033:0x7f9fb3b18b19 [ 1218.890664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1218.892575] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1218.893389] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1218.894183] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1218.894941] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1218.895825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1218.896592] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1218.897386] 17:17:26 executing program 6: r0 = timerfd_create(0x1, 0x80800) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, 0x0) r3 = signalfd4(r0, &(0x7f0000000040)={[0x8]}, 0x8, 0x800) r4 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000001c0), 0x20c00, 0x0) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f00000004c0)=ANY=[@ANYBLOB="0600000000000000546a0000000000000700000000000000", @ANYRES32=r4, @ANYBLOB="000000000400"/28, @ANYRES32, @ANYBLOB="000000000200"/28, @ANYRES32=r1, @ANYBLOB="00000000ffffff7f00"/28, @ANYRES32=r2, @ANYBLOB="00000000040000000000000000000000000000000000000000000000d43fec4bc301589d16aff221679cee986b590f84c8f13e2820169126808a3638b56ce4652e300f62cd662352d73169625bc7e69a7606678012ef9f93f49639f979d09570", @ANYRES32=r3, @ANYBLOB='\x00'/28, @ANYRES32=r2, @ANYBLOB="00000000010400"/28, @ANYRES32, @ANYBLOB="000000000500"/28]) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r6 = fork() r7 = clone3(&(0x7f0000000400)={0x400000000, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280), {0x3}, &(0x7f00000002c0)=""/84, 0x54, &(0x7f0000000340)=""/107, &(0x7f00000003c0)=[r6, r6, r6, r6], 0x4, {r3}}, 0x58) r8 = epoll_create(0x4) r9 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r9, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r8, 0x3, r9, &(0x7f0000000000)) kcmp$KCMP_EPOLL_TFD(r7, r6, 0x7, r3, &(0x7f0000000480)={r8, r5, 0x20}) tkill(r6, 0x0) 17:17:26 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 1218.907123] blktrace: Concurrent blktraces are not allowed on sg0 [ 1218.907923] FAT-fs (loop7): bogus number of reserved sectors [ 1218.908659] FAT-fs (loop7): Can't find a valid FAT filesystem 17:17:26 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x100000000000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:17:26 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000080)) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x5, &(0x7f0000000d80)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d6f4655f000000000000000001000000000000000b0000000004000008000000d2c201001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000c7b2a4502ed64a6eb421652eb677bbba010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d6f4655fd7f4655fd7f4655f000000000000040020", 0x1d, 0x1800}, {0x0}], 0x4041, &(0x7f0000013800)) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x104, 0x1, 0x9, 0x2, 0xffe3, 0xffffffffffffffff}) 17:17:26 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x800000000000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:17:26 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) [ 1219.207862] blktrace: Concurrent blktraces are not allowed on sg0 [ 1236.141444] loop7: detected capacity change from 0 to 40 17:17:43 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:17:43 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 29) 17:17:43 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r0 = fork() tkill(r0, 0x9) 17:17:43 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:17:43 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = fork() r2 = socket(0x4, 0x7a49a9375164397b, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ppoll(&(0x7f0000000000)=[{r0, 0x1408}, {r2, 0x2010}, {r3, 0x2}], 0x3, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000100)={[0xffffffffffffff94]}, 0x8) tkill(r1, 0x0) 17:17:43 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x1100000000000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:17:43 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x1, 0x20, 0x8, 0x401}, {0x5, 0xff, 0xd5, 0xfffffffc}, {0x4, 0x1, 0x6, 0x1f}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000240)) syz_open_dev$sg(&(0x7f0000000200), 0x3, 0x82000) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000180)) fork() fork() 17:17:43 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x2800000000000003, 0x48000) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0xd, 0x2, 0x1000ffe3}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000340)=ANY=[@ANYBLOB="01000000010052edaaba0ac0e7954f7daa860348a7fd000018000000", @ANYRES32=r0, @ANYBLOB="9c0f0000000000002e2f66696c653000"]) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000280)={0x0, 0xffffffffffffffff, 0x96, 0x3, @buffer={0x0, 0x3, &(0x7f00000000c0)=""/3}, &(0x7f0000000100)="860c0df6b19473f2c3602f0ea10ec5ee29ef4e125e2520fce3d49105b0ad718081e64b8b689f81a83a701ea63c6ed779737c0962f56aa6cb1996ffe2ac3c02c2e5b7f608a38b06f46cf8d85c0ef79d6a12ee7f56d49d974540ba05773363b51297619441d256ddbabff17308439d74bef5a371485e028cc52210f3d12430d88f5e19e73d96a75dcf4c1c8aa2a8f7b62a0f2159a875c9", &(0x7f00000001c0)=""/109, 0x1, 0x21, 0x3, &(0x7f0000000240)}) [ 1236.173947] FAT-fs (loop7): bogus number of reserved sectors [ 1236.174410] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1236.185591] FAULT_INJECTION: forcing a failure. [ 1236.185591] name failslab, interval 1, probability 0, space 0, times 0 [ 1236.187468] CPU: 0 PID: 22380 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1236.188652] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1236.190159] Call Trace: [ 1236.190526] [ 1236.190852] dump_stack_lvl+0x8b/0xb3 [ 1236.191412] should_fail.cold+0x5/0xa [ 1236.191952] ? create_object.isra.0+0x3a/0xa20 [ 1236.192604] should_failslab+0x5/0x10 [ 1236.193142] kmem_cache_alloc+0x5b/0x480 [ 1236.193726] create_object.isra.0+0x3a/0xa20 [ 1236.194360] ? kasan_unpoison+0x23/0x50 [ 1236.194941] kmem_cache_alloc+0x239/0x480 [ 1236.195527] vm_area_dup+0x78/0x290 [ 1236.196066] ? lock_release+0x3b2/0x6f0 [ 1236.196645] ? avc_has_perm_noaudit+0x1c8/0x390 [ 1236.197298] ? lock_downgrade+0x6d0/0x6d0 [ 1236.197871] ? copy_page_range+0x2cc8/0x47b0 [ 1236.198521] ? __sanitizer_cov_trace_cmp2+0x22/0x80 [ 1236.199233] ? avc_has_perm_noaudit+0x1ef/0x390 [ 1236.199879] ? avc_has_extended_perms+0xeb0/0xeb0 [ 1236.200558] ? vm_area_alloc+0x110/0x110 [ 1236.201127] ? find_held_lock+0x2c/0x110 [ 1236.201698] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1236.202461] ? selinux_vm_enough_memory+0x10f/0x170 [ 1236.203162] ? selinux_sctp_sk_clone+0x370/0x370 [ 1236.203837] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1236.204600] ? percpu_counter_add_batch+0xb4/0x170 [ 1236.205289] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1236.205977] ? __vm_enough_memory+0x184/0x360 [ 1236.206633] ? security_vm_enough_memory_mm+0x8b/0xc0 [ 1236.207347] dup_mm+0x53f/0x1250 [ 1236.207863] ? replace_mm_exe_file+0x490/0x490 [ 1236.208520] ? __raw_spin_lock_init+0x36/0x110 [ 1236.209167] copy_process+0x3848/0x6cb0 [ 1236.209722] ? lock_is_held_type+0xd7/0x130 [ 1236.210326] ? find_held_lock+0x2c/0x110 [ 1236.210923] ? __cleanup_sighand+0xb0/0xb0 [ 1236.211524] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1236.212275] ? _copy_from_user+0x139/0x170 [ 1236.212870] ? kernel_clone+0x2f8/0xa60 [ 1236.213441] kernel_clone+0xe7/0xa60 [ 1236.213969] ? lock_is_held_type+0xd7/0x130 [ 1236.214626] ? create_io_thread+0xf0/0xf0 [ 1236.215250] ? lock_is_held_type+0xd7/0x130 [ 1236.215876] __do_sys_clone3+0x1dd/0x2e0 [ 1236.216459] ? __ia32_sys_clone+0x150/0x150 [ 1236.217116] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1236.217886] ? fput+0x2a/0x50 [ 1236.218388] ? __secure_computing+0xb4/0x290 [ 1236.219020] do_syscall_64+0x3b/0x90 [ 1236.219574] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1236.220306] RIP: 0033:0x7f9fb3b18b19 [ 1236.220820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1236.223294] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1236.224358] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1236.225376] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1236.226399] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1236.227578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1236.228603] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1236.229675] [ 1236.255039] blktrace: Concurrent blktraces are not allowed on sg0 17:17:44 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000000c0)=0x0) statx(r1, &(0x7f00000001c0)='./file0\x00', 0x1000, 0x80, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$security_capability(r0, &(0x7f0000000180), &(0x7f0000000300)=@v3={0x3000000, [{0x2, 0x81}, {0x5, 0x5}], r3}, 0x18, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000100)={'\x00', 0x8, 0xffffff38, 0x2, 0x8001, 0x8, r2}) ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0) 17:17:44 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x3) 17:17:44 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:17:44 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x2000000000000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:17:44 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) lseek(r0, 0x9, 0x3) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0x5, 0x4f7}}, './file0\x00'}) 17:17:44 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 30) [ 1236.425808] FAULT_INJECTION: forcing a failure. [ 1236.425808] name failslab, interval 1, probability 0, space 0, times 0 [ 1236.426680] CPU: 1 PID: 22705 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1236.427251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1236.428007] Call Trace: [ 1236.428199] [ 1236.428375] dump_stack_lvl+0x8b/0xb3 [ 1236.428654] should_fail.cold+0x5/0xa [ 1236.428926] ? anon_vma_clone+0xdc/0x580 [ 1236.429217] FAT-fs (loop0): bogus number of reserved sectors [ 1236.429231] should_failslab+0x5/0x10 [ 1236.429247] kmem_cache_alloc+0x5b/0x480 [ 1236.430036] FAT-fs (loop0): Can't find a valid FAT filesystem [ 1236.430283] anon_vma_clone+0xdc/0x580 [ 1236.431476] anon_vma_fork+0x82/0x6a0 [ 1236.431751] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1236.432107] ? __vm_enough_memory+0x184/0x360 [ 1236.432435] dup_mm+0x91b/0x1250 [ 1236.432702] ? replace_mm_exe_file+0x490/0x490 [ 1236.433039] ? __raw_spin_lock_init+0x36/0x110 [ 1236.433376] copy_process+0x3848/0x6cb0 [ 1236.433666] ? lock_is_held_type+0xd7/0x130 [ 1236.433982] ? find_held_lock+0x2c/0x110 [ 1236.434282] ? __cleanup_sighand+0xb0/0xb0 [ 1236.434618] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1236.435010] ? _copy_from_user+0x139/0x170 [ 1236.435322] ? kernel_clone+0x2f8/0xa60 [ 1236.435618] kernel_clone+0xe7/0xa60 [ 1236.435893] ? lock_is_held_type+0xd7/0x130 [ 1236.436214] ? create_io_thread+0xf0/0xf0 [ 1236.436528] ? lock_is_held_type+0xd7/0x130 [ 1236.436854] __do_sys_clone3+0x1dd/0x2e0 [ 1236.437155] ? __ia32_sys_clone+0x150/0x150 [ 1236.437498] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1236.437892] ? fput+0x2a/0x50 [ 1236.438134] ? __secure_computing+0xb4/0x290 [ 1236.438476] do_syscall_64+0x3b/0x90 [ 1236.438750] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1236.439125] RIP: 0033:0x7f9fb3b18b19 [ 1236.439393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1236.440666] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1236.441204] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1236.441708] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1236.442215] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1236.442738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1236.443242] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1236.443764] 17:17:44 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x3f00000000000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1236.520733] blktrace: Concurrent blktraces are not allowed on sg0 17:18:02 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fork() 17:18:02 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) fork() 17:18:02 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) r4 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r4, 0x4c00, 0xffffffffffffffff) read(r0, &(0x7f0000000280)=""/244, 0xf4) ioctl$IOC_PR_REGISTER(r4, 0x127c, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r5, 0x801c581f, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r2) ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000180)={0x0, {}, 0x0, {}, 0x4, 0x12, 0x9, 0x18, "0c085ee0d43737c7cce643311ec9d0b00b3e0eb0fd5250c5cd319444c5638d84f87683c5b18016b00b3a518f9239394dfd4370da74470a7db67281a92b689c2b", "f0f8dfa198bc2c801089c9cc1fd028f920c3ffffffffff000000002000", [0x7]}) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:18:02 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 31) 17:18:02 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r0 = fork() tkill(r0, 0x9) 17:18:02 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) fgetxattr(r0, &(0x7f0000000080)=@random={'user.', '\x00'}, &(0x7f00000000c0)=""/198, 0xc6) [ 1254.367115] blktrace: Concurrent blktraces are not allowed on sg0 [ 1254.369420] blktrace: Concurrent blktraces are not allowed on sg0 [ 1254.400360] FAULT_INJECTION: forcing a failure. [ 1254.400360] name failslab, interval 1, probability 0, space 0, times 0 [ 1254.401414] CPU: 0 PID: 22823 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 17:18:02 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x4000000000000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:18:02 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1254.402251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1254.403216] Call Trace: [ 1254.403451] [ 1254.403666] dump_stack_lvl+0x8b/0xb3 [ 1254.404002] should_fail.cold+0x5/0xa [ 1254.404330] ? lock_downgrade+0x6d0/0x6d0 [ 1254.404696] ? create_object.isra.0+0x3a/0xa20 [ 1254.405104] should_failslab+0x5/0x10 [ 1254.405432] kmem_cache_alloc+0x5b/0x480 [ 1254.405800] create_object.isra.0+0x3a/0xa20 [ 1254.406189] ? kasan_unpoison+0x23/0x50 [ 1254.406534] kmem_cache_alloc+0x239/0x480 [ 1254.407033] anon_vma_clone+0xdc/0x580 [ 1254.407385] anon_vma_fork+0x82/0x6a0 [ 1254.407716] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1254.408133] ? __vm_enough_memory+0x184/0x360 [ 1254.408515] dup_mm+0x91b/0x1250 [ 1254.408836] ? replace_mm_exe_file+0x490/0x490 [ 1254.409234] ? __raw_spin_lock_init+0x36/0x110 [ 1254.409646] copy_process+0x3848/0x6cb0 [ 1254.410000] ? lock_is_held_type+0xd7/0x130 [ 1254.410385] ? find_held_lock+0x2c/0x110 [ 1254.410781] ? __cleanup_sighand+0xb0/0xb0 [ 1254.411179] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1254.411650] ? _copy_from_user+0x139/0x170 [ 1254.412025] ? kernel_clone+0x2f8/0xa60 [ 1254.412390] kernel_clone+0xe7/0xa60 [ 1254.412787] ? lock_is_held_type+0xd7/0x130 [ 1254.413186] ? create_io_thread+0xf0/0xf0 [ 1254.413588] ? lock_is_held_type+0xd7/0x130 [ 1254.413993] __do_sys_clone3+0x1dd/0x2e0 [ 1254.414366] ? __ia32_sys_clone+0x150/0x150 [ 1254.418870] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1254.419375] ? fput+0x2a/0x50 [ 1254.419684] ? __secure_computing+0xb4/0x290 [ 1254.420085] do_syscall_64+0x3b/0x90 [ 1254.420432] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1254.420894] RIP: 0033:0x7f9fb3b18b19 [ 1254.421234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1254.422810] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1254.423477] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1254.424095] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1254.424707] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1254.425333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1254.425953] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1254.426599] [ 1254.430980] loop7: detected capacity change from 0 to 40 [ 1254.438530] debugfs: File 'dropped' in directory 'loop0' already present! [ 1254.439523] debugfs: File 'msg' in directory 'loop0' already present! [ 1254.449475] FAT-fs (loop7): bogus number of reserved sectors [ 1254.450035] FAT-fs (loop7): Can't find a valid FAT filesystem 17:18:02 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000fe88fb5f0008000300", @ANYRES32=r4, @ANYBLOB="0400cd00590033"], 0x7c}}, 0x0) sendmsg$NL80211_CMD_ASSOCIATE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000425bd7000fcdbdf2526060000080003f42ef655e04ca53df3bde5bd54c2245bd1b85e724c080000004c4a2de310cf09a346b4c17aef33f53793c5b3901b8d7f03923b6f7021cd750000000000000000", @ANYRES32=r4, @ANYBLOB="0c0099000010000047000000040093001000b0001e000000c00d0300070008001e009400100000090000000000000094000600100000000008010000000000000400af0013003400b3a4d38131f2edeb4cf63a3c88e90800"], 0x74}, 0x1, 0x0, 0x0, 0xc040}, 0x24000084) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)=ANY=[@ANYBLOB="030000000000000018000000", @ANYRES32=r0, @ANYRES32]) ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000100)={'\x00', 0x101, 0xfffffffa, 0x93d, 0x2, 0xffe3}) 17:18:02 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) r4 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r4, 0x4c00, 0xffffffffffffffff) read(r0, &(0x7f0000000280)=""/244, 0xf4) ioctl$IOC_PR_REGISTER(r4, 0x127c, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r5, 0x801c581f, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r2) ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000180)={0x0, {}, 0x0, {}, 0x4, 0x12, 0x9, 0x18, "0c085ee0d43737c7cce643311ec9d0b00b3e0eb0fd5250c5cd319444c5638d84f87683c5b18016b00b3a518f9239394dfd4370da74470a7db67281a92b689c2b", "f0f8dfa198bc2c801089c9cc1fd028f920c3ffffffffff000000002000", [0x7]}) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1254.603823] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22982 comm=syz-executor.4 17:18:02 executing program 3: fsmount(0xffffffffffffffff, 0x1, 0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x4, &(0x7f0000000000)=[{0xc71, 0x3, 0x8}, {0xfffb, 0x4, 0xd, 0x3d4b}, {0x1, 0x5, 0xff, 0xfffffff8}, {0x3f, 0x2, 0x5}]}) r0 = fork() tkill(r0, 0x0) [ 1254.678166] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23087 comm=syz-executor.4 [ 1254.690519] debugfs: File 'dropped' in directory 'loop0' already present! [ 1254.707192] debugfs: File 'msg' in directory 'loop0' already present! 17:18:17 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0xf5ffffff00000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1269.481994] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23255 comm=syz-executor.4 17:18:17 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r0 = fork() tkill(r0, 0x9) 17:18:17 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:18:17 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) wait4(r0, &(0x7f0000000040), 0x20000000, 0x0) 17:18:17 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) sendmsg$TIPC_NL_NAME_TABLE_GET(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xc8, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}]}, @TIPC_NLA_NET={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7ff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}]}, @TIPC_NLA_NODE={0x14, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x100}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}]}, @TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}]}]}]}, 0xc8}, 0x1, 0x0, 0x0, 0x20000014}, 0x4) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:18:17 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) r4 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r4, 0x4c00, 0xffffffffffffffff) read(r0, &(0x7f0000000280)=""/244, 0xf4) ioctl$IOC_PR_REGISTER(r4, 0x127c, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r5, 0x801c581f, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r2) ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000180)={0x0, {}, 0x0, {}, 0x4, 0x12, 0x9, 0x18, "0c085ee0d43737c7cce643311ec9d0b00b3e0eb0fd5250c5cd319444c5638d84f87683c5b18016b00b3a518f9239394dfd4370da74470a7db67281a92b689c2b", "f0f8dfa198bc2c801089c9cc1fd028f920c3ffffffffff000000002000", [0x7]}) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:18:17 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 32) 17:18:17 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = fork() ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000140)={0x0, 0x0}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000001c0)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f00000017c0)={r3, 0x2, r0, 0x7}) waitid(0x0, r2, 0x0, 0x8, &(0x7f0000001700)) tkill(r1, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x40000141) ioctl$LOOP_CLR_FD(r5, 0x4c01) pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000040)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r6, 0x40182103, &(0x7f00000000c0)={r7, 0x2, 0xffffffffffffffff, 0x3a5}) r8 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r8, 0x801c581f, 0x0) r9 = fcntl$getown(r4, 0x9) tkill(r9, 0x4) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000040)={r7, 0x2, r8, 0x0, 0x80000}) [ 1269.495020] debugfs: File 'dropped' in directory 'loop0' already present! [ 1269.495603] debugfs: File 'msg' in directory 'loop0' already present! [ 1269.498813] loop7: detected capacity change from 0 to 40 [ 1269.500467] blktrace: Concurrent blktraces are not allowed on sg0 [ 1269.513389] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23265 comm=syz-executor.4 [ 1269.523414] blktrace: Concurrent blktraces are not allowed on sg0 [ 1269.528538] FAULT_INJECTION: forcing a failure. [ 1269.528538] name failslab, interval 1, probability 0, space 0, times 0 [ 1269.530336] CPU: 0 PID: 23268 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1269.531648] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1269.533394] Call Trace: [ 1269.533814] [ 1269.534175] dump_stack_lvl+0x8b/0xb3 [ 1269.534802] should_fail.cold+0x5/0xa [ 1269.535434] ? anon_vma_fork+0xed/0x6a0 [ 1269.536091] should_failslab+0x5/0x10 [ 1269.536710] kmem_cache_alloc+0x5b/0x480 [ 1269.537388] anon_vma_fork+0xed/0x6a0 [ 1269.538019] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1269.538833] ? __vm_enough_memory+0x184/0x360 17:18:17 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) r4 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r4, 0x4c00, 0xffffffffffffffff) read(r0, &(0x7f0000000280)=""/244, 0xf4) ioctl$IOC_PR_REGISTER(r4, 0x127c, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r5, 0x801c581f, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r2) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1269.539576] dup_mm+0x91b/0x1250 [ 1269.540265] ? replace_mm_exe_file+0x490/0x490 [ 1269.540985] ? __raw_spin_lock_init+0x36/0x110 [ 1269.541712] copy_process+0x3848/0x6cb0 [ 1269.542344] ? lock_is_held_type+0xd7/0x130 [ 1269.543035] ? find_held_lock+0x2c/0x110 [ 1269.543693] ? __cleanup_sighand+0xb0/0xb0 [ 1269.544374] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1269.545218] ? _copy_from_user+0x139/0x170 [ 1269.545880] ? kernel_clone+0x2f8/0xa60 [ 1269.546510] kernel_clone+0xe7/0xa60 [ 1269.547118] ? lock_is_held_type+0xd7/0x130 [ 1269.547814] ? create_io_thread+0xf0/0xf0 [ 1269.548492] ? lock_is_held_type+0xd7/0x130 [ 1269.549189] __do_sys_clone3+0x1dd/0x2e0 [ 1269.549840] ? __ia32_sys_clone+0x150/0x150 [ 1269.550577] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1269.551628] ? fput+0x2a/0x50 [ 1269.552360] ? __secure_computing+0xb4/0x290 [ 1269.553323] do_syscall_64+0x3b/0x90 [ 1269.554124] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1269.555208] RIP: 0033:0x7f9fb3b18b19 [ 1269.555970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1269.558918] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1269.560150] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1269.561273] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1269.562389] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1269.563524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1269.564618] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1269.565749] [ 1269.571121] FAT-fs (loop7): bogus number of reserved sectors [ 1269.572454] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1269.615731] debugfs: File 'dropped' in directory 'loop0' already present! [ 1269.619741] debugfs: File 'msg' in directory 'loop0' already present! 17:18:17 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0xfbffffff00000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:18:17 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0) r1 = fork() tkill(r1, 0x9) 17:18:17 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x440200) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:18:17 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) r4 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r4, 0x4c00, 0xffffffffffffffff) read(r0, &(0x7f0000000280)=""/244, 0xf4) ioctl$IOC_PR_REGISTER(r4, 0x127c, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r5, 0x801c581f, 0x0) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1269.743023] debugfs: File 'dropped' in directory 'loop0' already present! 17:18:17 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0xffffffff00000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:18:17 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1269.749143] debugfs: File 'msg' in directory 'loop0' already present! 17:18:17 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r1, 0x4c01) openat$cgroup_subtree(r1, &(0x7f0000000040), 0x2, 0x0) 17:18:17 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/9p', 0x2040, 0x8) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) r2 = accept$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000100)=0x1c) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000480)={0x0, 0xfffffffffffffffd, 0xc3, 0x85, @buffer={0x0, 0xb1, &(0x7f0000000280)=""/177}, &(0x7f0000000340)="bc7e0742d04bc85d376012589b83549fb1ea99cc1c4aaa35aa24d2b29340feb6d10102c77a3bc8252beea7ab0f21133343ac180c3b5818fe6e6377191a086963f492dbf692fb2f931261d6e924481d661716a3f87f8bb37d58dd70b3f61a104a514e6abcb0948b8ae402ed9f0d802d4bbe10502e2c5b4ddecab43ee5c30179bd790d41851e8d2adb69391f8f10cb703ee9ff48e7e225ce9ba59acf3c42e6c310a92e94797a1a0afa6ab298381787ba60d5fd959df0c70117e60b64ae67c20e34946051", &(0x7f00000001c0)=""/1, 0x9, 0x0, 0xffffffffffffffff, &(0x7f0000000440)}) fcntl$dupfd(r2, 0x406, 0xffffffffffffffff) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f0000000140)) r3 = epoll_create(0x4) r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r4, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) r5 = fork() tkill(r5, 0x9) write$P9_RGETLOCK(r4, &(0x7f0000000500)=ANY=[@ANYBLOB="2100000037010002090000000000000058ac000000000000", @ANYRES32=r5, @ANYBLOB="0300404075b19e31c66016510052f994472d44c4fd4abf388b6886345b1edb6b3fc55ec5a9f335557817f841e3c43f021c1bc04aa68ec0c803"], 0x21) [ 1269.795809] loop7: detected capacity change from 0 to 40 17:18:17 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 33) [ 1269.807179] blktrace: Concurrent blktraces are not allowed on sg0 [ 1269.811189] FAT-fs (loop7): bogus number of reserved sectors [ 1269.811619] FAT-fs (loop7): Can't find a valid FAT filesystem 17:18:17 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1269.889672] blktrace: Concurrent blktraces are not allowed on sg0 [ 1269.897343] FAULT_INJECTION: forcing a failure. [ 1269.897343] name failslab, interval 1, probability 0, space 0, times 0 [ 1269.898213] CPU: 1 PID: 23808 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1269.898855] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1269.899687] Call Trace: [ 1269.899877] [ 1269.900047] dump_stack_lvl+0x8b/0xb3 [ 1269.900340] should_fail.cold+0x5/0xa [ 1269.900629] ? anon_vma_clone+0xdc/0x580 [ 1269.900932] should_failslab+0x5/0x10 [ 1269.901207] kmem_cache_alloc+0x5b/0x480 [ 1269.901506] anon_vma_clone+0xdc/0x580 [ 1269.901813] anon_vma_fork+0x82/0x6a0 [ 1269.902236] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1269.902731] ? __vm_enough_memory+0x184/0x360 [ 1269.903092] dup_mm+0x91b/0x1250 [ 1269.903369] ? replace_mm_exe_file+0x490/0x490 [ 1269.903710] ? __raw_spin_lock_init+0x36/0x110 [ 1269.904056] copy_process+0x3848/0x6cb0 [ 1269.904406] ? lock_is_held_type+0xd7/0x130 [ 1269.904861] ? find_held_lock+0x2c/0x110 [ 1269.905275] ? __cleanup_sighand+0xb0/0xb0 [ 1269.905599] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1269.906000] ? _copy_from_user+0x139/0x170 [ 1269.906319] ? kernel_clone+0x2f8/0xa60 [ 1269.906623] kernel_clone+0xe7/0xa60 [ 1269.906902] ? lock_is_held_type+0xd7/0x130 [ 1269.907237] ? create_io_thread+0xf0/0xf0 [ 1269.907556] ? lock_is_held_type+0xd7/0x130 [ 1269.907878] __do_sys_clone3+0x1dd/0x2e0 [ 1269.908180] ? __ia32_sys_clone+0x150/0x150 [ 1269.908521] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1269.908932] ? fput+0x2a/0x50 [ 1269.909182] ? __secure_computing+0xb4/0x290 [ 1269.909594] do_syscall_64+0x3b/0x90 [ 1269.909933] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1269.910414] RIP: 0033:0x7f9fb3b18b19 [ 1269.910684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1269.912005] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1269.912562] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1269.913089] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1269.913595] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1269.914100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1269.914606] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1269.915131] 17:18:33 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) r4 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r4, 0x4c00, 0xffffffffffffffff) read(r0, &(0x7f0000000280)=""/244, 0xf4) ioctl$IOC_PR_REGISTER(r4, 0x127c, 0x0) socket$netlink(0x10, 0x3, 0x0) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:18:33 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 34) 17:18:33 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x800, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) ptrace$setopts(0x4206, r0, 0x8, 0x12) r1 = syz_open_procfs(r0, &(0x7f0000000040)='attr/keycreate\x00') ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f00000000c0)={0x0, 0x2, 0xffffffffffffffff, 0x0, 0x80000}) 17:18:33 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5387, &(0x7f0000000080)) 17:18:33 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0) r1 = fork() tkill(r1, 0x9) 17:18:33 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) tkill(r0, 0x1) r1 = fork() clone3(&(0x7f0000001240)={0x44000000, &(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000180), {0x6}, &(0x7f00000001c0)=""/4096, 0x1000, &(0x7f00000011c0)=""/30, &(0x7f0000001200)=[0xffffffffffffffff, r0, r0, r1, r1, r0, r1, r1], 0x8}, 0x58) tkill(r1, 0x9) waitid(0x2, r1, &(0x7f00000000c0), 0x2, 0x0) 17:18:33 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x8}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:18:33 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1286.132557] blktrace: Concurrent blktraces are not allowed on sg0 [ 1286.133883] blktrace: Concurrent blktraces are not allowed on sg0 17:18:33 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x3, 0xffe3}) [ 1286.151885] loop7: detected capacity change from 0 to 40 [ 1286.152940] FAULT_INJECTION: forcing a failure. [ 1286.152940] name failslab, interval 1, probability 0, space 0, times 0 [ 1286.154066] CPU: 0 PID: 23910 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1286.154691] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1286.155534] Call Trace: [ 1286.155731] [ 1286.155901] dump_stack_lvl+0x8b/0xb3 [ 1286.156192] should_fail.cold+0x5/0xa [ 1286.156472] ? anon_vma_fork+0x1de/0x6a0 [ 1286.156775] should_failslab+0x5/0x10 [ 1286.157047] kmem_cache_alloc+0x5b/0x480 [ 1286.157346] anon_vma_fork+0x1de/0x6a0 [ 1286.157638] dup_mm+0x91b/0x1250 [ 1286.157904] ? replace_mm_exe_file+0x490/0x490 [ 1286.158245] ? __raw_spin_lock_init+0x36/0x110 [ 1286.158582] copy_process+0x3848/0x6cb0 [ 1286.158878] ? lock_is_held_type+0xd7/0x130 [ 1286.159196] ? find_held_lock+0x2c/0x110 [ 1286.159506] ? __cleanup_sighand+0xb0/0xb0 [ 1286.159830] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1286.160227] ? _copy_from_user+0x139/0x170 [ 1286.160542] ? kernel_clone+0x2f8/0xa60 [ 1286.160838] kernel_clone+0xe7/0xa60 [ 1286.161124] ? lock_is_held_type+0xd7/0x130 [ 1286.161436] ? create_io_thread+0xf0/0xf0 [ 1286.161758] ? lock_is_held_type+0xd7/0x130 [ 1286.162084] __do_sys_clone3+0x1dd/0x2e0 [ 1286.162394] ? __ia32_sys_clone+0x150/0x150 [ 1286.162734] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1286.163139] ? fput+0x2a/0x50 [ 1286.163400] ? __secure_computing+0xb4/0x290 [ 1286.163729] do_syscall_64+0x3b/0x90 [ 1286.164015] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1286.164406] RIP: 0033:0x7f9fb3b18b19 [ 1286.164682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1286.165889] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1286.166446] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1286.166961] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1286.167497] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1286.167985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1286.168503] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1286.169004] [ 1286.185779] FAT-fs (loop7): bogus number of reserved sectors [ 1286.186267] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1286.201932] debugfs: File 'dropped' in directory 'loop0' already present! [ 1286.206648] debugfs: File 'msg' in directory 'loop0' already present! [ 1286.237853] blktrace: Concurrent blktraces are not allowed on sg0 17:18:34 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x20, 0x1, 0x80, 0xffffffff}, {0x200, 0x1b, 0x9, 0xc58}, {0xb4c, 0x4, 0x1, 0x8}, {0x6, 0xfe, 0x1, 0x1000}]}) r0 = fork() tkill(r0, 0x0) 17:18:34 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:18:34 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:18:34 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) r4 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r4, 0x4c00, 0xffffffffffffffff) read(r0, &(0x7f0000000280)=""/244, 0xf4) ioctl$IOC_PR_REGISTER(r4, 0x127c, 0x0) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:18:34 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 35) 17:18:34 executing program 4: prctl$PR_GET_SECUREBITS(0x1b) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x2, 0x2080c0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x82, 0xffe5}) syz_open_dev$sg(&(0x7f0000000080), 0xb4b, 0xc000) ioctl$SG_GET_LOW_DMA(0xffffffffffffffff, 0x227a, &(0x7f00000000c0)) [ 1286.423544] loop7: detected capacity change from 0 to 40 [ 1286.482484] FAULT_INJECTION: forcing a failure. [ 1286.482484] name failslab, interval 1, probability 0, space 0, times 0 [ 1286.483989] CPU: 0 PID: 24236 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1286.485012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1286.486374] Call Trace: [ 1286.486701] [ 1286.486998] dump_stack_lvl+0x8b/0xb3 [ 1286.487510] should_fail.cold+0x5/0xa [ 1286.488001] ? create_object.isra.0+0x3a/0xa20 [ 1286.488603] should_failslab+0x5/0x10 [ 1286.489092] kmem_cache_alloc+0x5b/0x480 [ 1286.489621] create_object.isra.0+0x3a/0xa20 [ 1286.490216] ? kasan_unpoison+0x23/0x50 [ 1286.490778] kmem_cache_alloc+0x239/0x480 [ 1286.491384] anon_vma_fork+0x1de/0x6a0 [ 1286.491947] dup_mm+0x91b/0x1250 [ 1286.492473] ? replace_mm_exe_file+0x490/0x490 [ 1286.493112] ? __raw_spin_lock_init+0x36/0x110 [ 1286.493777] copy_process+0x3848/0x6cb0 [ 1286.494344] ? lock_is_held_type+0xd7/0x130 [ 1286.494987] ? find_held_lock+0x2c/0x110 [ 1286.495594] ? __cleanup_sighand+0xb0/0xb0 [ 1286.496238] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1286.497037] ? _copy_from_user+0x139/0x170 [ 1286.497631] ? kernel_clone+0x2f8/0xa60 [ 1286.498208] kernel_clone+0xe7/0xa60 [ 1286.498701] ? lock_is_held_type+0xd7/0x130 [ 1286.499295] ? create_io_thread+0xf0/0xf0 [ 1286.499875] ? lock_is_held_type+0xd7/0x130 [ 1286.500459] __do_sys_clone3+0x1dd/0x2e0 [ 1286.501015] ? __ia32_sys_clone+0x150/0x150 [ 1286.501623] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1286.502345] ? fput+0x2a/0x50 [ 1286.502796] ? __secure_computing+0xb4/0x290 [ 1286.503428] do_syscall_64+0x3b/0x90 [ 1286.503943] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1286.504653] RIP: 0033:0x7f9fb3b18b19 [ 1286.505155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1286.507473] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1286.508459] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1286.509366] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1286.510265] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1286.511171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1286.512086] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1286.513025] 17:18:34 executing program 3: getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x11, &(0x7f00000000c0), &(0x7f0000000140)=0x4) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000100)={0x6, 'veth1_to_team\x00', {0x5}, 0x7}) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000200)) r1 = fork() ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000180)) tkill(r1, 0x0) [ 1286.515500] FAT-fs (loop7): bogus number of reserved sectors [ 1286.516387] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1286.519652] debugfs: File 'dropped' in directory 'loop0' already present! [ 1286.520803] debugfs: File 'msg' in directory 'loop0' already present! 17:18:34 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x1100}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:18:34 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0) r1 = fork() tkill(r1, 0x9) 17:18:34 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x400200) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f00000000c0)={'\x00', 0x800, 0x3c, 0x3, 0x80, 0x4}) ioctl$F2FS_IOC_GET_PIN_FILE(r0, 0x8004f50e, &(0x7f0000000000)) 17:18:34 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) r4 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r4, 0x4c00, 0xffffffffffffffff) read(r0, &(0x7f0000000280)=""/244, 0xf4) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:18:34 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x2000}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1286.776944] debugfs: File 'dropped' in directory 'loop0' already present! [ 1286.790875] debugfs: File 'msg' in directory 'loop0' already present! 17:18:49 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:18:49 executing program 6: syz_io_uring_setup(0x2ce7, &(0x7f00000000c0)={0x0, 0x6588, 0x20, 0x1, 0x15e}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000140)) r1 = syz_io_uring_setup(0x6b46, &(0x7f0000000180)={0x0, 0xce33, 0x1, 0x3, 0x1d4}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000240)=0x0) r3 = epoll_create(0x4) r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r4, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) r5 = socket$netlink(0x10, 0x3, 0x0) recvmsg$unix(r4, &(0x7f0000001000)={&(0x7f0000000900), 0x6e, &(0x7f0000000f00)=[{&(0x7f0000000980)=""/136, 0x88}, {&(0x7f0000000a40)=""/88, 0x58}, {&(0x7f0000000ac0)=""/41, 0x29}, {&(0x7f0000000b00)=""/107, 0x6b}, {&(0x7f0000000b80)=""/104, 0x68}, {&(0x7f0000000c00)=""/201, 0xc9}, {&(0x7f0000000d00)=""/160, 0xa0}, {&(0x7f0000000dc0)=""/82, 0x52}, {&(0x7f0000000e40)=""/44, 0x2c}, {&(0x7f0000000e80)=""/78, 0x4e}], 0xa, &(0x7f0000000fc0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}, 0x10060) ioctl$FS_IOC_FSGETXATTR(r5, 0x801c581f, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000008c0)={0xd8, 0x0, &(0x7f00000006c0)=[@register_looper, @free_buffer, @enter_looper, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000480)={@fda={0x66646185, 0x5, 0x2, 0x21}, @flat=@binder={0x73622a85, 0x110a}, @ptr={0x70742a85, 0x0, &(0x7f0000000280)=""/81, 0x51, 0x0, 0x32}}, &(0x7f0000000300)={0x0, 0x20, 0x38}}}, @clear_death, @acquire, @request_death, @reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000600)={@fd={0x66642a85, 0x0, r1}, @ptr={0x70742a85, 0x0, &(0x7f0000000500)=""/255, 0xff, 0x2, 0x32}, @fd={0x66642a85, 0x0, r5}}, &(0x7f0000000680)={0x0, 0x18, 0x40}}, 0x40}, @release={0x40046306, 0x2}, @enter_looper], 0xc5, 0x0, &(0x7f00000007c0)="d16ac62d8694227f53c0d754597bebc68e8851493829554a8aaa0b5fa76f8bd14b7424f5ef50c44aeb7d440611f40e4ddca8a4fc8e50a2c2fd63211c8ead0c6004ea7634f0f155119466de91dd0e9b58c077dd2f9df389ea807f9169fe38b454c7ca7f6edc6f291fb1ff7925b50a52bc96de6fdfd634ffcc5b97b969d0ef5fd8893caf68c0622303d679324a12705a1769d14b5a3a43433c052d68479bc1f9f7ba3d05fa56999228619b1708506ada4804a7c5d278386f6bb45696a5f63f82d9b56fd4f399"}) r6 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r6, 0x801c581f, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r0, r2, &(0x7f0000000340)=@IORING_OP_SEND={0x1a, 0x2, 0x0, r6, 0x0, &(0x7f0000000380)="d834a733af9ab83d264c7533b39c40a0f0b2610e2ebee55cc77be9217dc30b3ff501abf2a5d6ab2fa9a194422be08860356962ade98a3ebf15890f6ea4cc250a1e6e9a77d6944e96e164b9ffff000000000000053100faff01c1212d943c894ae5a59a22eb24700af5eca9b95f4a1c45928e90a3451c1f0b7264ffd454d5d826006109af848de732afb6385bebf40e4c712cfffe6d32b54f9e9cd55108dd0c456689e120379f2eae8f472f48464a054d7c2529b277a43f5fcacac97a2ea171798735b4180fbfd77b1ce84b", 0xcb, 0x4044000, 0x1}, 0x20) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r7 = fork() tkill(r7, 0x0) 17:18:49 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fork() r1 = dup(r0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000140)) r2 = fork() tkill(r2, 0x9) r3 = fork() tkill(r3, 0x9) rt_sigqueueinfo(r3, 0x1, &(0x7f00000000c0)={0x27, 0x80, 0xff}) tkill(r2, 0x3) 17:18:49 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 36) 17:18:49 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:18:49 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = getpid() r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) read(r2, &(0x7f0000000080)=""/1, 0x1) write$cgroup_pid(r2, &(0x7f00000000c0)=r1, 0x12) close(r2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/cpuset.cpus\x00', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/cgroup.procs\x00', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.net/devices.allow\x00', 0x1, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:18:49 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) r4 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_FD(r4, 0x4c00, 0xffffffffffffffff) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:18:49 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x3f00}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1301.939904] FAULT_INJECTION: forcing a failure. [ 1301.939904] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1301.940982] CPU: 0 PID: 24683 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1301.941687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1301.942628] Call Trace: [ 1301.942864] [ 1301.943071] dump_stack_lvl+0x8b/0xb3 [ 1301.943422] should_fail.cold+0x5/0xa [ 1301.943765] loop7: detected capacity change from 0 to 40 [ 1301.943818] prepare_alloc_pages+0x17b/0x500 [ 1301.944702] __alloc_pages+0x131/0x4e0 [ 1301.945065] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1301.945609] ? lock_release+0x3b2/0x6f0 [ 1301.945986] alloc_pages+0x1a0/0x2f0 [ 1301.946344] get_zeroed_page+0x14/0xa0 [ 1301.946698] __pud_alloc+0x33/0x270 [ 1301.947033] copy_page_range+0x35ea/0x47b0 [ 1301.947428] ? find_held_lock+0x2c/0x110 [ 1301.947828] ? lock_downgrade+0x6d0/0x6d0 [ 1301.948210] ? vm_iomap_memory+0x190/0x190 [ 1301.948590] ? up_write+0x148/0x460 [ 1301.948917] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1301.949362] ? __vma_link_rb+0x540/0x700 [ 1301.949739] dup_mm+0x961/0x1250 [ 1301.950107] ? replace_mm_exe_file+0x490/0x490 [ 1301.950540] ? __raw_spin_lock_init+0x36/0x110 [ 1301.950952] copy_process+0x3848/0x6cb0 [ 1301.951313] ? lock_is_held_type+0xd7/0x130 [ 1301.951720] ? find_held_lock+0x2c/0x110 [ 1301.952105] ? __cleanup_sighand+0xb0/0xb0 [ 1301.952497] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1301.952975] ? _copy_from_user+0x139/0x170 [ 1301.953369] ? kernel_clone+0x2f8/0xa60 [ 1301.953748] kernel_clone+0xe7/0xa60 [ 1301.954098] ? lock_is_held_type+0xd7/0x130 [ 1301.954481] ? create_io_thread+0xf0/0xf0 [ 1301.954874] ? lock_is_held_type+0xd7/0x130 [ 1301.955295] __do_sys_clone3+0x1dd/0x2e0 [ 1301.955723] ? __ia32_sys_clone+0x150/0x150 [ 1301.956006] FAT-fs (loop7): bogus number of reserved sectors [ 1301.956153] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1301.956689] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1301.957147] ? fput+0x2a/0x50 [ 1301.957181] ? __secure_computing+0xb4/0x290 [ 1301.957213] do_syscall_64+0x3b/0x90 [ 1301.958649] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1301.959130] RIP: 0033:0x7f9fb3b18b19 [ 1301.959493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1301.961079] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1301.961727] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1301.962337] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1301.962939] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1301.963627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1301.964282] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1301.964922] [ 1301.972313] debugfs: File 'dropped' in directory 'loop0' already present! [ 1301.973011] debugfs: File 'msg' in directory 'loop0' already present! [ 1301.977653] blktrace: Concurrent blktraces are not allowed on sg0 17:18:49 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) r4 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1302.157493] debugfs: File 'dropped' in directory 'loop0' already present! [ 1302.160279] debugfs: File 'msg' in directory 'loop0' already present! 17:18:50 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x4000}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:18:50 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 37) [ 1302.219385] FAULT_INJECTION: forcing a failure. [ 1302.219385] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1302.220626] CPU: 0 PID: 25093 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1302.221315] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1302.222214] Call Trace: [ 1302.222436] [ 1302.222637] dump_stack_lvl+0x8b/0xb3 [ 1302.222982] should_fail.cold+0x5/0xa [ 1302.223320] prepare_alloc_pages+0x17b/0x500 [ 1302.223766] __alloc_pages+0x131/0x4e0 [ 1302.224114] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1302.224633] ? find_held_lock+0x2c/0x110 [ 1302.224998] ? lock_downgrade+0x6d0/0x6d0 [ 1302.225359] ? do_raw_spin_lock+0x121/0x260 [ 1302.225743] alloc_pages+0x1a0/0x2f0 [ 1302.226197] __pmd_alloc+0x37/0x680 [ 1302.226520] copy_page_range+0x3575/0x47b0 [ 1302.226919] ? lock_downgrade+0x6d0/0x6d0 [ 1302.227300] ? vm_iomap_memory+0x190/0x190 [ 1302.227702] ? up_write+0x148/0x460 [ 1302.228029] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1302.228462] ? __vma_link_rb+0x540/0x700 [ 1302.228831] dup_mm+0x961/0x1250 [ 1302.229157] ? replace_mm_exe_file+0x490/0x490 [ 1302.229563] ? __raw_spin_lock_init+0x36/0x110 [ 1302.229971] copy_process+0x3848/0x6cb0 [ 1302.230328] ? lock_is_held_type+0xd7/0x130 [ 1302.230713] ? find_held_lock+0x2c/0x110 [ 1302.231093] ? __cleanup_sighand+0xb0/0xb0 [ 1302.231475] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1302.232028] ? _copy_from_user+0x139/0x170 [ 1302.232407] ? kernel_clone+0x2f8/0xa60 [ 1302.232793] kernel_clone+0xe7/0xa60 [ 1302.233128] ? lock_is_held_type+0xd7/0x130 [ 1302.233510] ? create_io_thread+0xf0/0xf0 [ 1302.233893] ? lock_is_held_type+0xd7/0x130 [ 1302.234281] __do_sys_clone3+0x1dd/0x2e0 [ 1302.234660] ? __ia32_sys_clone+0x150/0x150 [ 1302.235094] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1302.235590] ? fput+0x2a/0x50 [ 1302.235906] ? __secure_computing+0xb4/0x290 [ 1302.236306] do_syscall_64+0x3b/0x90 [ 1302.236696] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1302.237140] RIP: 0033:0x7f9fb3b18b19 [ 1302.237468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1302.242101] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1302.244028] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1302.245822] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1302.247567] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1302.249378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1302.251125] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1302.252907] 17:18:50 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7f7f0000}, {0x20, 0x1, 0x3f, 0x9}]}) r0 = fork() tkill(r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) fallocate(r1, 0x70, 0x7, 0x0) 17:18:50 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) wait4(r0, &(0x7f0000000040), 0x1, 0x0) 17:18:50 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:18:50 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:19:14 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:19:14 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x6, 0x9}) r1 = fork() tkill(r1, 0x9) 17:19:14 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x30001) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=ANY=[@ANYBLOB="fd000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000300)={0x53, 0xfffffffffffffffb, 0x15, 0x7, @buffer={0x0, 0xfb, &(0x7f0000000080)=""/251}, &(0x7f0000000180)="ebc9a812f87822079d6225cdc00ff982ce5612e029", &(0x7f00000001c0)=""/207, 0x0, 0x10, 0x1, &(0x7f00000002c0)}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, 0x0) close_range(0xffffffffffffffff, r2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) [ 1326.506368] loop7: detected capacity change from 0 to 40 [ 1326.507653] FAULT_INJECTION: forcing a failure. [ 1326.507653] name failslab, interval 1, probability 0, space 0, times 0 [ 1326.509183] CPU: 0 PID: 25426 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1326.510198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1326.511502] Call Trace: [ 1326.511829] [ 1326.512178] dump_stack_lvl+0x8b/0xb3 [ 1326.512671] should_fail.cold+0x5/0xa [ 1326.513178] ? __pmd_alloc+0x94/0x680 [ 1326.513678] should_failslab+0x5/0x10 [ 1326.514231] kmem_cache_alloc+0x5b/0x480 [ 1326.514960] ? alloc_pages+0x1a8/0x2f0 [ 1326.515697] __pmd_alloc+0x94/0x680 [ 1326.516401] copy_page_range+0x3575/0x47b0 [ 1326.517306] ? lock_downgrade+0x6d0/0x6d0 [ 1326.518159] ? vm_iomap_memory+0x190/0x190 [ 1326.518969] ? up_write+0x148/0x460 [ 1326.519663] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1326.520613] ? __vma_link_rb+0x540/0x700 [ 1326.521403] dup_mm+0x961/0x1250 [ 1326.522091] ? replace_mm_exe_file+0x490/0x490 [ 1326.522962] ? __raw_spin_lock_init+0x36/0x110 [ 1326.523861] copy_process+0x3848/0x6cb0 [ 1326.524640] ? lock_is_held_type+0xd7/0x130 [ 1326.525104] FAT-fs (loop7): bogus number of reserved sectors [ 1326.525457] ? find_held_lock+0x2c/0x110 [ 1326.526271] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1326.526976] ? __cleanup_sighand+0xb0/0xb0 [ 1326.528418] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1326.529433] ? _copy_from_user+0x139/0x170 [ 1326.530253] ? kernel_clone+0x2f8/0xa60 [ 1326.531031] kernel_clone+0xe7/0xa60 [ 1326.531762] ? lock_is_held_type+0xd7/0x130 [ 1326.532622] ? create_io_thread+0xf0/0xf0 [ 1326.533446] ? lock_is_held_type+0xd7/0x130 [ 1326.534300] __do_sys_clone3+0x1dd/0x2e0 [ 1326.535078] ? __ia32_sys_clone+0x150/0x150 [ 1326.535956] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1326.536969] ? fput+0x2a/0x50 [ 1326.537613] ? __secure_computing+0xb4/0x290 [ 1326.538442] do_syscall_64+0x3b/0x90 [ 1326.539148] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1326.540141] RIP: 0033:0x7f9fb3b18b19 [ 1326.540815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1326.543978] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1326.545340] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1326.546603] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1326.547862] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1326.549157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1326.550422] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1326.551727] [ 1326.596933] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=25532 comm=syz-executor.4 [ 1326.598604] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=25532 comm=syz-executor.4 [ 1326.600180] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=25532 comm=syz-executor.4 [ 1326.601755] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=25532 comm=syz-executor.4 [ 1326.604517] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=25532 comm=syz-executor.4 [ 1326.606303] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2572 sclass=netlink_route_socket pid=25532 comm=syz-executor.4 [ 1326.607887] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2571 sclass=netlink_route_socket pid=25532 comm=syz-executor.4 [ 1326.648226] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=25532 comm=syz-executor.4 [ 1326.650070] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=25532 comm=syz-executor.4 [ 1326.651621] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=25532 comm=syz-executor.4 sendmsg$NFT_BATCH(r3, &(0x7f00000066c0)={&(0x7f0000001700)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000006680)={&(0x7f0000001740)={{0x14}, [@NFT_MSG_DELCHAIN={0x50, 0x5, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x7}]}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xffffffffffffffff}]}, @NFT_MSG_DELCHAIN={0x54, 0x5, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffd}, @NFTA_CHAIN_POLICY={0x8}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffb}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffb}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x4}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWTABLE={0x1c, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFTA_TABLE_FLAGS={0x8}]}, @NFT_MSG_DELCHAIN={0x44, 0x5, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_CHAIN_HOOK={0x30, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'macvtap0\x00'}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x55f930ad}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xeba9308}]}]}, @NFT_MSG_DELSETELEM={0x20, 0xe, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSETELEM={0x4d4c, 0xc, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0x5}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x4d38, 0x3, 0x0, 0x1, [{0xe8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPR={0x4}, @NFTA_SET_ELEM_FLAGS={0x8}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x52}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x7f}, @NFTA_SET_ELEM_USERDATA={0xb0, 0x6, 0x1, 0x0, "4f6f4a75b8cb4cd6188080d7b47f8aa62607e576c0fc8f16ea574e2679380a54bcb02523b89d75c49afee50bc46652a40698103469118b565d27811f00917d0a10e54b679651fc68e06964a386afb483a9474911de3051ef73c972456c99fe06436fa14581421d2dfa11fdb045da48e719ee7ad06644112b71e74c89e00620cf9eb96fb30756392ba2ffc14923b895399d681633fd53353fbfbddfa18d51ba1fddde9ab0ad82091f7ccd4136"}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_EXPR={0x4}]}, {0x520, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x1f}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x7}, @NFTA_SET_ELEM_KEY={0x270, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0x36, 0x1, "dc5e6620f6cdb064692cecf71de523f6323a64ec90af743fa2d96e60f8523937a7fa0deff1cbe7add5747bb4622554331332"}, @NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0xb9, 0x1, "50747825c18fedd0723a5e4cd64ddbff596bdd2bf0329b29ac6f88652eba1178906197b3451ab07c3d6b6fd7fe434821c2532900d2c44487c5e6cf9e8949b38d3eec18bf283930fa21e9f673ac4bca1a21b4423ed13d128feee04d5f6cec12760e534e2ccd1e9a5e39f61a79fd440dd5b1144d077ddeedad64b36a74e9bd23cfaacdd0cbc50cc1f13c9192bf7eb2b9c8ed839ddcc81cb7273fdc200cd675472afafc8af9d5b7a232c50ed1865a3709597063ce5d36"}, @NFTA_DATA_VERDICT={0x34, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0xda, 0x1, "536071d7699d663d3401a42dc17cf6c338cbb20851c48ce3083e48a65a83be4086a3d9341dc56f0a8bf2afced1f450da411993f77a20d50dd2ddf1e9b1b904a5283df0e65d94ac1dcb2fd5128f47a278ab6d5482d67ba34110ce9e7eead5480164414f97ab323735da461c6da850bc46d7eeb4a369330852dd9cb98eea2687ab6b3b19d35d8292e0af093f702051ff72a76681782870eadf425638469960d7e784ffbd4c1e221d7b40f64f71a98e1aef7da1fa8ea5a8c5bdd2e7f887ab633f691ad6d7051d76d1b9587f66a7c73ec0000d7f4b9cd2cf"}, @NFTA_DATA_VALUE={0x6, 0x1, "57e0"}]}, @NFTA_SET_ELEM_EXPR={0x4}, @NFTA_SET_ELEM_TIMEOUT={0xc}, @NFTA_SET_ELEM_KEY={0x284, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x16, 0x1, "74b6689134bd0821b7ac2d5a452f8dd28bd0"}, @NFTA_DATA_VALUE={0xac, 0x1, "b59a7730d29514f27163b000335f954528d3bfd00284a1eb4a29341657beecea2d7dc0be5713f8a96f78835e4210962948a211e530b1c7d01ac1cebdd05f8f7820dc9f153a90a8deb36581d5b2907b6708b9f25a15fd4956c3892db566be88622e48efca91fdf2dd0e909790e6cd124b33a861ee02b509562ddcf6246b1616b94794e8885bc3b04cf2279aa108d496192224a4ede7ff6f2d2863188c6f9a339b2c0bc5a31cbcab67"}, @NFTA_DATA_VERDICT={0x58, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x7}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0xb2, 0x1, "4ae85f850159ef4cfccad414cf9095ecf6a8565fb6b35dc2c457d0b69a3295eadde94152eda21e90d84186f5344c3790efb0f18eabc9d494f2874b12f50e35e2d892b409b3a1cddce058934352a954b333bac2431ea2e152940c30883824ff0f05077c0c9000087ed0be5e688436a75465c79fdb0ed7c3db331fc6a7de6fbc3ff7387a451d07e07b7cc73a29e8ab4c418776a77a698b4080fcc7e10362b89c98dd7ba270d653f285ae4b3bdd8c47"}, @NFTA_DATA_VALUE={0x31, 0x1, "178d6a32ae417bf3d35195a0b8957d2239e55d92c80b40af0bf566b3461ce4e0b3a12b0ecdb757d0462745e11f"}, @NFTA_DATA_VALUE={0x7a, 0x1, "e1689df1930829453264ca5ae81161ca1565c3c54f4f6f7ba1fbb0e409804c0b5f827f5e93b4b363062e9684325533ca2bd1cdcd2bf51072876ab11cdc176add0c0271965aa651416ff1b5f28f16bab5934741d3bbb23d6eef3c1d0b36be399c60656cefb336edb6eb7c50c2869ec8943f409158c6a2"}]}]}, {0x2a4, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_DATA={0xac, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0x21, 0x1, "a0781b60f0f676adcf8cd6a8de9d01dc97066de8dd1b974db5d5c5e693"}, @NFTA_DATA_VALUE={0x67, 0x1, "1254fb79d0bc78b2e104092a7c48c1eb1acae0cc46336ec831001545dc21ab9e93e336a3c21ee220e3980ea466e60aea0bdd34a11dd8e5e93250ba62ad4883a10f88d7eb0acbe023cf5472e644c76a79c371ede43108bd3c64a6af9dd87cfcbf7d65aa"}]}, @NFTA_SET_ELEM_KEY={0x10c, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x93, 0x1, "3984ecf74bc0683787630bd72e11395487c092fe72e6d83b7e22aa483d07b21e8a533143274c1ffbd7b8dc2a8ceceba5b15b13113a331e8d9c593880d1eb2d02cd396247ce29268687c43cb51730e2e1162f9c00d3dcd5c3df8e15900a15a5275638d4e524dc524178258252834b80bdb9db0fed16cf18b4773f1982b97c4952edb0ab50a1e7055899616b9a65e813"}, @NFTA_DATA_VALUE={0x73, 0x1, "cfa00156a3a2c6eb7341ef960e17460fbdbdef5e590576103ab2b46dc1fb20d25dd9d634774602bf74ad605853f2f8aad57ed1f6a6fc16b7d44c4456c6290215afe63ae0c665ae17f58c95f3d0e396ff7e66735621a3cb1b54e9a67f0612a0ed9054075cb0c212f2eb7b65c3ac4dbf"}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_USERDATA={0xd3, 0x6, 0x1, 0x0, "25a58dc8e3a11de5f6d3e26ec0444aed73d91b57c78bdcaa3178ff95d7f846cf3450d0144db0f74e9a45c77d80f3cef68d77db941c2fee676f9e44963a7c7148da5ef8b333a6d39223bf3575c397957936ca96580e2af7a9bae65ed7419a38c9c03e9641b969ac553284c319a6260efb4a00a2085e2f6e2cd360c48c38fb8f5c9fe86dac1ec39136c2d007549c4ac05b27cd1132563fc9ebe2e257443ae4d7848a9d389a8284aeec85804033c1f9da7cee88e79932fa5fdeef3c56dc15257bb943e96f57a50ba79e849918946b53b2"}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}, {0x17b4, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x188, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0xe2, 0x1, "10d03bde263825adf6979caa929ad1f26d33c4c3cf8eb0d857ce0d2603568f8462fce537e75103a6c4f9646c2decad5a46aba1c98b4f35b13590b744e65a764bc42523a7aeabfea35e435c427209412234011c0bed5bf44ae2a0f97db34b5c389f8b741d9560b9720db42674015e40251f60ebba0ade6952d06fca4b572878a9b06f938d4ca2f2f7ee10f6cbed690ce78bb63c90228980be71aebf5781210c8534c096fb89a7ada44bf18f0535f2a36e119432a588ceebd901e936b3795c5cfba9e6f635cddf7bedf8fd6b901dab69af7a8bdcfaaa303e08ccc0f07bd4ea"}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0x2b, 0x1, "09e5d174b03f6c1339e9822c67118f02ff13143a64bb5fa28d45b9efa47854104c349bcdbf9938"}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}, @NFTA_DATA_VALUE={0x3d, 0x1, "59e1cddbdde368ba7b113eba3256efc2092ce6828ff0fe4da6c225ab14c9f076c92a997ac8527719f747eadc4884aa2fb2890979bbaf6ee736"}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}]}, @NFTA_SET_ELEM_DATA={0x360, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0xca, 0x1, "083c9a22baddfbd96734dfbdce483bf1a28e4e0f99e81a51f08462f946f13b866e004d0f509c22443b0638ab8e214ec581cb2db026f353b811eddf88c5d9c53998a45addea00f033f58850dcb5012272e7fe761fea0c0db62fbbd60dd92535f19bbf5e760f7791ef3842752ee4403e1f76276cb7d011456a7a2da64285e589f3d47bfcdfad85ce1e526d86bdacef69a9a126865a15a23d824269d62953e64d612baa1ebedfbe91ffec757a617d814fe764f1f9d69b89256ee8e648e935ab0288081fb139a801"}, @NFTA_DATA_VALUE={0xf2, 0x1, "ff6db194f27d771a771862764dd8076c87c6b543840913b8846e92e42b38348bd4454754db25f4f181497890cc8c58d4b1e7dc78d59a6eaf16c6b8241faa1b36217836ea087a46dc45efde18e55490d308b1e9356f55daaa4838738f6e86e51c6b53a661fa6f5f8d356ffc0dff45e4a2fd5f901810d9f3a55ad762e6465e8fd280b4eabb04860d67c575b62dc41711d09b27b0e2c9692082a51fcca3b1b96383b12416c4f7d0b102e4210cc494c0106107e52a75d2f084c9b279f83ca0470c222f7de2f484f127668f2810aa18fc9ec5c678af5a247610f05f6ea28a2c7ce237d20c867c6401d228a3b033413e59"}, @NFTA_DATA_VALUE={0xba, 0x1, "f8f4f4f9e9b0c3892a4789d62eef9aa7005d2ffe6d44ce059f41ec6224e616fd9e5e0a32bec7606d6e87ef97ddd3cbe4a8fe0062f2de4f5fc0091c9d465057860e0d7ce3b38b765e125c7d562158a90223ea645f26e0f1529ee7fc925018c021c751fff00bf779e791a103feba3f0eeef29855e540482cc472f6b466695bc29e693e96625b2472fe169e4696eebff0442d49a5f5385b4f5e577edcaac40d7af2f79fa9c744c14f1e61a3d5e018d71952701778ba6abf"}, @NFTA_DATA_VALUE={0xad, 0x1, "75edaa84c545e0029f076647cacd6b9f8256abac41ffa0abbc0632092980d0d2fcf4b77b98dfce1166805c053368d954c7e8ea96589b96fbfd6c24d146028abb5c08fe213cc377e1a034a06b84b4876cf48a1f23dd64abc40a2f1a3eb7d08a0fbbb7e36e23fd3ddd833c62207325ff98518e8fb72425b920d5fb4aa3d745b1427e2a35f68fc7bddf2183de3cd53b6b9a1e9537bb7708e4176dd9f95e455b45b20224e0b222d5230c61"}]}, @NFTA_SET_ELEM_KEY={0x1180, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VALUE={0x1004, 0x1, "58fda68289acb1af9ec35d2f18abd3b43f8b6e73f77ecb37c6df9cf9bcbcf17f6e0872b4fe22fbf7826d3d7ceeb723d93572f177de91010c88a74ac2c1f2de4fdf430d301dfc1b4fa5f424d216729c14658caf6f69fe136fbb8535a4fb821fed7868b9525086e6afbc02a64693871dad201d4439747c77cab400791e3b1bc910d68ba9863ce073ccf6f2edc65c03acf8352b94158f521efff113622e5e3e026bbb85c4f2b98d9eac67604a63cd0593e77a1d12eac51001e8b42e3416188e77857620b97d844f04a799f861f0609054c51c955eeeb79acb4b2faf6b01cdc7306323a6cf3173a29dcbe10f51d390502f72843cffb3fbe216ff4b11a971293e6adbdd4eb030eb5f8f542b92f86843b9a331ed621943c8d90337bdac3f41e3a32232c69b08c4944f28ce5bb043fc1f9cad441d5604050517e31cbed36c2e88e6300b6bd676ef321da0f0ff21fd3002091fa2c1d5f7739a78bfb9b9e38a872e3ae49a2a03d3465d28ef589d052a2add56d27d44f74563175d00d8a75cac6e8b55d73b0ec4f324524c95c93bcc793389fb8c8738eb3d52fb298bf7923bd2ef656369f3c302973398e6fdca41f1b40deb64700c953c5697eeae441a44462e5bca4d62991ae3f767b1aefb984150c4301384b349cc79aa75d98c4e26e35c6f43909431bf49d11dcbe341baee29945b2f0cfce26e1af431deec2b850ceede4d2f57cdb250e5aa3b97048a72ce2371cac94625880db22200f2ae159486e4f34fd88ac697e00728cdb4615e10beaec69057aebd9d817822e1bbc7b930daf031d34f5d8c82a7566e2d000606c496bafd3fe338f654f6cc04e401b4a2a033e90572d884d43678a0685880204c275e7d1613a23302ee24269976cac52960b53739ffe7e6cfd64086b6ab438612548346e5d99a25af2e0cae003cd1b653581e71868e3a26674a6bca451c5b4f177930ebb70de9610178cf8073710032ac56b9507695af8f0a51e9744f8fa61dd45d011ceb8dc2e3e7fa82b65f1d6be32978af98bb6e004bdd948ad475ffe6564c594418d022cc463d8d66eadee6ad1d0141ac028bc2b96e0e689ef4dfe7ea6c8bd7ec6c38421a34ebb42d6ef89501a8057227fd5887e358beabff2d6c9f8442b3bc2d7e45e3af69de8cb4766517844e2da93f6e1ac75e1edf20c1274853555d648411ea420564a08dfe07e4552228e31c060fa8636e6921a2d232447d34cf6144f7cbc6e16eb591280624dabaab20592383e50abd58f7455535b5c02e5e0b1aedf8bc667a361f839413f4978bbcb15a6a2f1357b313618155bb99e224ef6eef5644573f6eb79144460a0c41c1b9b6d40fd13214763e3b23469ba3d354b9cf292104f3bf7ba17306628895e0b9b2a6031ead055ec8591917ba230947a9846fb779f3b47c11eef8fcd864cc7512c8fb10e144eb7febc0872fb031516881127f941bcc829db799ad1ede1afdda4b76d598b1a51c339b940d679784ce11655f47afa39eb477c2889a670b077778d7e2791190d9a08aee8974449a9ed5859331fac5081bd3d3c949d35b014e3ab558274080e37072f037715c3253dee4b21fed26b256eb2981732db58ea9af8554446fe3e4f5cadbbe15b9f87c29090d4da86e0d7f69e232ab9a1406b4e3d6add7a1ea25c44bc8e8ed3aca94ab063c6a63c48cc2b81e00ea1096964c57d64c889dc626a4118f8a2d5cb1463c657bbeaa749941d902fb6d4e482718713e126bc13c4a1f7ff98ad73c2dbe628842dda30f4c8cfc39b958a2f4ea37637fc946c6d209837b3ac31097643a0a4c156047432e12916d171389122fa28dd42289a87fb2c4da82442bead51df8336728b870c88f4c69f194aaf6b2c107c15e78f4621a3b2e2ed043702853366fe6c2d478fc96dcec78be39c66ad4f271acbad0b2d20188b36c414efc07b41e5f9683b7e2c39f431a9c4393cb57d0dcab3351a648e6804cdd4720952c257de8810856857339a9dcf2f4c9b297a1234921a2c523d708dd7f73642cbd3a29a9504c73f833e6d4a4fdf62bf64789495db22bf29e6a21aa0e20c085ed6fdfbe2ea84e7fffb8ee2a089005d29587e8085b500fcb66d8656ca0996420ba9bfc86e1770ba11f5ec673c72bf09a55396cf1463db663dee61c55d13a9a093d56a4e96cf9a7fd98e4d585e0a8f6f9f26b910768d7d2f19b905b6a5384efcb484126e4bb26a5e1c9f869254b52067eaaac6630dd94989aa66d8b4105a948ff10f5b358fb108a61da7632186c61e5b29d88bc63dccf475edfbfacdcc90befb574ce1b0a5654dd3134ea80e323690ac6ebd56ac98952d5f844a196fcc1798e9072dc44717303774040b93dcdb592b13c8ed039cadaf5aa0aa3be917bb022b4d56dda427042ad37aa1709bd75dd6313a45ff2c656fc7d1a96475334340f59561d6b762bf9bc4eea9c4fd1be008ec040adac9fc6cbe7af1c7b358e619eaf5dd575b67a7db2e41a66c8c3e2026e7aed41d32e3905deb88d1220a7d3419c209fccdabf1a8535da337781f889ec58c035ff26ccf675a4d37d903e4af0bb210d7d6f1d9e03fb1b35c588192d010c1a14c81d31a54b3d9333044dbe52070ad4e6889d25fda3363d6c0a53fa22e94b2e5052364539ca4d554ce648ede0a4bcf9ea76e561ed609954c816da93733f06ef0bdb9d5ccc87572d39f9e1b253bd930095e8448d0a17bf40e682853c21fd125f8c0de37f241dd3f7337bc5d5b8351b5708e4c18280fff88c0149dc6ddf1bba27589d9b720e33441763b35af27ac9dbbefe91cf54f35cf97a745c139e4e2917d37829f69ab037cefbd668823b4397b83f4c6b086143d8c543b369b77201a8c70b7ba2519e274d1ca0fc05bc2bec9aebdfeded526e906862ae2f05010a538ea8e59a17cac3224964e2e7052616ec1a34fb7880baec96acb4a34d21fc90f6381ac3b2135005a5860b566b4490eff2926dacb379e8d7cca2d11f0a3ea56c1c187ad2ffd723f25f6a957c7a236e31e13e3f1d68ea5c749cddb3ba4ff4e4e0d2b5299ca2e170d7cc7e68012b9b087624cea95a74fba7e69ef26c1253dedaaaaabce2df539b66ee3970479dd47e1c2caaac3e1708d50df375d876cf08bddca04beb4e87b9ed965e0b3d63d45c49a8bb2c8bf8843347530f40293e9a6b41e48fddfbacff280958bb2a5e2583cd4a545840e426d84d06ba6976f5a841ff4da8c3f480646dd1fda896317ca39f395e735b309324782d2f77bf796abe5e4e34b0d335aa0fc9430192b16156bf5f2b4a9b485e87c2b73ff13435394d422031d1a275e7aa1ac2bcb92d678c5c779c53699d311e58d7ca218788067f2239ef70d20d53d2f401e79af54c1711d2818aac1d5f4d405eb59b71ccb2e30de49f6fb0f2a466bbcd97ff526811286a11828637e0332ed18ed6361a11ff0edac7999dc6b4b4367731e8be22922c4c31dc869f17a19d2cb1b591c967f0c1649270adb4a728793e15f5da8f6a3f1a46bec32dc2b550abbc4408e538fe9e4e83bfa4912beb37dd1bfa327b0360d1a41f97985777934cf3384d70fb42e76d9662d2e99e0b05528675555244b2e63086df8649ecdbbcc42361f810d86d51928029962909a5e915cb5276ebba7c16c8a286f3bd822111a9262a9c11680e5b1255850e5ad134bb3fe8e972765a3ae1358be46d08491889b30de60d9fe9662ec41a714052a02a050bdc9edae663526c7226b0539cc335f52dfdf9eebdd4efd5ec63dc7f7380b08fad27b2dbe84450b23b8fd42c72c78775d6099180efc9107f0d55a7d41eb5d0a834702966eb51884a6a17a494e61e05e157a3a7c8e5dd9c380b6af9ee02fb91debc0eba452b8790a18ae320cf27ec28d8165a5a7d5512437ac7b3b724717d7db799307e726da5871a6e751b0227a6bdc6f3ad02eaa48cf0fe07b7431203abaa566ef79ef5304f4fdd4e5cd0d31a86738a227e3022946a4d87f324fbb7fc19f49899646f4d4798915be8f18b66f9fe66ee91d0f7de6f6feec369d7e3b03158ee62f638042649109117b3cd7fe433de9e7e0f9828ce984ea8419b9e02da154a486632760267720dba64d75b4bede4f1d98879660d32ff5f9082e4329f1b11fa1169a50033a3fe8617f0679ec4333fd2acfa2af686399ea08341e671c9226f93f959184cf03b9bb285c9ad74e1044cba083a45668f823eb67210d27096c7ced68fd7eeaa769bc9cd789185227bcb6f8da8ae3d094e18fac7f85c536ef1046e979c1b7c7c1628145465ab8bef1dc9a7f8b55deac7010c48a4bf99197c50e39bc56d717b292533d363af822b54e81f98a2c24bf39aa85387f9b73f9eb3ee4081ce2e9b03609426fd23d58ca23ae2bfe5bfce454455a97833809630aa6cb02ff824e99dccadcb2a5a72d0bf67896e7b07a9ec3b562f8675228bf8ffad15a069823fe4f10585ed7a124b34d8c87b254cc6f1070d8a936f123fdf5f4de401f174f789dbee54ccddf9ed7b7658246a265d9e320cbb90d09d450c0ce12a46edac1f04738dece31468fc94d982b9cdcbded16b871cac66fe59902401e149e31eb433a476c01316e44176e59023e53683c3338a03cbbcd5e8993370b8a364f562a2ef4c201c56d6efe4375c4b7934ec279a63ccf60d73240efd05f125d4730033c43c7e77a0e9ce142eed5dd1ee29b0be113601a1a7c41522f20b11709bbbec2543eb1b2a807e59addfd4db179b4223bf82162da9a644f55ddee939409d9c3f595f543c62776775c2c7161dba9a04a5c56ed8d5b6eadd4ace9870b74a71d877ab9b7226b2ff5a32f525b6c57169465b7ee8baf0f5c9066f36a882e560d328fdc4322165bb8aa071f9e1b6abd13b483e6f67ea725e786dbf4baa4c69db3fe030071b58b58c9503f394f6e6569e2395f8c5d1e0fea2f29d850ce3014b3c1a1e58cfa5f41bb3ee4e236965cc9edf65b9a42e0c98257dff3979241640d576120718d69ed52e9c6d71bc098b97ba88a90b03b995e1c1f91b474c5d2883d7e08c5fa5b54a09f6c54f25bf154998b876ee81e7e23710f687b1e54f5d966ca4d0e2c19a4785df0d9078956e8cbebcd8890120de68f1b378c3d8be88a8c6da9cd374eeb014c4f1adc9c523c10b86f33e9fec298c5d22064cf1bf622f77ce10bbdc53b481f6a80a9e4228650770016cd366cc9d2c5fca3415e9fdf3f5db49acb07cb107f94abe6a891f90cd67045ca5a5baec7562df8317e13300cef51a7214374101e5b4ef9f600e5cfb441b8b7504be399ba6699f822201a2c7ec33790918724e9dd1aa982f541fe293f7237286f54c8015e2997d1c6ce522c078e2937ca5acfe2d4aba95a30422016c5305571d03bb4bce36723f333c083b57fd425a4e98a39cb2eff8afd999554fe5ff5cb559bd5c5a995a2b8487b5911372b62419a66e9a9ac0d2a09c16db87b79ac8ca91d37cfcc7b619445e7a0fe2d94c4e7e08c02f757cedf78280573dd4941aaead6ddf2325150861164a7890e7ba3de932bf1177181212ed5c5099a17decdb8d765d652ce2aa060472922daaab45073e88fa7b12dc6e22b9c2704be55e966757a1d5b024c44bbfd4c77c60eb133063862b45ee95e543562ccfc234bf79589b7690bd318fcfd146a7aa23c87516f9394613b3fb2c4e301112510511a9d401fdfae15830ce89db95f84f93522049e8e9032dcbf56b5620a812a6cb9f81276fc33272c44a2776e7466bb9228016629b6e2c9fb0a386dffa2cff3e8d97e9c99d3e4b923841a436c731aab5ca8fd73c48ed6a0b3fb7a5f97678f12ad179a3697f61961f8ae6444e00546401"}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0x5b, 0x1, "099f7ab71e87f0b117621837f0dc670bd6f0b703b275ad1760546f5637e0fdff7b58caee0793f9cf946190282fd22beb0dca09fdc46ba04bf7713a3a24db76ca47b6549bde8f0021b424c3a93654f0ff67b04cf838396f"}, @NFTA_DATA_VALUE={0xdd, 0x1, "542592b1392c35d26ce289f2c880b139bacaee5fceec6b2386c79d522e66b83f5f40b6141fce931bcd3e721c3a2692d2f4f2d62a05e04b3be38f430efddc3fdab550088a709a2543950bf22ae380b5273eb84de4d8816977ccfa5a58838f725de089b715b562c07aa1959fc1b0988c908a71c59c51b3f2d498dc43e41eafbacf3f10dd913504250e59116f463d5fc62af843299c2f92427b4a0ffaa4b1583dc6dbf66b0ae48cf5c146410e231f3be4034d8c63a5a243176a0d7fa08ab1b8681cef381c65934c119d0da0329e15e582c8ed0516a5eaf365afd9"}]}, @NFTA_SET_ELEM_KEY_END={0x13c, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0x82, 0x1, "8a762cd089d5118178f2f858c3e5025ddf8ad562009a50ba611b54c9f2c286e5a429513e47bfc8332293466d8cc73128538bb0977227f859cafdd9abbf7de73b3127fc3db5d490aebd0298bdfa2a95c7864ec92b0a0faa0ba3fa110ca360e196f62056dd7c6f65cd26e95cd9519dce767f73a853b01e761e23ce9a89aba4"}, @NFTA_DATA_VALUE={0x96, 0x1, "d18df39bb06a849a898b6bcaf56bdb8e88cde86f96046797a3d36ddbd2fd8b24cd2100dd0ec864ce895c6a0873c3a67988e703317bba13f3abf27ba60e91c48721c084cfa50de8d9224ee0c5a449d80a4814c34a3062ed005587fa77d40a8dc28a8f3771ab427e65e45f0d8ffcea39f3b913dae1cc22c97137d7e47e8d687bd6a083cd92326fb3a35e90c9631d052d4b577a"}]}, @NFTA_SET_ELEM_EXPR={0x4}, @NFTA_SET_ELEM_DATA={0x4}, @NFTA_SET_ELEM_EXPR={0x4}]}, {0x290, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_KEY_END={0x214, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x7}]}, @NFTA_DATA_VALUE={0x90, 0x1, "2e446cdfcbd977bcc94c8986d9e8ec5a085d82d51f6010ff0fd5d7fd578e7c6196cfd6b716711710f76d7243424df3dbf74c6d23cebad8132ac08e7d8c0d42aa4fe1f42d1d4583425cb50a2c71d335aa905b71523e28b75f457f3e99796394147d16583cada32558a768df1cbd4065658cadd8309c1c9bff7daf0a08a95d2888a9be8f2cb53dc90e7f922460"}, @NFTA_DATA_VALUE={0x67, 0x1, "195e3d1ce291f0b26e53b6f1ebf46e05601c9759d71b10db9cf946d76d48566c99a82c9578e04fc6f4533b79af0667ed31d4c63206d775cc7efa7e6ddd7372c8b92f3d52b21139f71e19be70e0b3d1a51e564dafde376e36ccd970b5134709884d3547"}, @NFTA_DATA_VALUE={0xd2, 0x1, "7aa3ade7ae96bb20609ce712911ceadc14275dc544e0baf50351f3d1d187c626354556d0278c2f59bf8bf4f0bebd126d94f8812443e8e59901c1251b23b3f27f7fe7a22e8ad218a24ba03e1fa639141c68ce2adcb929c38947dd3cbca2652a4f93d815c6725dd25f0323cc1c5210b004d82305cf5f0ae8f1e6c47a8b95eeacd077c091ad41388a38fcfdbd1c780d4613d99205c830fb6d6408b59c41fb8a39a6170b81c8d4518127a17ffea0b136fe9a487605d2b199b8de6a65ac1c214b73c99c4fcdd2e51c61f95c32bccdea8c"}]}, @NFTA_SET_ELEM_USERDATA={0x55, 0x6, 0x1, 0x0, "26248eda0de7a39796ef3255525c00da4490cfc01f4443a9aac2784f3943d0d6d369aec835081bff5fb40d9ba6eb95a017d60cf54d67432bc35a24936fe9ec05d37933dd766f26cfa65154de1004373d43"}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}]}, {0x2384, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0x294, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0xc2, 0x1, "3da6e2ab22bbbc2c9b673c1f509c65a26ae0af95c159f46dcb95fe37763be0aeb3fceab60afe95a2542154f986eeeeb0287cc470cecfe0a87e6433cc2c27e8ae5b679f66652ee09f0758dc8a830261f012c5b36da58ea6ad07b6d6d147389cc49fe6d5b01811f09a824e39de9eb0956617ea402c582fc2d366c9365ee630759714ac0b194fc7f1f48b0d8a04c48a2a8f86ddb5335e92f4919679cebb4b99979beeb75f222ffd927edb6257e98c79c7f7253c609842bf1a3981acb15110f6"}, @NFTA_DATA_VALUE={0x48, 0x1, "a84931f36ac285e346e4b8f9a58c7be3fc582f48436c85d69d2d387ffed3d399d6d61dd99aac39b5eb3ca4c925bf325282ccf06d80bdb775a0b9bba6bd949c2e6fa43869"}, @NFTA_DATA_VALUE={0x6f, 0x1, "5e172ef2b92ab4aa09f173381d7179a16ae04517c75d2c7c7a550ab2a88f546118f5d610c22f96c4f398f447f326804d1423f67f4decfcfe289f347354f2893e957da6dd8be34f4ac8e1612d73ff3e7582e0d7b5f43e3fbe31f14d45d57c0b5b550492c9c38ed9db9a3877"}, @NFTA_DATA_VALUE={0x103, 0x1, "293e2db0b38a2b8fc6f732e6896e97344dbb197b6a2338b9d7b905991ff3705ba24f188bf66ce8cbf08f539647c891ac712df480901e9d629b3478a35274c620df03a70534eac3e6bbb97f4d62880e91f973668715dd60279c5817dfa72eb9ad5548735f60ff5d518c7b00396f62307392b79859129d28fc416775b9205983d394fc7a128e525d11813c40ddfcb949637d1e0ccde0ff4677a1170818739559cb1324ca98a5c055c1dffe688684b5a564c405d887b0493250f488e72918b623086949b420c666d4075e9e58aeb5c20d4b38e0711d4c060ff15c2c765e8984c7fdd2248988ad9e0b7664499e4cc49ca317ecc0874ab598342bfc874c7d4cb8ec"}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_KEY_END={0x2078, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x2f, 0x1, "fe12b057458fb45a80e19803d8c03095901c2254616e67038530851296d2a76625dd8065554c5802a498a1"}, @NFTA_DATA_VERDICT={0x3c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}, @NFTA_DATA_VALUE={0x1004, 0x1, "bb8408facb614a17ba890f30a6d8a3bf5e469a217bf9d15c13544d6d96922dee92edf26a47c432825076293039e2649dec5e574e52709fa0ad95fdf09d044b843e24b2ed256398d9725e87670beaa0c29d14555aed2d297c07a2935741881c55ce4e6e7db409cc7c9f8cf13e79323e96f0b7f5e3de2cc5ddb43d58a7fdea9c670fc66607845c0487e57732128a36af30dcd1aed0e1e019c3ad1691800872374cf339dede566fa8f2f09a7eab090881801d885145d5ec6d403dcf2b61e53aeea495ce91a43438235b42c5efb604e4177de33038d569e8161b907e733b46afa4f4499b0a02326a657af75e89f3738e7f6b784ccac74b61be21e8a40f95a60eb843030e138efc984cbdf413a5bee57e3c9b908415b56bf856caa7d92771cbda504711d20cbb007fa1d690fd1734294f127a511afc8464ba2bb9972ed650cc92f943451b1804a39ae4ff01adf34f7c190584f3a154257fdcfbf2eb0f8683a8735f5ae3f69828efe9a83b0a59ffa4d87dc8f9518798d2fbd3159a5c9ed369e0903b570a8610c0f603f65e8375921987fc5223ecc46ccbcc89358c382fa98207131ed84892f5b73a2b95398a13ea99dea6cbe501b5472a1737e0c53ff6aa7007367edf09a24f4e18f975f6eedcdba2c52fd83b683171a991f5c06e10dafa1ab38b3095c99b1d42df6b6696e81deef12b9f7c5d8613ce842bd86e03fa7ac85e019fb97e7e29a4105700bc3f0281a8e756d6a34860256375fc639cd2ee79263b908ce5617910e96b02c3fafb6248e75e56b548a78914dc38f3cac37535f5aaae81ae3fefaee418a2290b39ab9074fd2c03767515e778746138d6988cbcf4a1e2378263c008fc9b1f87c9f4b67cfb3f2d5c4c32bea07e171321c046bc8f58c69537066c5ae744f2df962d55661086ce0d4c452e27b561d4623196a3a3f38065301ed28091489fb2912e6462a7eabf96b56da8d5bbec9dede2e564a79cdc1d6a2b21fafc99347032fb33e3b38052313523a346cd6f96ff852e7aded72a334784d98c6297e801cf38f506957ca5e543ed845162bb0c66786cfe23f82e13ac7a9df66362ec6f9664f225f4d3ca5e9e7826d266831fd606cf6e79fcc441f90e2ee28d21457b3816f2ca97ae1fbede98dd302a20a809c892b1e6535318df8b7ad6842e0efaa9914293160ea35945bbd3bfe81e3c011ab83c79ac6304e82c224f9f0aa43abbba7824fb0671fa85938c9f62b28661731ef3451eb20718de949b8fa36d0b08ac944491ac391792c297d6baa78cf0e54980be75e3c9579ac1e7ed95e6d69ba046897442ce6678fd1595a450e7d0e14a235774339cc5326e2a564eb771433e29cd02b9b184c6ddcc8d9fb1f6dcc143a9eaf44e20cd422ece497e101e259a16b4de9dd7f5a7bf7b31703c5a9fc6600bd5df8684ac6e9b047f3b21b5d48fc5f4986f3a049f5b2fa729b832b82696147c9c2e47ee24de8f095cd4980a5548e92d08e4622879561d877371ba30d6ead0a8bdfa80e36a889b5b8c6e8dcfb992f8e3b6503dd364aff4c5bfb9aec7a868c7b0ce8a572fa4101742e6115c3f369b1deabdf57f99e1e0890363c0272fa3f787617bde041b9e877002d496588206c59e431346d597042f89b4cb13d9f6e47602c3c050541d586de52ce25637cccb64550e9e24392fa28d86f262d46c78619213da12155b70edb72f9f4e95a25199f2c90864ade46071cfbc4cfc62e0d249f69f9f8b5c8ba337c998e79e124a2f09bd72f9491544db9213add85b24b08e96ec32e65be3065339c909f011d51430db04f77fdd5670ce235f00ca68e2e20c746a44329c6e2a27a28c3e150bd0540ed691c2367799c87c5e57dac2ed1054ea3b8b6c8c74d553f928ff8498654a9cee775ac35c0a54e282b3a27ea1f109137312a6174946725da44cd1ae17beedcd5b42465e2b12bafaee9497350b16b170fbb85c6e836dddcc8668505a85c8a4ba365d8685a9a6f6171a0d691f1e219375f05f37f0beeb1d0f6748eb83ddcdaa9f53cc69a510be6ae196b16f7c898527110b8cb483920fb9dc75a84ff08adb8ff6bc176c364d95cd8e806bf3282925e22241b34b792a7b82a1297e23d6d52a90fe7075b602a74c1fa01d5070e12aa935e904d796ad5742cad3babe5b6a479a431245756d88d22de45748219f420706a7796417abe642a235caa46be8916ef4bf309a7db7a96eff9f27dcac68690aa2ab824bea98d46b206be7e949a085a80b6b207310d6a1206a12ac49a0e77bb608a2a53bb5d765993b90d98ff04fa7fddd13bee702d89ab0b98176fd007c78d8cff0a6f3f156c2fb5a5aa81fcc23a091e0afbbc644a18a7668d00546dd86d7cef783d590202d2f43a327da81a3a9c4ac8caf622e83581ba60f29f073173cb142977c7147bb9419739b169986a7c9b1629be26647a6a99e41888e52be563153544a03be9ab39ecdb12c99e82d08dbf6fdc07d642807518e8c715119a65908d8a1e80487e3e7787ac2f7a03df88b369dc380e102b5692da44b7b7bf97647454ecc1b07bb73d788479ae888554400513f909da8f81357e1b34aef87953b7327358dd1d5927a901c5735ca8b435ea6444f071decdb8c085c911d81654679fcf779e1cdbbf9b76043bdfd037065e513aad78d8b1cd28040ad5743efac5ffceef01910dfc01f3352470b371ee4a8188a3f9184a924ff7c85b48c399422d60777a6e58ea13599f651b02dfe4bbcca2e45611e3d1993724ceae48a399886a98d24214bb6b59f2275d49ba261186cce3d44c6546f2f64d7b48e1abf2c2d95052e1ddcd5c7140bdd1fa4142c0c1e5415bb0eb1b71bf9053a1c21394873a743b4f59627f91890366ec460f80f7aa980b96291dce5a54b8757544c8c88392cd837ee6707bf22ea92ec8e69ecbfb30558f0a2c537cf2a5c12c3d3e00ed5dd687709c038297a6472bfeaac5ed00c2fcc90b1135f49fd5f1ed046083192c4a4546aa993cf876ff93d06f0b222b5b4d3e8551f05d5663e1424df016e25e816eae25bb9878555b2de340481ea2b26eff978ba50cae47f5f0ecf105a9debfbb50bd645c05580f44a342f2b6fea14591fada57c0b20a8fc4ff1f9c2a9aaccf2d19810f8056b15c01727dfbece2824507ec5ca711599dccc1e28c97487254d6f4b5be28f6aceb9bd9e2360d658c90b50161a86d6b5d151be6eb576cfd122c02e8b94dc249af241e67fae9fce955b49507cec9a81c5579e5bd486c7f365f21c7b9e1fa49af4d09f431e7d22bdcf13e866ff244fc65fdeb7196a5a0551da9338082e4742581647d3198c1a2e1aac7772adbf017750a5119c2e263ae2d7e8f2fded5d7e80e6370a1c38ebe563a5b32d80ab55bb45916334c96c4bf0db40bb5adfc701304ee1cc664a24335a1be053d8f66c83fe7237a0b9d8c4e54f862c17d9ccdf70de810ef6c3f2190d30e4618aebba42307f9619a46699d0fc67210ab87746a677a012ecf6071721de1dadf37a09ed89f0d40876de1816ed4da343b23e0ed57b946d71296d048af6dcfee8e9a7d96c58a66a3f8ba7f40e4a4147485f52dd7d978aaa3c5dde2c78374c10eb10c623d2ee2cd750a752e05460239941111a8040d38a1472440fea78e9118926ea693a8dbfdcb78b72d73997f3b24ee1f9715d2da8922dba54f47cba8ce17e65e2707ea864144d9c571325f88a34851f6836cdb1ba2167452b463b399646b671509b48ea0d6806fe3948c9e702de366dbbf900b908e481947c7fcb3c898f3582c8cf25469e7a06883f83929e1a4f906ddfb333e7cc49eb767cf7d8e35329580f70d876a9d80e3d6f3221560def792b012a69bb7e7ee785ea40ad73ee09ca3a6e12bcdb2dfb795ff631f2cb6e563503fdae629ff10374d22fc2fe646dc8cb81a7c59c6935c4750c28c2f45283e905ac0f438792d521637daf00e028e8587e7173b74967379d453026487e8628c82946d294bb9316a3863dcf551268a06c87025710393ed0be99548588ddecb69712dbfead0fb6a9d91abf46f64190f73517132539c37dae43c219036f26463b2942574e370431ac33f9f171364a540b7838d453b5c4801d2da6bce80a82e5970d1c0eaad643b8c3892c0ca1f30ae70c067f00f43dcee267b82c3447f35a37e4a7e394875c5b072e75e6bd5e9f8657ab2a347daa195725e1a6cec03c1b8d9407098e0b2ff763d66407568f23a73d3e8ef8d4ddd0b557ea67d33a2c174d7477e039f9a57a296c9ca22e2bc841c2983df0a2b151e35087590c7402e709d07cd629531751aebf9e6848a5a3f61a1f86e66c911ae90e992e42d506a1fa9754677af9e4bfa07c2b2f900dae3d571c1d5096a707e5d73a4d9ea81d06788fb3ae6e2855ee0fcbb4951f0fba642c0a7ef38c68e29396fbc5a5877c0f5043594aeeea4fdb387d5f727816401539eeff76e19b9f7e87392d68155bd71fd90a4a99c4179eb52e117ae66e350454a7421800f8f4fbcfa99742f81310d077a040b87f782ca1dbbf5561f9669bfc8bf9e6e6893c7015c3c5254977f8db046c42c2821572c47fe2e0af54e6e1e708df020e13ec8257c62a4dc0ff5cca404de4cd0e55c86c7024406c2f4299cab511f24b55cea89718b1006f6f7c6d4a4fb23a1d35b407c55436573f321f3096846e265560796301a85f2a52ac26c28736484157e313293c7593d5e6bc1b137855adc1bc8b8b3a45c75583c31e2db239065c8b870e34890fe8bfeddd0ae2859cec8fac91d8a851b112dcf02070b79151ff54d32f7154cc72451051e83fa53e4d375d9e73cdf35a2a17d3a75aaaf017bcdf4ddd5a6a1547f467c467a8ce0bc223a9717aa616da9fab2cb70b3c31698a1fac06c2edfcc8a0dee4ab93e18495f008cab9aa915f87aec00924d7f2d27a9abde3493f4d12e956af83ab3e051d74817b298738653434b95fc7d0f81bb40309aa61053686bef71e6f67eed4465b6ad59f8303d711daaf48d3537c2bc06c247f67ad1cca1f809dc203cefd58e303f6d9c9517d2821da93538e1cff618cbcdd3887bc6515f4169c94f095af68b85edb1e265d9b4f98e607ba667b038caac48dd06b62bc80fbe8a3d9afbca88f7d6899571ed5a98bb64f50f6224cd9619e2eee330df6f804af78e278ce883b3008721e772fba48fa77268c735258b2a16bd14e3f6d8f0d633f6e6547c1a410b767fa261c474cedfc1bb18632978a0fcb4c7f085861ccc778f335c9880ed482a61a08e5feaa2f676aeef87bbb2c46c73e29dc4a3a7784da0aedeba9769910e55c545145f2b1fdf8832e4d89cbf14f01337833858adc53496043afcdf9d0fe7cff0a959a713eaeb5ac789ebfef136b36976b89537ee670faa418ca592875752f3b8021668a1a643816b00609d9321991c27e2d7aeeb4cdbec0eba3ef05180effdf11e0a3be208f9c682308031fecb7bffd28b8bba65e7442695eedaf732a8bbc6fbcec5d58867c5508d6ca913af261bd17fef9d6e3a6d110c6c06a57154b59a31894bd5f84b77b1c4e6528dce3202db28edc2f35a5ae78fba0dd8a4fc9e8e62d985d87e5c6941a50c9efcba9aa0f1628d4d694ac6022a3d8740b4f3b961b5777edd62f04a545f07959509b877b9beac5a316d29937fefe0396dc42c5ee013d97af7ecf1a9772d4224ed7e145d48d6cb73f07446901d2ffdb52ed43957e33b5b6a90283f6a9344dcef0771d4f79268809b9307320ba1e4470a3a9403f9dd4befe181c00795c49a01a8b03a0781a31994c210efabc236e64a386299a5cb95dde5796e0f3aef6183c0523f5205c4fcde807"}, @NFTA_DATA_VALUE={0x1004, 0x1, "25c622271a277286da8c0658938d5a29624b53430d3682c7a6b67cdce06cc505a3467488738c9408efb9a01bf4d29f3524f931a154bee5324aba30d572f6e6411d90116501bdcd79d0966becb84d5b0349c89386e445b645ec73d85ceb585029509b4cb292a45966b7a6a53d70ecca35cb2f8fc45b465de2f4b9161bc462119b3df528d233135604d61acd153549c9f147f87abc69b61847b3de0381cc0e8826803861bc3d2807799e241f3a2e60b04dbffcf70474752c09438103280adc5776fbc6c12641a65e4da82e24c11572cae985af5e9b25fc6ce49bfc28f4663bf0e023aa0877ad16122a16f6a07353ed6e2166e8d1d3b3654e085e12cfc9667d8a49629d48d3c3192c4e49e711b02e8628fbd6d23ec0e6093addbd72f78fac1274cb2407631d9c36acf8f6e2379d426b87293eb9f67b914dbfad99b237ce96e3876df4e5e4d49159d7f4312acb1178311676dd86b4196821a98439cdbf23a85faccf45b2268135586f41015b2fc4b943decc7e59711644cc96ba23cea49e1354939b4592effa1b7191b6860c4dd47b491a8db88c5a50ae173483b765f7fc4bdbf741ede7d6050c339ffe754b3c8b6693a2a27749272c66e7371ea173fbb4e68e835426340746400a9084813057322db02247ef55165caebc4148124b45f65a4c71c9ec1c8ca16014fda97c4b7af70ffdaec5027282eabd82a47ee256fee5dc54bf6dfcb9d61468319904bf081453c00fb1d817521466233c40b558021885d0e8a56d6c797b7f0084def9dbd58ef808085b14e6af0a0396b667464417f0315a66d9ecccc4e390d84baa9e0530922a7c8cfbc37318da0531e026bffb4cbde0fbc5513b3cffadce41daa784103f2653b102890f1b99f634b7b81f16f87d3710307f498113f3e1e5a3d8d48573c4e99971b389b795773343b800a3dc71b6e2c0cb618a381ec9f15c0d7b90041a2252af4aa6df410a816dbb4ac2788b724da827e3b7bcf33dc3fcb9d1bf4eeec447b06ba0b1c44f83b5f8638d9eec853d984c1b953f4b603d17274a6f04c11863e0617b40233eb8c167d8f658785bb1877fcd470597242efd642ebf12c4fb43a301902c458ca27f69f3be4a8a953adc85c2311f301786ad9ed978550d818ae9e37cc32df79bd22b1dcb15a17c6c6879f504caf533f9e97fbeee27b81aa8e07e3de58a431fc88740d49e9896f6265309b0d5f9f8a807d65d60bceb9d1e5d2e70a70cfcec6624c1280d7bc094d87cb765f608cfd36525cead167eb6926a64b116f92f1b7a7cb8a8873b096f733362866e38ab92807cf9207e9d7a4bc49d8ff5d5063cc85af1e1d867bed2e3597db700cad2d946fa0ff77625f43102a313ba0479e7a212616bc2833a4dafd94086687972bd68e6c4bf344d0ae172af13d41e5573928a6cc764b0cd04ec9767d661a387787d5bddac5638652b9f986ce529f777d0fcc30b33daa83a9b78259095a64ae29db69eb576bbc9e0c8b3713aff541b19bc0dddf55fcf525f7502b53526124eca9c3529731e7a6964bf47a96d76b57916e4c570fbdaf3e2beebf140d8e43abf27c3d53bca6798de3684faaab301c78f2a1212c429ba0859dfeeb074220ed95e128772bf92cdd50c912ea189fac019b675933b8500d7dcc139b45d21824c49d2aaf52de96175e056a4754c1f9a47bfdd008c9ecad60f0c78bc9396777f7ca5c44ff021c41dc320421d15666ca12433253b1109f92cf8fc980691beea65ba5c33d1fdf71fb242e0b544972e2e957d195aeded37a701587749ece28114b5681478fac62a744a3829eee8eccdddf47551f2a8a29bcf0b2753367970ac0d54b7a7a283e91ea5ebeeeb969b775f74de6254f539a6e5670a56288018647eacd4c79d41a0565459f88a9f1bb29c8c29ffa52ad3672d7c96a4b442b921262620a0c5ee102b9e6493b700711710bc4f2000eba83602cbc4656810f33a5da078b9f53e96026cb0d543e35ad18f067ec728ca30906347f60436ed8968a737aff9b72b762d82306b97057a34d0c540f8a284d99df52a51e7dab82d803e68977913e4b5906d13e7b16298c37e16e3d61d4f81159edad334f7fd1db083e7e26a2b9026017aa0eb8a3119d8cd911dca451d10757dd01e0d49ca2d12992ffb893d7fa09da2c8dfa0c92699ca277e5198c7895dccd853f8094d0103f2cf3c190156a7beb036712c52bc7b7be2c91a1fc95b6da1aeb16872ab1c6a8b300657b06ed1e82739b564cace67f60fcb2bc98a758afad62dc0a9e6f2b532e1c1215d3b6c1f9f34f4006048b24ce5885a43fbeca8e4c1bf9305c9bd66e1286270c691a8acb388e1e0b5a7358bd3b8697adc24d9d4021111b2b84a59b0be798dcaa3b3ad30040933fc4fdc7f5a007c20785568f2cd667e58662de0f04367f6db93df6d168fb132397b69135c1ded2623a51fc55f74ec9123c7e57d209826f9768c52ccd8f5d186927290eefded5ba7b78fea858f79100cb48be61a30167fc5b71ab0a953577fa33e93c2c6a3c90377b48e887a859ffe899e3ae461a5e02d67f070d934f60e2c5d00dc497d1747f96ec520b5f07e3716bc1460d56a966863c675a7dac6b2255b195807690e9b43a913893e73e70cf505ff17bcb6cfbfb8bc9e9d1023a31377580b0e8c96d421e1b9dfa72cf94a4b2458ec7c28695252f154e7b493829731651891cf134bad6c404fffcd4d5eb128442313fdc0430a9c6e32b91f73d104a4f23881bee67a558bfa0713d3855542ce5fcc903233a27aafe6877d13c52c972114f38d9ff82b1cf11ce1cc8993935185274b0152396712495ee8b28b8cb51300bd14654a18057c808c49fb3c59e6235bdf7499af5ca2205244e45fdda419532cc7290ac4df02149c618117cb314f816f934f22271730b7f1f4b0dd30e20fc7e21c18126e54cb52758c928fffb4efef17cc2b7cdf157a24514b3ff78c75a49dd2e962a7e316da7656219a7d9f4239f891f8426b8ed5d7871ce50ed626236d6e714974a69dba84966f89de5568c58f743bda00b5d8e7e08ede6ee2bdd17668134ca2cb179db39996a40f6dd0ca7eaea1618dd3b93f817bbd5988abdb30d4a50f20f92d4b4cb3250dd8036541844b3d5c7a2eec0faf7e906148412ce9d4f4e390aeedfe00853294eb2dfbcb10d757c0183f05d6b320a4c2e982d344433c50253cfd38b02de108e09d9d1d17522d68b08fe803cf261802625f2d3e05d6c6df0c93535fe8a896fe38217a53c104d7320d0c2093458170f1c0f35704575daaaa9e661020c6889d912a8dd5df1bd48250a86f3bcfae3cda54d1ebeb9b86081b5281c7e5e953bdef6f047712acf3f68676fb3417e3f61732ca310b8cd6e651984fec8c4f109b80fe509c7b501f5dc365af9df20e6fd313e1811c2a779cf0cfc541f98583683800912265f7d6d8dda7de8766e74a635fe078721e30fe08d5e278a44560c7bca62bc0a9901701029c3519a3bbb10426f945070382e5c594a20352a8ee50d3d23afb9c4552b1430220d316cd3e2fb407d97b28ee84e7dc82e380a459eef27e5896a5c66b512f29d2d311919a024d81214baeed24127c0bcfd637c6fe6d548121848d0d9358ee593452d85c1b22dbf320f01bdb3878e80802d1d5c903ca2e211420e47a9c0db10f38d0e1f03efc238d5c2219c205a374ebbe91a7603864a82d5034f955dfd051773496c3620275dca75982021a919057bcf60cd09ba0ca28fb40edbaf734dece6d0deeb182e7d05b209f32c3982f088d7001fd8da57576800f26824267add491b7092cf084b5311152aee517160c46b74316cf691d822539d0ad0a42f653e8745198867424b19cd6590a2835019830acfd10d8c35887122dfb79cd96ff8c99f26ea4ea0ac8e11d2a2ad38712e37cd4312026bff24a7fe08ad1801f772fc28529f64a52aefe52fb507f5212d6274229aab8d5ad03e536aa2347af6c98611232ea8071115b82035be7836e30330c9df4a130851e26cc3facd1c8f221754e7023a6e4d312a82d8a1c0a34f7c741893d858f85537c0c31157bfa5c3d8a0321a2a241920310bf0f11c74cabfc764cfbb73efe907d0a5ca36f95c93c9002190153b30aaa7efbe303a8acebbb41c25eabb82735d2c56a985c214ee17ce627d055c3bcde6c8bd580de4de4b24fbd635c963998bf2c3d124842057d16faa56cd4871b845864360c56e018b73d1dc7c53c0d275f744b38e91ec3113eece7f58b26869d1381cc5ad33d73f679209cce8daf181cb6118f5e74af4cc266a09263d419344874ab09fdcd9d79b1662bed306197e94df38331cb2cca5243b3c20c267ed27fb75a2bad550ac6a6a1e7af4940f4749ce4f7f87f2274630370532eb9bd69cd795f4f38a3505934f40b6e61d8a26d4a64d3570028c853b7021b7c9b62cb9d8eacdb6daf6158650da73362fd1ba8eb7728341fad11693ad6bd7c66486d2f8a83df54a69733e2566777c54a89ea2dabdd517a3cbb0c7b54c5e6ced6cd00dc263dfab96a366ea2a65ad75944db3e9e00ead5f837a89cfe3336b842f6110384b6b83c678a10f4c200744ab7e224707da887661772414f7007a7f6aa40b37d0b81bd71ebf5cc8239ea6c06946d5f8b1ab923568f2a8382c9e879b2ea7689461f10f45cedad6d1abb4ff8647dd3b94e777aeb267b00b7c1d867eb209eea37d9f87358ead1c2441cb740517cef1a0dcc345b7f6bb063573b8518634eb8cee32917d7f40036d6669c692c3c44209b7e0241d04c4a4d906f5e6242a3b3d5963fe1f7199c0ce9fc4e4a7a765209fd6bfced74a1c4d1d68625840f5b4b435157a9ac88414d8a5b1e9f1f22c4bdda1964e9b69e639621d4f5d61d510923a62496137b0ba2fa4e7520218f1f24814f03d80ac5c81daf7b8049ef8aebaed8705253a119c8a2218c7839c9abacbd4247808ea10e79d0b2707b651b8eff1fa3e3e0811fb47297a9da19211dbf4a530b50a395fcf440692c759821c892ecd2468d5476e946b3eb0ee6126d970f584ac6c7969cc646aa7ba72ef5addaab2c0491fde294ce5ebb4c0106abd465eece2e4703d8db08fe9e34808049460d7d05d60462badb0202575be21c7e312fb20fc28c59c7d96bb2b6c6f011b74765c5111979ffabc12de2d75b0495bef9996d2c00bc541a008470438f03eaff6d2e1a7745c996bcc078226c47217b2b01337b8ed602ec2b01a1eaa1fddd3182539ec19385c82d2e481da7206bdcf5700c98277786fd2f15856fb5e95607cda57548e9e3d6279dcc9f3bd56256ca8be82fab47f0f8550cd24f6f490540cb55ac254a33e6837bbfadc8fcd198fdb007171298fee56697692e696b4c6050e82317d52e99130f3ad9267195d81b7e64e6dfcf906a3947a9a0d130b488469dc0071eba0995428e0308bda89f4afd62b80eb906a19caba14e49e006044b0742b21879ec23d5f57625f1448b59137f5ba66c7616c8476771dd98cf1a661cbc7bb1714702b3f99a887576d051208bc3ab23ddbe24622114097ef7d26410a55cc282809576ba71d417205b3f52d97ce39b79d4ac4489e65ac8c1b8b0ca8dad7debb2d2df823cb893f224bbbb0f2ab8c296fd1307e8f007eed0cae8c9ad4a5f776cb62986df6afb6a1b39d2c5556767cf8662f0c9f4c0c36035e02508c88cb0772627a0110eb3baa23b3ca7637cfcf78a52cb26744c456df7a35e9423977f9a342f1e84fced30ea07080cbbff41e477ef5a9e5e4338654dbe955e3eb131365ef5caf9e42fce5a7b1811b7fcf373497d2b682a3840e766b65285d683975eb7191bafd2"}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_DATA={0x44, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_EXPR={0x4}]}, {0x480, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_KEY={0xf8, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x7f, 0x1, "204bec9427c1e17fb2a7b45a6dad012068cf75aaf68f21bb7b0174231f4d96fb267054d349c5aaf6d270625df70e37082acb9ce581eaf9f899a152a144894290a52768a904679df468844d79120ed8f2bfd18cdc413e9f0610258e919515a870053722406ef7cecdf62744d38c224824e5322bdded0799b4c055e2"}, @NFTA_DATA_VALUE={0x72, 0x1, "1e8a4c62bc4fbdf6bdd65e8b1a4c3acd44844c932f4f17cbb6e9460cd3790653b8b398374b1cc8cbd434a26830bf7d64daec3b1d189b18e192b00e1ea8e1fcc24ed062c342a6b6c8d17f7ee773539a47690db4b3e0952cbf79921e2c357b3073efe76690ecca0ea476421977d05a"}]}, @NFTA_SET_ELEM_DATA={0xf4, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xd3, 0x1, "91dae30129019af7fa96facf8960bad14f33b708cfd4f0961b3db4b2848ca29066d9bc8ec20a9e5fa2d9ba9cebe43dfc97ebde9122ad1c81b0a6adc5a94570a71ca7e7de68ffc9e27c67732e68e4ab6b81d5defd1d34b461e377d3bd2934f27b8c366a1afca9bda89a3927a1b50cbc3aab6efc907fc3aad8fc77a7d6c65430e7f138944f827e040b3bf36a9d7fbfdc6067f1c794b885b1168106485a47a2891d3222a3f912ef9862681ccc2e647f3550b3d777f7da82130fb8f47dae3a76662a176d07b6ef55dca38c1e727b0e6612"}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}]}, @NFTA_SET_ELEM_FLAGS={0x8}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x7ff}, @NFTA_SET_ELEM_KEY_END={0x270, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0x92, 0x1, "4aad6a50924f67323ec815b8f8f725770c6134c2d669769ac72a46762f345837c8ecdc6e8f0a2a783d80a0f50a39b53cdbdba7d6f9e46b3b6578325291c9495c310e315dcbbc938ca534feab463d52cc98c49345e946cb58ac4aa1f1bcdd639518612f02ab7b0a245dad19bf866de64faf26d79745307cecd2c0253ea95a6b3474a4c4e148ec1f67e0b9364f27eb"}, @NFTA_DATA_VALUE={0x102, 0x1, "a48f50dbd487078079250b30cebcf5d99b94b40e2f113d0ba400fbff64ccb7609e8231d8931df616949bbbe4c7fbe838fa3a2cd34583683bf1323ed09b4e60131a0985635f36b2cbb3b7a143ba0f56a57c776494dd26d02ecaf69dcba02541fd97a1985e939a31b05d936aab7868f8d94734257c2757f9657b2f669433c1ef84c862aa66f84c279a4953c7facedcf30ea5d8927735be25dc71ffbdb8f1993b102698dafe68d49cdeaabcbe41de6c42819388a775d9c41a0b0c2db52d9a2da51c3b5cde41a827e4a4580ce6983c40e13b2cc7afca228fc60864eb45484184e205e0a8983fd9be90919343961b412bb20d015f2d25a97a5a5f664b1078f1ae"}, @NFTA_DATA_VERDICT={0x3c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}]}]}, {0xd8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0xa1, 0x6, 0x1, 0x0, "1c2a8fafaa6a56608c1427f031ca11df8883fee1c0a472c849ae5d062c88e2c69f742c449f643ac3913df26a7701c5d9d285d6117970486855e9e40a22647e4fb32975ada79987412adf3c0e87d8af5da892bcffda057e376ca28f1d09bde0dc9b7e83f3f97002b8a4a36276f56806f63cbc220d341df3720f0b20d6c07ab49aca488072f7e901acf26c9a929edbcdeb28afa84286230c1bee70651217"}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}]}, {0x168, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_EXPR={0x4}, @NFTA_SET_ELEM_KEY_END={0x150, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}, @NFTA_DATA_VALUE={0xe, 0x1, "5d6baccd6146823cf648"}, @NFTA_DATA_VERDICT={0x38, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0x70, 0x1, "7499060212c653992f21b88cd2ce11bc3ddf54967d41b8e754f60ab73bf5d2cf90482f90d070507636bb6ddf0aee4777a45415dbe21dd5ed16a072ce76505b6365813e2b8c0e26f0c0c989469a1709886931582930637851cfed7fa790361a97351b4477f5f97414a66f2d19"}, @NFTA_DATA_VERDICT={0x48, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}]}, @NFTA_SET_ELEM_EXPR={0x4}]}]}]}, @NFT_MSG_DELSET={0x5c, 0xb, 0xa, 0x301, 0x0, 0x0, {}, [@NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x8001}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @counter={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x7}]}}}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x4}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2d}]}], {0x14}}, 0x4ef4}, 0x1, 0x0, 0x0, 0x40c1}, 0x8) 17:19:14 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x2000000000000399, &(0x7f0000000000)=[{0x6, 0x0, 0x40, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) 17:19:14 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x20010}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:19:14 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 38) 17:19:14 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:19:14 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f00000003c0)) tkill(r0, 0x0) clone3(&(0x7f0000000280)={0x10000, &(0x7f0000000040), &(0x7f00000000c0), &(0x7f0000000100)=0x0, {0x27}, &(0x7f0000000140)=""/142, 0x8e, &(0x7f0000000200)=""/50, &(0x7f0000000240)=[r0, 0xffffffffffffffff, r0], 0x3}, 0x58) move_pages(r2, 0x5, &(0x7f0000000300)=[&(0x7f0000bff000/0x400000)=nil, &(0x7f0000dff000/0x3000)=nil, &(0x7f0000c76000/0x4000)=nil, &(0x7f0000ca5000/0x13000)=nil, &(0x7f0000c83000/0x2000)=nil], &(0x7f0000000340)=[0x8], &(0x7f0000000380)=[0x0, 0x0], 0x2) 17:19:14 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x20200}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:19:14 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000800)={0x0, 0xfffffffffffffffd, 0xae, 0x1, @buffer={0x0, 0x80, &(0x7f0000000600)=""/128}, &(0x7f0000000680)="45cb623b8a68fefe2a818ce79415f572e24da1fb6b07f60c7ca69cea1334a04a3ab3c3c2e32527060c73b9b2516d9d01788332856a38e8ff45d54677b482c7b75ee748d87d2dc8c5dbd806b8c57228521e41b613fadb538f5542e4a8edac024912c89ee27700947038a2232ad9a4243808a3ec47d68d99b0f4d44ea974d21da609cb3dd40a224db5dc3efcba6d5ec1ae105b47e3375aa5de9599f2ebd19ca5dc336da48517d808e82856c90ac758", &(0x7f0000000740)=""/114, 0x321b, 0x10, 0x2, &(0x7f00000007c0)}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:19:14 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) ioctl$BTRFS_IOC_SYNC(r0, 0x9408, 0x0) r1 = fsopen(&(0x7f0000000080)='incremental-fs\x00', 0x0) syncfs(r1) r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f00000000c0)={0xd6, 0x8, 0x5, "a7b865b9ca79598aaec4a901ced134960c00f759c6a1a226620aca711e22f9e391fb5c5cdb6301b0dfe8c905cdf9238b9da65bb803c6402a709bf58cfb4e280133402ab74889dcbdaec093a716af52e5e7061a5e4df4d132c63f78f4609348a5e62615933721b176e45eab395108592a279ec76563530b72b9679528f8c1ba00a15a4e29eb744c116540bbd7efb4d87ce6cde3ba2d04ecc03b725961bd053b7d61cebe253e0c72655ef599f66be5ff14f46d4960ecf300e9089186bbe5d30eaaf9068b147c17fff7d250be8c84748940bdb12c636fd4"}) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r3, 0x4c01) ioctl$SG_GET_LOW_DMA(r3, 0x227a, &(0x7f00000001c0)) 17:19:14 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x0, 0x9}) r1 = fork() tkill(r1, 0x9) [ 1326.888160] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1326.889800] blktrace: Concurrent blktraces are not allowed on sg0 17:19:29 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 39) 17:19:29 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}, {0x8, 0x9, 0x6}, {0x7, 0xfa, 0x1, 0x7ff}, {0x3, 0x16, 0x80, 0x2}]}) r0 = fork() tkill(r0, 0x0) 17:19:29 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x0, 0x9}) r1 = fork() tkill(r1, 0x9) 17:19:29 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) chown(&(0x7f00000002c0)='./file0\x00', r0, r1) lchown(&(0x7f0000000040)='./file0\x00', 0xee01, r1) r2 = fork() tkill(r2, 0x0) 17:19:29 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x80000}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:19:29 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) r3 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:19:29 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0x400}) 17:19:29 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1342.068613] loop7: detected capacity change from 0 to 40 [ 1342.089184] FAULT_INJECTION: forcing a failure. [ 1342.089184] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1342.092042] CPU: 1 PID: 25862 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1342.093911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1342.094659] blktrace: Concurrent blktraces are not allowed on sg0 [ 1342.096348] Call Trace: [ 1342.096360] [ 1342.096369] dump_stack_lvl+0x8b/0xb3 [ 1342.096402] should_fail.cold+0x5/0xa [ 1342.099875] prepare_alloc_pages+0x17b/0x500 [ 1342.100896] __alloc_pages+0x131/0x4e0 [ 1342.101797] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1342.103207] ? lock_release+0x3b2/0x6f0 [ 1342.104125] alloc_pages+0x1a0/0x2f0 [ 1342.104985] get_zeroed_page+0x14/0xa0 [ 1342.105864] __pud_alloc+0x33/0x270 [ 1342.106692] copy_page_range+0x35ea/0x47b0 [ 1342.107690] ? find_held_lock+0x2c/0x110 [ 1342.108635] ? lock_downgrade+0x6d0/0x6d0 [ 1342.109558] ? vm_iomap_memory+0x190/0x190 [ 1342.110555] ? up_write+0x148/0x460 [ 1342.111378] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1342.112571] ? __vma_link_rb+0x540/0x700 [ 1342.113558] dup_mm+0x961/0x1250 [ 1342.114358] ? replace_mm_exe_file+0x490/0x490 [ 1342.115368] ? __raw_spin_lock_init+0x36/0x110 [ 1342.116422] copy_process+0x3848/0x6cb0 [ 1342.117364] ? lock_is_held_type+0xd7/0x130 [ 1342.118354] ? find_held_lock+0x2c/0x110 [ 1342.119334] ? __cleanup_sighand+0xb0/0xb0 [ 1342.120349] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1342.121660] ? _copy_from_user+0x139/0x170 [ 1342.122610] ? kernel_clone+0x2f8/0xa60 [ 1342.123657] kernel_clone+0xe7/0xa60 [ 1342.124253] ? lock_is_held_type+0xd7/0x130 [ 1342.124657] ? create_io_thread+0xf0/0xf0 [ 1342.125024] ? lock_is_held_type+0xd7/0x130 [ 1342.125402] __do_sys_clone3+0x1dd/0x2e0 [ 1342.125743] ? __ia32_sys_clone+0x150/0x150 [ 1342.126244] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1342.126687] ? fput+0x2a/0x50 [ 1342.126967] ? __secure_computing+0xb4/0x290 [ 1342.127357] do_syscall_64+0x3b/0x90 [ 1342.127689] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1342.128145] RIP: 0033:0x7f9fb3b18b19 [ 1342.128509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1342.129954] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1342.130579] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1342.131147] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1342.131724] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1342.132339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1342.132926] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1342.133553] [ 1342.137639] debugfs: File 'dropped' in directory 'loop0' already present! [ 1342.138458] debugfs: File 'msg' in directory 'loop0' already present! [ 1342.154534] FAT-fs (loop7): bogus number of reserved sectors [ 1342.155145] FAT-fs (loop7): Can't find a valid FAT filesystem 17:19:30 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) r3 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:19:30 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x101000}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1342.291775] debugfs: File 'dropped' in directory 'loop0' already present! [ 1342.297079] debugfs: File 'msg' in directory 'loop0' already present! 17:19:30 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:19:30 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) r1 = fork() tkill(r1, 0x9) tkill(r1, 0x30) 17:19:30 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000000000000000000000000000004000000ffa66e49414cc3f0df3e568558bbae24070000030000002300000000800000000000000800000000000000ba0000000000000000000000000000000000000000000000040000000000000000000000000000000600000000000000020000000000000000000080000000000000000000000000000000000000000004000000000000d600000000000000000000000000000000462500000000000005000000000000000000009f71a72b0ab2e0f5b4050121d5f5110000000000000000000000000006cf425e888f26b60ea7407beb81a15554cca05b42c85d1db558da3a07e9a9e327d18269468232230d21b48fc1c58fedc2241492f26560a6cd1b2dca18c41104769e47747efc99473df706dffd3f343fa48095c683b3ba300f714d0a4a221ef676b0b8472906f96926bf1b1181e092b2e641f10f543b77e62cb619edc128cf1a22065c65f6f18736461cfa9d62e775b6c750b765b18a995d7300f2b5eb5e8e30a211beec383d0cfcfda8"]) r3 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1342.369435] loop7: detected capacity change from 0 to 40 17:19:30 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r0, 0x4c01) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x80, 0x5, 0x81}, {0x9f, 0x7, 0x7, 0x6}, {0x7, 0x4, 0x0, 0xbc7f}, {0x2, 0x6, 0x7, 0x237f8482}]}) r1 = fork() tkill(r1, 0x0) 17:19:30 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 40) 17:19:30 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x0, 0x9}) r1 = fork() tkill(r1, 0x9) [ 1342.408236] FAT-fs (loop7): bogus number of reserved sectors [ 1342.410005] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1342.438945] debugfs: File 'dropped' in directory 'loop0' already present! [ 1342.443738] FAULT_INJECTION: forcing a failure. [ 1342.443738] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1342.446899] CPU: 1 PID: 26287 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1342.449060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1342.452158] Call Trace: [ 1342.452941] [ 1342.453572] dump_stack_lvl+0x8b/0xb3 [ 1342.454565] should_fail.cold+0x5/0xa [ 1342.455660] prepare_alloc_pages+0x17b/0x500 [ 1342.456875] __alloc_pages+0x131/0x4e0 [ 1342.457914] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1342.459424] ? lock_is_held_type+0xd7/0x130 [ 1342.460621] ? find_held_lock+0x2c/0x110 [ 1342.461750] alloc_pages+0x1a0/0x2f0 [ 1342.462755] pte_alloc_one+0x16/0x1f0 [ 1342.463852] __pte_alloc+0x69/0x200 [ 1342.464939] ? pmd_install+0x250/0x250 [ 1342.466050] ? do_raw_spin_unlock+0x4f/0x210 [ 1342.467269] ? _raw_spin_unlock+0x24/0x40 [ 1342.468437] copy_page_range+0x1b84/0x47b0 [ 1342.469670] ? vm_iomap_memory+0x190/0x190 [ 1342.470747] ? up_write+0x148/0x460 [ 1342.471699] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1342.472987] ? __vma_link_rb+0x540/0x700 [ 1342.474064] dup_mm+0x961/0x1250 [ 1342.475061] ? replace_mm_exe_file+0x490/0x490 [ 1342.476450] ? __raw_spin_lock_init+0x36/0x110 [ 1342.477753] copy_process+0x3848/0x6cb0 [ 1342.478840] ? lock_is_held_type+0xd7/0x130 [ 1342.480058] ? find_held_lock+0x2c/0x110 [ 1342.481184] ? __cleanup_sighand+0xb0/0xb0 [ 1342.482362] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1342.483907] ? _copy_from_user+0x139/0x170 [ 1342.485092] ? kernel_clone+0x2f8/0xa60 [ 1342.486166] kernel_clone+0xe7/0xa60 [ 1342.487169] ? lock_is_held_type+0xd7/0x130 [ 1342.488337] ? create_io_thread+0xf0/0xf0 [ 1342.489475] ? lock_is_held_type+0xd7/0x130 [ 1342.490642] __do_sys_clone3+0x1dd/0x2e0 [ 1342.491733] ? __ia32_sys_clone+0x150/0x150 [ 1342.492902] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1342.494323] ? fput+0x2a/0x50 [ 1342.495137] ? __secure_computing+0xb4/0x290 [ 1342.496286] do_syscall_64+0x3b/0x90 [ 1342.497299] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1342.498730] RIP: 0033:0x7f9fb3b18b19 [ 1342.499776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1342.504714] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1342.506805] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1342.508978] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1342.528827] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1342.529371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1342.529941] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1342.530481] [ 1342.532923] debugfs: File 'msg' in directory 'loop0' already present! 17:19:45 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0xf0ff1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:19:45 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:19:45 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x2, &(0x7f00000001c0)=[{0x8, 0x0, 0x2, 0x1}, {0x8, 0x7f, 0x7, 0xdbe}]}) fork() ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) wait4(0x0, &(0x7f0000000040), 0x20000000, &(0x7f0000000340)) r1 = fork() tkill(r1, 0x9) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000140)) tkill(r1, 0xb) ptrace$setopts(0x4200, 0x0, 0x5, 0x40) 17:19:45 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) pread64(r0, &(0x7f0000001040)=""/4096, 0x1000, 0x12000) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, '\x00'}) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f00000000c0)=0xfffff210) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = syz_mount_image$tmpfs(&(0x7f0000000480), &(0x7f00000004c0)='./file0\x00', 0x7ff, 0x2, &(0x7f00000005c0)=[{&(0x7f0000000500)="439ada484936e86be9a71d7b295a0c946f84997a0c813214deeaf83bc9342ba29f78de7f4a9eb72c6eea92a2ff23f0dac54784dee641953c36bb9687350f2fe3a239053da8ca656e3faf6b3279bad9e4f47194e091dd854abcd794675b897d27dcae9e2fb7b61b5e97038cc5ebc7c763390fcaa3f8768e8f31e3a076da1fd93f4c2a40835359a52c34d818e8e76316090eb445522fb878ef7bab81", 0x9b, 0x73f5}, {&(0x7f0000002040)="6bb8910f6bc1178bfc05ca9da3ab4208dc6c03ae8132fea800202d6d301ee156ca3bd633f06ad1a144bae610504e9235a1f61c4797922a6ed3726a300270a96d686b546f4319d6363d117a546c6d926e626580a32c766534dec9a61175b52d4e5fbf766316c3cca6480136fa39c71ab691116645996bff50eeb3427840d458a1908aa5bdb98d8016f6b24167668257d9e4d5a51644bd5a3ebdc7b063a29384ee27641154b484e6997e4bf2a33e48409e2dd2f6a8779980da1e5800c2ec4ac3e3ad9c5ce0270c6cc908574244fb83d8ef5106b27a52b778400c855c9d70100284f98b7f21cdbef6f40ea8a35d285ad27a458353845f83ccdc804b9c18212b79a1313f08c0d6f639446803cbb074ba4e889a01e13f4028d0451afe4c178863cea36fc437048849bcb88f0843fa6ba40e7fab8aa2050853e24386f7e7d7a08de054b992b5cf8c434fdc8251eb3edbcbab357b4ed493507a68c01b3b347e879de9a2b7b54d32158ff16408438b64bfa08dd85c95a1de1e66fc878d5438a8d4c4e209f86b6ed073fb45a25dc1713533780e94acab037e395706858c7f0c118aad1259c7d18902ba34ecd059a871c2ef827f2468c14b9974ab7a3034c1e5cdeb887f2909177a1424a1f48c6f8ddc9a3cf8ccf6f88b87551bf041986ba8d021c44521901bc0f1441d51db691bd2cde07b565197c02f4716a802ce25d7b0e1a89ad12438e88433beb6d83da6c175bc30f8b209feeced169d273180b76b44b269df2c706ae731056e052cef98a8530e17ba80da5d33a0a7d77b636895f7dc32837ebffeb4ace062baeeefb6f84d95ac2c2ad0455944353d36aa32f878b0f3ba5809967c16ed0c5d3f54680664c6e6d9d82acaa6c50ebb63ce651338f28536b0bc82a0f6581433c89149ef084142736588f767fa83ff14b305629e691914c8f173a6dde576ff001b46980f8e439606d4797f1d1b75bf4774b5781f68ca9a00b9e6771dd0dee3de24625d4051c2326bbc1e95063e103a705c138023f1e240b1051d6e959a5d809e4841e39b06374aad0f36a31c1e0565c1d7350177909930cb356f74004579fcd284fb9b8f9c4c70ca5420f1db6f520bdf2dab5837b35cfec137a97bbc96b69b48cd3da994fa880eae89adecb81bc27099ac57257e6dfc1e04f07e27bd05d3e9b2c275967157773d9a3a5bdd513943380065c23ebbcc3744e9adce58a47176984df5132de477617c7ca42f13571e1617cf4b9e6825ad216313fd623cf86d158a46c0ec1721cbc8fbc8311c609120a2e2b639d1e42b338f38294b0515d7bcb315b4e33f48b27bec6b0007cc3f511261c5d4936bc100d0a97fcb855c1768c0d22a0c7a8a446a84710e2564788705f62c7484bd42c95ac7de176a1491e2780f367ca941d00fc6c64fa3b1e739957d294609841c8298e92093b757bf9ae3b676e6d7eec39169ee48e941a18e25f1f424ad3a486cf8a715c0d10d55983fa87004786985f4514c4cc422e9da5b74a248b38e42229ee82deb2c6630decf4ef20e48368262decaa801e788ceece56cd57954c60330c96a7864962f281f43d52c028921c86bbe1c9a7c618ead0019a68161a25d64aeea1d45ad9be2a52ee6835b84c206481d3d51ca57bd5675712ab8e21655a0b6321e3b5080b6c3a42e4bafdb5f45cc83457127c09b248024e45676d65a3001e853eb8e72412b2cdf26591162bb67006d2313e8d3c864968f59a4af26bd2ecf8e8ddbdf9d7d5d09a7bee1e7197e5d0a603d160632d19b0a527cf20bf9ddfb0f4b2faea36f78e0da1895258e167bf4294724cab492262db7998bd13eb7ff2b362d4ba43cb0d2b9e2e9fa880642c2d3088c5faac939f8d8f23cca742d45e6803fe9c59974753e2f05d4eff8ca093da5332c8b638284342276134015736b1114aef85998df42389a1854045b5a6d1bf25198882c64fa14b107fa7c4034b09b549501f51617534dd8604fe4aa946217173ea631ec94b14035a9902fdbd33b764633a0f47463cf3854db5b66f05275e8ea3f5378a8b4aca7f7f45ddf89290014a27dcce807afe38dd36869d2b3ae1a47d1c94edd661872eaa2a7a883556c6881d27fcfb9c17b0d80e9c7aa8dbbe0a893d3b9154e7af300694558d1d8db427839213fc0990efb326561d3349e8208e3b59011c42f6ff756ea644bdb1f6264df28dcb9fdda908cb462d0ad831ee7e8a778d25543a8d6e9a73443c7084e73100b39ef478c49a1742300d7ef5c505b57a5551dfde82a96a83a3b8dd3b7bc288d483284afb7490dfc6ba5c7daced2daf929e1f7eb9dbcea02ce8a22dcb9e22a4d4e91c82d990481d37abae6be5d92bbe8a5b414bd1af54763641870c23bab594cdc15a65960451a1a7fdda66688607ecde184adc9957ebf1c64b7c023c740d2c5cbc9aeed6f1ce3201943d71f14a1b4b62c8a366ae98b04a12c451b806983783410bda5357838fbacc50dcc48d68f07b1f02b881a9c0c0a8cd3cad75e39d4459ef7fe3389eb3389ca73b72cea861d88b6a1be06a48531c1ce9756e685b88a14586314b67964afbee238811644713430c42047284adc11c2635419f9600627ce0da5d54760e31e877366043deb86ea358c8e68434f84a250d445be0b2a6c4f5c5434a165692c97ce06211b16a668dc4a3e093c5bcbd382fea023995d61669f1192f85418253741f89bd4876c0cd642e96d102199558c44cdbacb52ad2289d1c001cf26f3fe83b36abca1941d44b13376628a8249d3e4c4c79f4fa154b9a69ed3e9def533a5232d5e0155ffcf1428239b40e0be1b46769b81dd35ca4ad19c54d66451801f376000a358ef05a56b651318da4b27fb4c6764ccacecfbb75d77b2624328375e290f106fdac428a632c42926ba86e13d860194e836726bac8ac9104688ca443cd38d8ce1a45c6abf50576b392fa034dd0557cbc730ccda29bfc8c7a19946f2c6f7039e8cd0e43ee1a3edc10876a1788e5dae5d1288ddab5c0fc4612daec6b0a803e9929d8239a7923fc8ef583f0ac5b229989c8e24f08566f1c5ca402966e5f659a6630fb302f346e0804d87b80acbaa5bcd0d2a9fd0184f755a4a52f4a6ff69269e2eb8f1bba3420a73e4296657ed23dc281a5ca5f82f67d400d9c0be950e31011cf2c03344167c228c8197fdcbd6e1d0610e302d8b77db88f75271e9d1a9ebb54bf76efb981c89a863583d7b19663e3a2da76308715fc7e116bf60f5f0f2815c91827f4b8a926140bdf58044c7d500f3a8ce2dd491854b6e7397eef28435cfaca2e5b50179498bc02c7ec6731301ae255f922e0eea77eb28d3d0a049ec456a563e52778d3e9923ff4ed07991c5cf0c63040e2b609abb9c1a7833600074d4027a903828853f0a95e32d4c18ce6ccc542e35aa6135d9202c4ac9dc47bb54c03e17d9567ec7a507cad825f68f60718f2fd36a69c764ccfc544c084e5b2d8e512b8d79558191a30e03d55f90d6e15de94fedc9ef02feafc6cdaf5ad0385d07bc565073f7207dc00ed5d0b04a18cafbf1d905841b92e4cca278e2c19d138f51e3fb18125aa904b5f884b2cae0c0820b6bfe77f919b23a4e463f127923590ca10d64c2ed9764059c8ea478148d21eb7739c566215921ceedde4c08de91df5e3afa7b232107cf83d4609a73910ed7cfb0a07c464723c2eacbc41a271503e218f332380f2502eb1e1390e2513cecaaeb71e891d2bb0afe6388f6f69ab1b013a2c923f81b7374e9f08840ed61449fede7e1b25b040e796e9af1ec955ef474d4e313a89fe1bb174fbd9f997084b6030be7f032c695e2a1874ba1cec693a0c690d65237873372f639aca2aea0420e11c5fca61caedaeb8cdd5e3c001dc7378c3e9c9106ed388067723ba54206969eb2104223bae6eeed011b110326ff9b9af1747eaff24a806993ce95d81282f83049551e5afc3ec9263dfa791d046ddffc1dd5668174929da6b20a6ddd9150b2f6a289b1f9c5e98ddd493c5c350363a552d54bb7f9a93ae259e18c66e56a01d889758eaa351bcbdd3151345afbafe992c603f8a9789c55c73db61f5b07546c7e7f527efc7f326d65b6890a5c7eda71f9109de19bdef24423543a5689f6e936b49031f4db78c917a1eaa1487a76d4af61f83391721cb15efde9c37ae8e37cadc1dcbae7e7e4c2ceff73ea2539358bc14355564cf82d5b8804e8592ec5e4c4ce14631a5855a55f9b8b419d57d4673fc919756e113ad1a8973f1213111d69d2e44a134f5bab69e53422e2e19c4b5bd28dd072e66e640362d1bf456bc8c118cdff24922a52e60edfc5b4e930f79b922c5f8b478b77e4708689b81ea7ce9e8721dacc6fd3fe3350d1615b8ca8b0ba34ab40ab822f00916d50165c84fdc7fc6a0bd414f06a9f47a8d3aebefdebc659085d4cc3769d05e08d3034dd37db56e9537f61b4728685031577144fe1f0f06da24666e6a1d95f2009e3f55afd1b8fa6eb23528586328859d4a359657c7608446742f1154570902fd6f3ed39a8b9241cdb1047406fd002421298f7a621acae45adfea4c2c4bfd3da1a1dd1f4015e0838c917dcfe2f0042bee0bf2d430fe6bdb6bcdb5f7fc577bc21799e7b0f002a8ee01455a00db86256f3ec2cada6b881ad0309fe30d8bee8336e5409c7f039329f3ce4cc5743d37ecd5f96c9f7b360ccb76a8fdf61a0eb2300a41e951237ab22dd9a4a326e6d9c0d881d001f607544fb060a9ea5e91158ae6f90393d09e2c2fee456fc3a41df5d9371244b543e035da00fca2369a76f0565e94f39f2531852cc819e6c8b567c0cccbb60dccbf95a1a315474eec05e5ed148ec0777a714ba01eb5dcefff3f95d892b8b59e6f270d2a43977c5aa4ec8a45bd2e982020f85b24709ddedae681a7b8bd41ac54aa1d01e8bdd141fccc4a20d4467797bde675f355c4107b59a1a7c241543bb520d8782887d0cbb87123b11ec9c119b20b125e2827d666fb3a0f38ff0b1ba5234eb903f65b049a504b4c3b699404ad572a44b2a966a33699180b6c00d93a5d0173022083bda5e6bd4c7a60fac9a2077fbba1fcedf0d8e929c2f5df3c5ba4478a604b92154d502f645d9134ce4dcae475ac6985e738856186fdc82f0fd61b359d8766e60ecc35f4a40288a0ab4c5ccf775861d13846f26612798238e3999574bf72efea73d49496813cacb179e0883b02be666841701e8cfdc95c88cce31d07b3cd8d903a162b2a69279409e7c8c8abcf8a9fc4ef5cf6b36e1d07e63b80ffa199155b1cd839e0d63e64bfb2c911890b5a8f67e7f08fae1c6679f2e791593c96a8ef2f2b640254dafaafc01001efe7564c53602e280a30db3a6aa65c0971e246a6fc40a8b5ff986aad7f59108d56041e92927d8c9e81fd5668015fb042669438ce70a9bf14c421979178f247985cd6680eb340216099ae39735eca3a43facddde57bae862ddc6cb454f778fddb93d7666f2457fc8217f64e30b9a7921044633a13487733e17f43659226e0d5aafe59422aee23d5e9a1e629b2f0c80cdde32932c8e3f7dd174512691f006f9c37a5c9afc698c4136526026e3b3463939b3ab91a1b14a47dbc81308f36e827ed9e57ca160b57ae2bbc59f4608a3cdba1ffc0ffeae084de8ffac95df365a4b77ee681df8495284a9c920501faccf72a177385dd4f09274f0d9993a4e56b528fd8c4a5d80d1e23607acb82c831bae9df55e8a4989ce4ab7a7d487b91ad25df5720a1c6a08a76d7f4abcd369d7735940100d94aa7b0733caf8f755c534f43245b709498de3be6a4e6ad14e8e4ace13310c498fc989b98e73b78a94", 0x1000, 0x3}], 0x2002, &(0x7f00000007c0)=ANY=[@ANYBLOB="687567653d6164766973652c6e725f696e6f6465733d2d651574742d362c6769643d", @ANYRESHEX=0xee01, @ANYBLOB=',gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6e725f696e6f6465733d33312c73697a653d366b34673236252c6d706f6c3d64656661756c743d72656c61746976652c687567653d616476652c7375626a5f726f6c653d002c0021cfefd85592310627"]) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r4, 0x801c581f, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r5, 0x801c581f, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r6, 0x801c581f, 0x0) r7 = fork() stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r8, 0x0) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r9, 0x0) chown(&(0x7f00000002c0)='./file0\x00', r9, r10) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000400)=[{&(0x7f0000000180)="257993a6d32d6890bff05d54df5fea08e9764c1d7bb0d1eab88ad0adada1cb9eed71bd832c9eade973864e719d5c98725daf65bc3bd117dc538592367366a955691a31b64686bfea1a222c73b07ab886f348b38bb061c764da87aa1668894d4db14c3f00a5668ed939189309713673a52384347ca799bdee89c745804662faab9c09d1edac9313e828bfe09ed46d69c2021f390a6edd8324", 0x98}, {&(0x7f0000000240)="62f7cdbece24ad085db7629482685d52515fd48273617ce22c196de193dcb1b0e7b59fa3d2096ca5305dcdde8fb0", 0x2e}, {&(0x7f0000000280)="1dccb48864a9d8", 0x7}, {&(0x7f00000002c0)="3b59dc4f23b6ca390efac8c41e6adbc22311e3c1d637fcfb8a763ec50f486769a9ca1658117fa43d1b1a9fe47476df2604df6166cc32c7a0a5b0c185e323a8d1512807f279b157cf008f61f4a85948693e4e18dfc0f4cafd79885848ec81bbf962f6391ad6a1542d39a2c5349a4009023f0b7be28271dcd61774c5240a154dda51455cb58f2cf3d02646ae3b6cae1f0dec10a9fef3e9ad09f0726a8f9be64d31c841cd8247caeadf48a8a7a4fa3f21dac5f7302c7958a2d79ef51e606c3a27a11f3d094896f4b63f82992204b14deb0c6efe2d60acaad9e9dd185c1e0dfc336e72c37bb50a7f6a9a732d8c1cd3910afbdf5ed7d3672c7cc09bd8f3b0a935c7", 0xff}, {&(0x7f00000003c0)="73e066869268ee1af46c8a456fc60e81c930d2af63f2a3ef53837c8b17e1fc3f079d8e0cd89edbe927e78da2e92914cf246761ef461f89", 0x37}], 0x5, &(0x7f00000006c0)=[@rights={{0x34, 0x1, 0x1, [r0, 0xffffffffffffffff, r0, r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, r2, r1]}}, @rights={{0x24, 0x1, 0x1, [r3, r4, r1, r0, r1]}}, @rights={{0x28, 0x1, 0x1, [r0, r5, r1, r1, r0, r1]}}, @rights={{0x14, 0x1, 0x1, [r6]}}, @cred={{0x1c, 0x1, 0x2, {r7, r8, r10}}}], 0xc0, 0x4000000}, 0x810) 17:19:45 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) accept$unix(r1, &(0x7f0000000380), &(0x7f0000000100)=0x6e) r2 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:19:45 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = fork() r2 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev}, &(0x7f00000000c0)=0x1c, 0x80000) preadv2(r2, &(0x7f0000000500)=[{&(0x7f0000000100)=""/67, 0x43}, {&(0x7f0000000580)=""/208, 0xd0}, {&(0x7f0000000280)=""/29, 0x1d}, {&(0x7f0000000400)=""/206, 0xce}, {&(0x7f00000003c0)}, {&(0x7f0000000180)=""/210, 0xd2}], 0x6, 0xbb, 0x0, 0x4) tkill(r1, 0x0) ptrace$setregset(0x4205, r1, 0x2, &(0x7f0000000680)={&(0x7f00000002c0)="0541338cb55b98e35c83b0d471ab2aee43dd4a6e8fe2bd20e677fc25f0ca506ad3356b291de3cbda8a89472a3e835faadb3c246626b635b57d1d808e408e18e5c1131590849a19f0d83e106449dbda0a324537d89e9c98cd08e5fd1b213b438b118707dacf550b50b15e1eae9e407bb3adf926c093e16d6f24ed4c48407f022b051994865ab350f0c5c77eb8067b5d3d5cc1bf70d70af5dbe6fb76627abc2fe29768bdcbe7495de68091a5a20f5bb93fae0fdf65d5da306ee25f3dbe8e5f47d30a024390bd42a7abdc513c8549dd5db410121d3afb81606f2dc660a707bf2ae7e9", 0xe1}) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f00000003c0)=0x1000) 17:19:45 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 41) 17:19:45 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6}) r1 = fork() tkill(r1, 0x9) [ 1358.027230] FAULT_INJECTION: forcing a failure. [ 1358.027230] name failslab, interval 1, probability 0, space 0, times 0 [ 1358.028674] CPU: 1 PID: 26604 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1358.029573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1358.030830] Call Trace: [ 1358.031127] [ 1358.031391] dump_stack_lvl+0x8b/0xb3 [ 1358.031850] should_fail.cold+0x5/0xa [ 1358.032300] ? ptlock_alloc+0x1d/0x70 [ 1358.032762] should_failslab+0x5/0x10 [ 1358.033211] kmem_cache_alloc+0x5b/0x480 [ 1358.033691] ptlock_alloc+0x1d/0x70 [ 1358.034120] pte_alloc_one+0x68/0x1f0 [ 1358.034571] __pte_alloc+0x69/0x200 [ 1358.035009] ? pmd_install+0x250/0x250 [ 1358.035470] ? do_raw_spin_unlock+0x4f/0x210 [ 1358.035996] ? _raw_spin_unlock+0x24/0x40 [ 1358.036499] copy_page_range+0x1b84/0x47b0 [ 1358.037063] ? vm_iomap_memory+0x190/0x190 [ 1358.037559] ? up_write+0x148/0x460 [ 1358.037981] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1358.038555] ? __vma_link_rb+0x540/0x700 [ 1358.039039] dup_mm+0x961/0x1250 [ 1358.039461] ? replace_mm_exe_file+0x490/0x490 [ 1358.040001] ? __raw_spin_lock_init+0x36/0x110 [ 1358.040552] copy_process+0x3848/0x6cb0 [ 1358.041024] ? lock_is_held_type+0xd7/0x130 [ 1358.041207] loop7: detected capacity change from 0 to 40 [ 1358.041533] ? find_held_lock+0x2c/0x110 [ 1358.042737] ? __cleanup_sighand+0xb0/0xb0 [ 1358.043243] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1358.043860] ? _copy_from_user+0x139/0x170 [ 1358.044352] ? kernel_clone+0x2f8/0xa60 [ 1358.044834] kernel_clone+0xe7/0xa60 [ 1358.045275] ? lock_is_held_type+0xd7/0x130 [ 1358.045762] ? create_io_thread+0xf0/0xf0 [ 1358.046274] ? lock_is_held_type+0xd7/0x130 [ 1358.046767] __do_sys_clone3+0x1dd/0x2e0 [ 1358.047242] ? __ia32_sys_clone+0x150/0x150 [ 1358.047768] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1358.048394] ? fput+0x2a/0x50 [ 1358.048779] ? __secure_computing+0xb4/0x290 [ 1358.049295] do_syscall_64+0x3b/0x90 [ 1358.049735] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1358.050336] RIP: 0033:0x7f9fb3b18b19 [ 1358.050764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.052819] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1358.053683] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1358.054482] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1358.055277] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1358.056077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.056890] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1358.057702] [ 1358.059714] blktrace: Concurrent blktraces are not allowed on sg0 [ 1358.068436] FAT-fs (loop7): invalid media value (0x00) [ 1358.069224] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1358.071939] debugfs: File 'dropped' in directory 'loop0' already present! [ 1358.073710] loop4: detected capacity change from 0 to 115 [ 1358.075740] debugfs: File 'msg' in directory 'loop0' already present! 17:19:45 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x1000000}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:19:46 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff33, 0x0, 0xa, 0xc, 0x0, "23c2d80353e2f6a37c3e59015505ac0d65bc8b584c0564cf1252925367d8c2ece4aed5dadfdbb33d5c028f3b69f143afd05a4631a6ae553f096dd668463af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0xffffffffffffffff]}) r2 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1358.177929] loop4: detected capacity change from 0 to 115 [ 1358.295646] debugfs: File 'dropped' in directory 'loop0' already present! [ 1358.297394] debugfs: File 'msg' in directory 'loop0' already present! 17:19:46 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x5, 0x1, 0x9, 0x2, 0xffe3}) 17:19:46 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x8000000}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:19:46 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 42) [ 1358.433446] blktrace: Concurrent blktraces are not allowed on sg0 [ 1358.447509] FAULT_INJECTION: forcing a failure. [ 1358.447509] name failslab, interval 1, probability 0, space 0, times 0 [ 1358.450269] CPU: 1 PID: 26932 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1358.451307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1358.452709] Call Trace: [ 1358.453043] [ 1358.453336] dump_stack_lvl+0x8b/0xb3 [ 1358.453837] should_fail.cold+0x5/0xa [ 1358.454330] ? create_object.isra.0+0x3a/0xa20 [ 1358.454930] should_failslab+0x5/0x10 [ 1358.455414] kmem_cache_alloc+0x5b/0x480 [ 1358.455950] create_object.isra.0+0x3a/0xa20 [ 1358.456526] ? kasan_unpoison+0x23/0x50 [ 1358.457084] kmem_cache_alloc+0x239/0x480 [ 1358.457650] ptlock_alloc+0x1d/0x70 [ 1358.458135] pte_alloc_one+0x68/0x1f0 [ 1358.458663] __pte_alloc+0x69/0x200 [ 1358.459154] ? pmd_install+0x250/0x250 [ 1358.459686] ? do_raw_spin_unlock+0x4f/0x210 [ 1358.460260] ? _raw_spin_unlock+0x24/0x40 [ 1358.460846] copy_page_range+0x1b84/0x47b0 [ 1358.461444] ? vm_iomap_memory+0x190/0x190 [ 1358.462025] ? up_write+0x148/0x460 [ 1358.462500] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1358.463164] ? __vma_link_rb+0x540/0x700 [ 1358.463703] dup_mm+0x961/0x1250 [ 1358.464189] ? replace_mm_exe_file+0x490/0x490 [ 1358.464795] ? __raw_spin_lock_init+0x36/0x110 [ 1358.465430] copy_process+0x3848/0x6cb0 [ 1358.465966] ? lock_is_held_type+0xd7/0x130 [ 1358.466545] ? find_held_lock+0x2c/0x110 [ 1358.467126] ? __cleanup_sighand+0xb0/0xb0 [ 1358.467695] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1358.468438] ? _copy_from_user+0x139/0x170 [ 1358.469026] ? kernel_clone+0x2f8/0xa60 [ 1358.469577] kernel_clone+0xe7/0xa60 [ 1358.470078] ? lock_is_held_type+0xd7/0x130 [ 1358.470674] ? create_io_thread+0xf0/0xf0 [ 1358.471258] ? lock_is_held_type+0xd7/0x130 [ 1358.471860] __do_sys_clone3+0x1dd/0x2e0 [ 1358.472399] ? __ia32_sys_clone+0x150/0x150 [ 1358.473019] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1358.473733] ? fput+0x2a/0x50 [ 1358.474177] ? __secure_computing+0xb4/0x290 [ 1358.474770] do_syscall_64+0x3b/0x90 [ 1358.475291] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1358.475968] RIP: 0033:0x7f9fb3b18b19 [ 1358.476465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.478760] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1358.479728] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1358.480638] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1358.481536] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1358.482433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.483337] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1358.484268] 17:20:03 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0x1, 0x0, 0xfff}]}) r1 = fork() tkill(r1, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) 17:20:03 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 43) 17:20:03 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x10000200}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:20:03 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6}) r1 = fork() tkill(r1, 0x9) 17:20:03 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fork() getpid() r1 = fork() tkill(r1, 0x9) clock_gettime(0x0, &(0x7f0000000600)={0x0, 0x0}) recvmmsg$unix(0xffffffffffffffff, &(0x7f00000005c0)=[{{&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000400)=[{&(0x7f0000000040)=""/41, 0x29}, {&(0x7f0000000140)=""/209, 0xd1}, {&(0x7f0000000240)=""/60, 0x3c}, {&(0x7f0000000280)=""/29, 0x1d}, {&(0x7f00000002c0)=""/97, 0x61}, {&(0x7f0000000340)=""/185, 0xb9}], 0x6, &(0x7f0000000480)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x120}}], 0x1, 0x0, &(0x7f0000000640)={r2, r3+60000000}) pidfd_getfd(r4, r0, 0x0) tkill(r1, 0x7) 17:20:03 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:20:03 executing program 4: r0 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r0, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x80000001}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x313cd6c7}, @BATADV_ATTR_ISOLATION_MASK={0x8}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x400d0) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:20:03 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) epoll_create(0x7) r2 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1376.010512] audit: type=1326 audit(1643044803.839:34): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=26940 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8692deab19 code=0x0 [ 1376.022425] FAULT_INJECTION: forcing a failure. [ 1376.022425] name failslab, interval 1, probability 0, space 0, times 0 [ 1376.025535] CPU: 1 PID: 26945 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1376.027517] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1376.030250] Call Trace: [ 1376.030894] [ 1376.031465] dump_stack_lvl+0x8b/0xb3 [ 1376.032457] should_fail.cold+0x5/0xa [ 1376.033339] ? vm_area_dup+0x78/0x290 [ 1376.034185] should_failslab+0x5/0x10 [ 1376.035127] kmem_cache_alloc+0x5b/0x480 [ 1376.036125] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1376.037410] vm_area_dup+0x78/0x290 [ 1376.038607] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1376.039095] ? copy_page_range+0x2cc8/0x47b0 [ 1376.039517] ? vm_area_alloc+0x110/0x110 [ 1376.039894] ? vm_iomap_memory+0x190/0x190 [ 1376.040268] ? up_write+0x148/0x460 [ 1376.040592] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1376.041106] ? __vma_link_rb+0x540/0x700 [ 1376.041484] dup_mm+0x53f/0x1250 [ 1376.041849] ? replace_mm_exe_file+0x490/0x490 [ 1376.042272] ? __raw_spin_lock_init+0x36/0x110 [ 1376.042695] copy_process+0x3848/0x6cb0 [ 1376.043165] ? lock_is_held_type+0xd7/0x130 [ 1376.044274] ? find_held_lock+0x2c/0x110 [ 1376.045388] ? __cleanup_sighand+0xb0/0xb0 [ 1376.046460] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1376.047916] ? _copy_from_user+0x139/0x170 [ 1376.048999] ? kernel_clone+0x2f8/0xa60 [ 1376.049547] kernel_clone+0xe7/0xa60 [ 1376.050453] ? lock_is_held_type+0xd7/0x130 [ 1376.051577] ? create_io_thread+0xf0/0xf0 [ 1376.052627] ? lock_is_held_type+0xd7/0x130 [ 1376.053742] __do_sys_clone3+0x1dd/0x2e0 [ 1376.054757] ? __ia32_sys_clone+0x150/0x150 [ 1376.055534] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1376.056000] ? fput+0x2a/0x50 [ 1376.056289] ? __secure_computing+0xb4/0x290 [ 1376.056684] do_syscall_64+0x3b/0x90 [ 1376.057089] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1376.057537] RIP: 0033:0x7f9fb3b18b19 [ 1376.057892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1376.059377] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1376.060132] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1376.060725] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1376.061360] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1376.061955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1376.062544] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1376.063177] [ 1376.071370] blktrace: Concurrent blktraces are not allowed on sg0 [ 1376.078402] loop7: detected capacity change from 0 to 40 [ 1376.088436] debugfs: File 'dropped' in directory 'loop0' already present! [ 1376.089248] debugfs: File 'msg' in directory 'loop0' already present! [ 1376.092241] FAT-fs (loop7): invalid media value (0x00) [ 1376.092771] FAT-fs (loop7): Can't find a valid FAT filesystem 17:20:03 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) r2 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1376.238265] debugfs: File 'dropped' in directory 'loop0' already present! [ 1376.238932] debugfs: File 'msg' in directory 'loop0' already present! 17:20:04 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = epoll_create(0x4) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SCSI_IOCTL_GET_IDLUN(r2, 0x5382, &(0x7f0000000080)) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f00000000c0)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:20:04 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) r2 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:20:04 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x4006, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) ioctl$FIONCLEX(r1, 0x5450) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x2, 0x6, 0x3d, 0x53}, {0xe2a1, 0x0, 0x0, 0x800}, {0x81, 0x4, 0x3f, 0xc}, {0x8, 0x3f, 0x65, 0x9}]}) tkill(r0, 0x0) faccessat2(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xd0, 0x1100) 17:20:04 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 44) [ 1376.339318] blktrace: Concurrent blktraces are not allowed on sg0 17:20:04 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x11000000}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1376.377421] debugfs: File 'dropped' in directory 'loop0' already present! 17:20:04 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1376.384656] debugfs: File 'msg' in directory 'loop0' already present! [ 1376.414475] FAULT_INJECTION: forcing a failure. [ 1376.414475] name failslab, interval 1, probability 0, space 0, times 0 [ 1376.415489] CPU: 1 PID: 27274 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1376.416188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1376.417184] Call Trace: [ 1376.417421] [ 1376.417628] dump_stack_lvl+0x8b/0xb3 [ 1376.417982] should_fail.cold+0x5/0xa [ 1376.418330] ? create_object.isra.0+0x3a/0xa20 [ 1376.418713] should_failslab+0x5/0x10 [ 1376.419027] kmem_cache_alloc+0x5b/0x480 [ 1376.419375] create_object.isra.0+0x3a/0xa20 [ 1376.419774] ? kasan_unpoison+0x23/0x50 [ 1376.419797] loop7: detected capacity change from 0 to 40 [ 1376.420148] kmem_cache_alloc+0x239/0x480 [ 1376.420181] vm_area_dup+0x78/0x290 [ 1376.425503] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1376.425956] ? copy_page_range+0x2cc8/0x47b0 [ 1376.426349] ? vm_area_alloc+0x110/0x110 [ 1376.426691] ? vm_iomap_memory+0x190/0x190 [ 1376.427033] ? up_write+0x148/0x460 [ 1376.427340] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1376.427755] ? __vma_link_rb+0x540/0x700 [ 1376.428130] dup_mm+0x53f/0x1250 [ 1376.428470] ? replace_mm_exe_file+0x490/0x490 [ 1376.428926] ? __raw_spin_lock_init+0x36/0x110 [ 1376.429358] copy_process+0x3848/0x6cb0 [ 1376.429717] ? lock_is_held_type+0xd7/0x130 [ 1376.430093] ? find_held_lock+0x2c/0x110 [ 1376.430474] ? __cleanup_sighand+0xb0/0xb0 [ 1376.430867] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1376.431339] ? _copy_from_user+0x139/0x170 [ 1376.431722] ? kernel_clone+0x2f8/0xa60 [ 1376.432087] kernel_clone+0xe7/0xa60 [ 1376.432428] ? lock_is_held_type+0xd7/0x130 [ 1376.432817] ? create_io_thread+0xf0/0xf0 [ 1376.433237] ? lock_is_held_type+0xd7/0x130 [ 1376.433648] __do_sys_clone3+0x1dd/0x2e0 [ 1376.433984] ? __ia32_sys_clone+0x150/0x150 [ 1376.434369] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1376.434829] ? fput+0x2a/0x50 [ 1376.435135] ? __secure_computing+0xb4/0x290 [ 1376.435537] do_syscall_64+0x3b/0x90 [ 1376.435883] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1376.436349] RIP: 0033:0x7f9fb3b18b19 [ 1376.436677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1376.438278] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1376.438941] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1376.439526] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1376.440103] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1376.440696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1376.441317] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1376.441919] [ 1376.445651] FAT-fs (loop7): invalid media value (0x00) [ 1376.446197] FAT-fs (loop7): Can't find a valid FAT filesystem 17:20:04 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6}) r1 = fork() tkill(r1, 0x9) 17:20:19 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 45) 17:20:19 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f00000002c0)={0x53, 0xfffffffffffffffe, 0x29, 0x4, @buffer={0x0, 0x45, &(0x7f0000000080)=""/69}, &(0x7f0000000100)="6ff1dac6a3827bbaab05c445fcdfc938a7a2189fbea9e72ba519548d2750393ebf6dcd440bb07c433b", &(0x7f0000000340)=""/185, 0xc6ae, 0x20026, 0x1, &(0x7f0000000200)}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:20:19 executing program 0: epoll_create(0x4) signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:20:19 executing program 6: ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x8319, 0x5, 0x7, 0xfff}) r0 = fork() tkill(r0, 0x0) r1 = fork() tkill(r1, 0x9) ptrace$setopts(0x4200, r1, 0x3f, 0x0) 17:20:19 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x1ffff000}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:20:19 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) fork() tkill(0x0, 0x9) 17:20:19 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:20:19 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfc, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) [ 1391.705136] blktrace: Concurrent blktraces are not allowed on sg0 [ 1391.707722] blktrace: Concurrent blktraces are not allowed on sg0 [ 1391.748099] loop7: detected capacity change from 0 to 40 17:20:19 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0xfffffff7, 0x401, 0x2, 0xffe3}) [ 1391.761811] debugfs: File 'dropped' in directory 'loop0' already present! [ 1391.767957] FAULT_INJECTION: forcing a failure. [ 1391.767957] name failslab, interval 1, probability 0, space 0, times 0 [ 1391.768983] CPU: 0 PID: 27606 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1391.769746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1391.770697] Call Trace: [ 1391.770937] [ 1391.771150] dump_stack_lvl+0x8b/0xb3 [ 1391.771507] should_fail.cold+0x5/0xa [ 1391.771861] ? vm_area_dup+0x78/0x290 [ 1391.772211] should_failslab+0x5/0x10 [ 1391.772571] kmem_cache_alloc+0x5b/0x480 [ 1391.772958] vm_area_dup+0x78/0x290 [ 1391.773366] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1391.773861] ? copy_page_range+0x2cc8/0x47b0 [ 1391.774284] ? vm_area_alloc+0x110/0x110 [ 1391.774655] ? vm_iomap_memory+0x190/0x190 [ 1391.775057] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1391.775516] ? __vma_link_rb+0x540/0x700 [ 1391.775906] dup_mm+0x53f/0x1250 [ 1391.776239] ? replace_mm_exe_file+0x490/0x490 [ 1391.776654] ? __raw_spin_lock_init+0x36/0x110 [ 1391.777070] copy_process+0x3848/0x6cb0 [ 1391.777478] ? lock_is_held_type+0xd7/0x130 [ 1391.777573] FAT-fs (loop7): invalid media value (0x00) [ 1391.777876] ? find_held_lock+0x2c/0x110 [ 1391.778375] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1391.778728] ? __cleanup_sighand+0xb0/0xb0 [ 1391.779575] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1391.780059] ? _copy_from_user+0x139/0x170 [ 1391.780451] ? kernel_clone+0x2f8/0xa60 [ 1391.780827] kernel_clone+0xe7/0xa60 [ 1391.781204] ? lock_is_held_type+0xd7/0x130 [ 1391.781622] ? create_io_thread+0xf0/0xf0 [ 1391.782021] ? lock_is_held_type+0xd7/0x130 [ 1391.782437] __do_sys_clone3+0x1dd/0x2e0 [ 1391.782818] ? __ia32_sys_clone+0x150/0x150 [ 1391.783239] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1391.783731] ? fput+0x2a/0x50 [ 1391.784047] ? __secure_computing+0xb4/0x290 [ 1391.784462] do_syscall_64+0x3b/0x90 [ 1391.784828] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1391.785356] RIP: 0033:0x7f9fb3b18b19 [ 1391.785696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1391.787261] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1391.787924] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1391.788551] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1391.789200] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1391.789824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1391.790430] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1391.791070] [ 1391.793198] debugfs: File 'msg' in directory 'loop0' already present! [ 1391.856694] blktrace: Concurrent blktraces are not allowed on sg0 17:20:19 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x20000000}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:20:19 executing program 0: epoll_create(0x4) r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1391.867238] blktrace: Concurrent blktraces are not allowed on sg0 [ 1391.929355] debugfs: File 'dropped' in directory 'loop0' already present! [ 1391.942831] debugfs: File 'msg' in directory 'loop0' already present! 17:20:19 executing program 4: r0 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f00000000c0)={'fscrypt:', @desc1}, &(0x7f0000000100)={0x0, "9251416133fa4f07a59ab5ad4f4ee46b4bcce34fd40aac639c2b37210d1e7baf6c93d4d16c9ffa8a006ecc3c8067937cf29c761235918e0d3d26ac0a99371b9b"}, 0x48, 0xfffffffffffffffc) keyctl$set_timeout(0xf, r0, 0x494ddb2e) keyctl$link(0x8, r0, 0xffffffffffffffff) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:20:19 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) r1 = fork() tkill(r1, 0x9) ptrace$peeksig(0x4209, r1, &(0x7f0000000040)={0x2, 0x1, 0x1}, &(0x7f00000000c0)=[{}]) 17:20:19 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 46) 17:20:19 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x3f000000}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1392.055540] blktrace: Concurrent blktraces are not allowed on sg0 17:20:19 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:20:19 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) fork() tkill(0x0, 0x9) 17:20:19 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x6, 0xbb, 0x81, 0x7fff0006}]}) r0 = fork() tkill(r0, 0x1c) r1 = fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000180)=0xc) r2 = fork() tkill(r2, 0x9) tkill(r2, 0x9) r3 = socket$packet(0x11, 0x2, 0x300) sendmmsg(r3, &(0x7f0000009a80)=[{{&(0x7f0000001740)=@hci={0x1f, 0x5865, 0x2}, 0x80, 0x0}}], 0x1, 0x0) syz_open_procfs(r1, &(0x7f0000000040)='projid_map\x00') r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'team_slave_1\x00'}) [ 1392.143557] FAULT_INJECTION: forcing a failure. [ 1392.143557] name failslab, interval 1, probability 0, space 0, times 0 [ 1392.146780] CPU: 1 PID: 28022 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1392.148845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1392.151771] Call Trace: [ 1392.152472] [ 1392.153071] dump_stack_lvl+0x8b/0xb3 [ 1392.154065] should_fail.cold+0x5/0xa [ 1392.155052] ? vm_area_dup+0x78/0x290 [ 1392.156010] should_failslab+0x5/0x10 [ 1392.157089] kmem_cache_alloc+0x5b/0x480 [ 1392.158171] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1392.159391] vm_area_dup+0x78/0x290 [ 1392.160305] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1392.161672] ? copy_page_range+0x2cc8/0x47b0 [ 1392.162765] ? vm_area_alloc+0x110/0x110 [ 1392.163918] ? vm_iomap_memory+0x190/0x190 [ 1392.164956] ? up_write+0x148/0x460 [ 1392.165897] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1392.167132] ? __vma_link_rb+0x540/0x700 [ 1392.168130] dup_mm+0x53f/0x1250 [ 1392.168981] ? replace_mm_exe_file+0x490/0x490 [ 1392.170143] ? __raw_spin_lock_init+0x36/0x110 [ 1392.171364] copy_process+0x3848/0x6cb0 [ 1392.172395] ? lock_is_held_type+0xd7/0x130 [ 1392.173534] ? find_held_lock+0x2c/0x110 [ 1392.174545] ? __cleanup_sighand+0xb0/0xb0 [ 1392.175293] debugfs: File 'dropped' in directory 'loop0' already present! [ 1392.175641] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1392.175670] ? _copy_from_user+0x139/0x170 [ 1392.178998] ? kernel_clone+0x2f8/0xa60 [ 1392.180069] kernel_clone+0xe7/0xa60 [ 1392.181049] ? lock_is_held_type+0xd7/0x130 [ 1392.182203] ? create_io_thread+0xf0/0xf0 [ 1392.183193] ? lock_is_held_type+0xd7/0x130 [ 1392.184163] debugfs: File 'msg' in directory 'loop0' already present! [ 1392.184287] __do_sys_clone3+0x1dd/0x2e0 [ 1392.186045] ? __ia32_sys_clone+0x150/0x150 [ 1392.187159] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1392.188509] ? fput+0x2a/0x50 [ 1392.189335] ? __secure_computing+0xb4/0x290 [ 1392.190383] do_syscall_64+0x3b/0x90 [ 1392.191282] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1392.192568] RIP: 0033:0x7f9fb3b18b19 [ 1392.193497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1392.198105] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1392.199999] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1392.201855] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1392.203559] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1392.205335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1392.207135] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1392.208929] 17:20:20 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x8, 0x2, 0x3}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) ioctl$FICLONE(r1, 0x40049409, r0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)={0x2a, 0x3, 0x2, "d8722f3ac3cc0d67eb787f21140f099b2771d392570039625647c2c92b35bba12a24a6eeba7314a2ea5d"}) ioctl$SG_IO(r0, 0x2285, &(0x7f00000004c0)={0x53, 0xfffffffffffffffe, 0xf6, 0x7, @scatter={0x4, 0x0, &(0x7f0000000280)=[{&(0x7f0000000080)}, {&(0x7f0000000080)=""/15, 0xf}, {&(0x7f0000000100)=""/168, 0xa8}, {&(0x7f00000001c0)=""/141, 0x8d}]}, &(0x7f00000002c0)="a1f88be31dd47a979a064de55e063cc0f0b32173d92dfeb5fa809f3385b1d2833ce463a921ef5d208cb1e5da3b81d7dff2a44fcb67ecf3b82fa0098ff719b5989a046768c5c6d3f4f24a587b2f2cbd240cb201e7a89e2651214272301b794f7fb14efc86636659a13f69529b9527bc36dfbf8f997fcc7f6cec7e3f9512a14b1725369d0fdb3aa1551f41237b015c85ad0892d32585006604e95e896bc0f9b636c7db2eea3c18498513df30140b8b7bcc2b008c5bc6062c98449729d61dc6293f575c56a22a395ca4e28cade0426adb92c0108d8e45fd9899b9114fee0c5b32a3d3adaeacd36a25e7f0c738a8126db7a2b23232d070b0", &(0x7f00000003c0)=""/21, 0x9, 0xa, 0x0, &(0x7f0000000400)}) 17:20:20 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1392.253509] blktrace: Concurrent blktraces are not allowed on sg0 [ 1392.254294] loop7: detected capacity change from 0 to 40 [ 1392.255611] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1392.261675] sd 0:0:0:0: [sda] tag#0 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1392.262603] sd 0:0:0:0: [sda] tag#0 CDB: ATA command pass through(12)/Blank [ 1392.263237] sd 0:0:0:0: [sda] tag#0 CDB[00]: a1 f8 8b e3 1d d4 7a 97 9a 06 4d e5 5e 06 3c c0 [ 1392.264104] sd 0:0:0:0: [sda] tag#0 CDB[10]: f0 b3 21 73 d9 2d fe b5 fa 80 9f 33 85 b1 d2 83 [ 1392.264812] sd 0:0:0:0: [sda] tag#0 CDB[20]: 3c e4 63 a9 21 ef 5d 20 8c b1 e5 da 3b 81 d7 df [ 1392.265608] sd 0:0:0:0: [sda] tag#0 CDB[30]: f2 a4 4f cb 67 ec f3 b8 2f a0 09 8f f7 19 b5 98 [ 1392.266463] sd 0:0:0:0: [sda] tag#0 CDB[40]: 9a 04 67 68 c5 c6 d3 f4 f2 4a 58 7b 2f 2c bd 24 [ 1392.267130] FAT-fs (loop7): invalid media value (0x00) [ 1392.267200] sd 0:0:0:0: [sda] tag#0 CDB[50]: 0c b2 01 e7 a8 9e 26 51 21 42 72 30 1b 79 4f 7f [ 1392.267673] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1392.268335] sd 0:0:0:0: [sda] tag#0 CDB[60]: b1 4e fc 86 63 66 59 a1 3f 69 52 9b 95 27 bc 36 [ 1392.269606] sd 0:0:0:0: [sda] tag#0 CDB[70]: df bf 8f 99 7f cc 7f 6c ec 7e 3f 95 12 a1 4b 17 [ 1392.270346] sd 0:0:0:0: [sda] tag#0 CDB[80]: 25 36 9d 0f db 3a a1 55 1f 41 23 7b 01 5c 85 ad [ 1392.271079] sd 0:0:0:0: [sda] tag#0 CDB[90]: 08 92 d3 25 85 00 66 04 e9 5e 89 6b c0 f9 b6 36 [ 1392.271794] sd 0:0:0:0: [sda] tag#0 CDB[a0]: c7 db 2e ea 3c 18 49 85 13 df 30 14 0b 8b 7b cc [ 1392.272611] sd 0:0:0:0: [sda] tag#0 CDB[b0]: 2b 00 8c 5b c6 06 2c 98 44 97 29 d6 1d c6 29 3f [ 1392.273394] sd 0:0:0:0: [sda] tag#0 CDB[c0]: 57 5c 56 a2 2a 39 5c a4 e2 8c ad e0 42 6a db 92 [ 1392.274130] sd 0:0:0:0: [sda] tag#0 CDB[d0]: c0 10 8d 8e 45 fd 98 99 b9 11 4f ee 0c 5b 32 a3 [ 1392.274846] sd 0:0:0:0: [sda] tag#0 CDB[e0]: d3 ad ae ac d3 6a 25 e7 f0 c7 38 a8 12 6d b7 a2 [ 1392.275649] sd 0:0:0:0: [sda] tag#0 CDB[f0]: b2 32 32 d0 70 b0 [ 1392.282385] blktrace: Concurrent blktraces are not allowed on sg0 [ 1392.283398] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1392.297812] sd 0:0:0:0: [sda] tag#0 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1392.298696] sd 0:0:0:0: [sda] tag#0 CDB: ATA command pass through(12)/Blank [ 1392.299322] sd 0:0:0:0: [sda] tag#0 CDB[00]: a1 f8 8b e3 1d d4 7a 97 9a 06 4d e5 5e 06 3c c0 [ 1392.300128] sd 0:0:0:0: [sda] tag#0 CDB[10]: f0 b3 21 73 d9 2d fe b5 fa 80 9f 33 85 b1 d2 83 [ 1392.300870] sd 0:0:0:0: [sda] tag#0 CDB[20]: 3c e4 63 a9 21 ef 5d 20 8c b1 e5 da 3b 81 d7 df [ 1392.301661] sd 0:0:0:0: [sda] tag#0 CDB[30]: f2 a4 4f cb 67 ec f3 b8 2f a0 09 8f f7 19 b5 98 [ 1392.302402] sd 0:0:0:0: [sda] tag#0 CDB[40]: 9a 04 67 68 c5 c6 d3 f4 f2 4a 58 7b 2f 2c bd 24 [ 1392.303154] sd 0:0:0:0: [sda] tag#0 CDB[50]: 0c b2 01 e7 a8 9e 26 51 21 42 72 30 1b 79 4f 7f [ 1392.303870] sd 0:0:0:0: [sda] tag#0 CDB[60]: b1 4e fc 86 63 66 59 a1 3f 69 52 9b 95 27 bc 36 [ 1392.304668] sd 0:0:0:0: [sda] tag#0 CDB[70]: df bf 8f 99 7f cc 7f 6c ec 7e 3f 95 12 a1 4b 17 [ 1392.305442] sd 0:0:0:0: [sda] tag#0 CDB[80]: 25 36 9d 0f db 3a a1 55 1f 41 23 7b 01 5c 85 ad [ 1392.306196] sd 0:0:0:0: [sda] tag#0 CDB[90]: 08 92 d3 25 85 00 66 04 e9 5e 89 6b c0 f9 b6 36 [ 1392.306920] sd 0:0:0:0: [sda] tag#0 CDB[a0]: c7 db 2e ea 3c 18 49 85 13 df 30 14 0b 8b 7b cc [ 1392.307666] sd 0:0:0:0: [sda] tag#0 CDB[b0]: 2b 00 8c 5b c6 06 2c 98 44 97 29 d6 1d c6 29 3f [ 1392.308409] sd 0:0:0:0: [sda] tag#0 CDB[c0]: 57 5c 56 a2 2a 39 5c a4 e2 8c ad e0 42 6a db 92 [ 1392.309196] sd 0:0:0:0: [sda] tag#0 CDB[d0]: c0 10 8d 8e 45 fd 98 99 b9 11 4f ee 0c 5b 32 a3 [ 1392.309973] sd 0:0:0:0: [sda] tag#0 CDB[e0]: d3 ad ae ac d3 6a 25 e7 f0 c7 38 a8 12 6d b7 a2 [ 1392.310748] sd 0:0:0:0: [sda] tag#0 CDB[f0]: b2 32 32 d0 70 b0 17:20:20 executing program 0: r0 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1392.356699] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 17:20:36 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:20:36 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 47) 17:20:36 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() ptrace$setopts(0x4206, r0, 0x4, 0x68) tkill(r0, 0x0) r1 = fork() tkill(r1, 0x9) ptrace(0x10, r1) 17:20:36 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = fork() tkill(r1, 0x0) move_pages(r1, 0x1, &(0x7f00000000c0)=[&(0x7f0000ffb000/0x3000)=nil], &(0x7f0000000100)=[0xa, 0x190], &(0x7f0000000100), 0x0) fcntl$getown(r0, 0x9) 17:20:36 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0x40000000}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:20:36 executing program 4: syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.time_recursive\x00', 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x200, 0x1, 0x4, 0x4000002, 0x71e0bf50}) 17:20:36 executing program 0: r0 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:20:36 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) fork() tkill(0x0, 0x9) 17:20:36 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) r1 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000080)='io.pressure\x00', 0x2, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f00000000c0)={0x101, 0x0, 0x6, 0x0, 0xb7c}) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) write$binfmt_aout(r2, &(0x7f0000001040)=ANY=[@ANYBLOB="0b01feff920300005103000007000000f30200000300000000000000000000000d12a92d26cbea72d47c28d8d65ffb1e2c34d943f724783aebc7c9cc92703a66329c35af23e82e2df5b40c94ce8e564542500433783cbaee42c77e89e559c724277cc2315e182dc932d55ed5a088a5e59a41381a1b9fbe244927edf312c1af256dd91cda83381523583ca98024ba3008c0053d823f3bbd11e60dbfe0eb79e77c759b1a35c534e72060f355fef5a66347f207cd1f21262c61d70926eaf6c08951b6219e132c4f7334b38d44be20443dc48319c02879727f58d3bf5fbaab4f8d9b8d4d1221e10985a47bc00c1c351ceb9c57e97f9318f619e55d36da41e40daef20704a3cd25a382b92c7d96da02f512984890f2bc2495e9ee46b47ba587e35d94e24165ca08255f21bc0addbac58a8359b01094261a1e393ffb9beb0d63b2c0e731f0f4177d0a34f578f4d116e337b547ff5c7ecd30c284b4df44f05db44635f2d22480283403395e94a2cfe130f0ad8cfa9037a0acf31ed771706054b2884b215c8016ff4ecc3ebd0ede3b80df23386fa81dc5f7347c0c9c906de5684e8d26e9bc7b3e60c814545590649376483efe0a91ed928402176c1f459ff162b99aee79c2f9fa58958e80ceec1fc0ff54267090db2fca028170501f3dcfe83e179674e173617064246493b0b2c30e3603d4695e8d1b5c4d9e0bb713487c65c5abf052531bf4381549375d2ef226609cc5f81326e50ea12fd9df39bfde4a0b00b256339e498a4b68c4ffa7bdec494107eb3664a05bbea2a0862b68f40916370da53b9b4db96715217f7b99ef943a3e27f440553b4cd4ba01ffc6d984f88c639cb68f62ff0bad313684e0c746667766fca65b88152754707e2f7afda77973938ac6c763ba9ea4bd5e6b9665f3539a4936b3ada6785636c40e24c6072a85d7abcef11a896a0cddcce9e063a902509c01b3f7a4d3683ac1afb79c8202961c0eed78cf10632587531ef09c2fe09ef5a37592eb5f8089bafa1316f754b3caf6d913d3c1034cdd6af7094d3b9693a85be6500cf9489e34e6b0e3af9fe27679be72a3faafeb51dff9a7502282862b17079e7a5b6c0f37455ae8145a3b759934381811575c4f49ca488421cd7e4c14ed4d23092b44f01bb6b709b2c5da44577a7d4b04ec5678d1f1ed6ee083a90bd0e4b415336c2991d7f23638fa2e179961f6266f7b2234a2325d3ff0a2e0a5817f05018e676592c927ab90fd6956cc6ecf0efae21ceddf04f06a568c1e79a38f9cbab2562d5915492114ca33cad77da5d6618f3fa7ace97494d8684a4e411858bc7f1f56ee8e05a76189c68babfcab6418894640f9b6fa2d96a58dbbeae4bad6e19739ecf01e687c9c5eb5bef4cbe3ba06520f56f7271a3781dc0ad1fa61e33511c1a8325af2f6f973f5fb2fee3ec947322316414f9e9a1f325bb02510abc4f43706de51e8ec39aef5e2cc8b2b5339eea671b7f80134f55a88fa3e5540aae8bc438554f917657dcde024f91286a33ece6b51bd356220c1b9d28e17286dd7296df40a3d8c8208c1bfd75e0d4abc7e8f611f19601adadf5c7ce4f2e66f4e436674c7531d870b411b48c8186ce11f7bc0df415e500c8e19bbc5677036dc662e55732bbb583be9082343a44c29f92ca4a40c83a5d1e963d395b097da7be0544a5316946b9bcd669bec3fafe1ac234c4d08f1ddb40b82f3a51d68a76c36f8c130dd73ab7f01ac3ca0118342bef9fd3a1a5eb87e5a0acc76b6e5cc373a02731d5f6249ad5aec588cabd5c1afd812cedf1e28ea60969954004c0c806380d3c719cfa1734a83bf18f547436d886c1c5fddad2dc68a5415cccab7fc9cd37c35ea7cc7821a8d9c142c8bed9375e342f5516b37fe9b86395f67ccd969caab4a1b035fc13ad177c6380d425b6860eeb83efad80db99fe7b37de18632f3129fd1065d6c3f05bb7926b8da7547ee94c23fdbfaca89b8ffa9006c2ede68906412109c8dae9dc7d4cd8e815938d30ad67c1f79e8a14172adeda9075c283f81f53591bb097cd6b075f038bb05568d646ca2ce12760f6be3b50cbada16f09b3e1f9cefd14f03f1cf88f7de4373e8856e4513376aa04e8e9ead82a5611d991ca401ed984a1876dea9fb7231b038268cff07e0026ecc4b9a0438aa3c999404761f6a9918226010f777e4697fed87e205f36e092a0b7fc4c534b9fc90c3b9cfef74da131528064497830e5dc34005ea323499fa893b29b65f82896c9cf20c54a5241452ee13efb34e6d0f5d2f6cb95ac2d2ddc0a67a0a4129096df58e0887acdc7b9abb9ede4fa69c0465cdbfe0e8f46b5c32b0a52eab2c311fb90e6ba1778e00941ba4b246fc85fdf984945b3570890c232231ec6b32268ac4e47af98cdc649447e7c0caaf67b82b358964e9ff585342db77880b37cf8f505396e5b30a495f893e60b976e0ab092a41e6580be4073709d1f0cac4d010e647ebd18ca34bd5b54913d1cea401ca69dae04a26bc60494e179177bc1bea2ca1441b140bbb3c97e15ce3c2169eb199a4450a0030f1b5cf4b453b6fae18e854987502e02c006d9adb4023cdafa139df39fd3c005ae072b6980d136220a34f02696890b7bbd0fe6cd4fdfc598918a930e459f57fb72a66d4ed64bcf30edb39cea6f6836c066742365e936d93d9e39d53f0b5a6fdcff04a0307d7febbfdd3638b44bc91ce1dca5cb4652a56d8fa33c0bc47405daaa6a2e185ba83520053a24ecd36e465c65dfe26e0baa50f83e46bbee3f95f98063fe2597b95a38f20f4796a961a350dbcbc57fc9e295aa047b78dc6b1f6472bc9ddd447cc893b8408ea727689ab7559204ee870f718d3977f8d92999d9f68a123a5967ac7f42f32b4124052ef737036098aa7b195da09210e4d6d91da655c4971a27028df65f4d2f32efa54bd547f5cfa9b6e1052bf1d943f617da0e033dce8ea669a4681d246e0725b4d4ebb849a1bd51cffe2604fe3258a41ca9ec2331aa0b643bbd7df6f42c947f48e50536c7deef9f5d69400ec10c5cdea85bfa24e937e6671f9d54c61691231580d9d9ae4b36e75ec43cb5e1930de435380e2c04f84c27c015263573da1540c387cbd2c58394cb250cbb73373ce72054fc0b2acfca29ebf882fdce68734b051aceed8b37101e745e3bb7d141a73f335bdf66a115c1e9bdb7c9c40f10a868c51ede539f2e216003a347f4bd6cd1d5729bb316ffb87a5f9ed7b8458fa033bf6c86cf9c4bf28634c1b1d3173df5c3c16f27fc1a80b1ba9fa9bf3890005d8b680a91a853d202bb8f32e24adba8869a3548c690ea55de89665b4058076485b900d5f03328e86281ead758eb170fbcbe517ae175d17b79565e541927c483177e15ae2a62bf73f064e2fac727f52b83c5204e0e6a527f599767d1eebaaa5e045277f73e5d3da58175074aa67df94b18d8437c2d391edd69720b3c9565ff9636c2d93ffe6a3834c29df3c7e4c00be375439fadd24e2aca1864db804dcb79fa49830c181e1888f58a3800ea426cb653a7af4c889344a42c86817feb6362ebf85ec182ff0092082afceeeedb9a5d950a51b605f8685aea1803340c1a7dd16050559201daacc0afea5e0ec6b56eca265129f13bedb342bddbe1fc16a8cfe77ad0883ec5c0b6cea58c2412865b6f2ef28296079fe3837e13733675781d1026c7a43c3edac3ffedf9851d241b6b49c75778e1cf2109bf19cd02defc942520c0979642bfd9a29ef6a4c8b28cc6e6fe94412223a98efa84f37065c9b50c0d11d9a5fb8ac0f4633db3a637c74f671198dfbfc64fdda66e1f185b30e34003bdb45ad6166f76df6920f224d7170b3f6d0c839bf484791b8d4c98466b666c9967f3924e02d791e80ee6b7536191f7447adda70b78bb45efdab07a02addec21e7809efc18c7a48c262197d1e4267cd78debf9018dd9b5ca5b8371ece1d134906aef0b09308d46706d980242dbfab980f21273944a78d3cc256c6b7eb6fb487eabf385c989ec474f646bca0cde4ec006064e477b8cc77b76211901d7fcb5e1dd04e25332e032b0eccaeb1d70d3194a6892b6504e4248601a1767706dda1ff6cb2f3238f5707bc912bb7c95b65cf9913be560847fe8d6a041f01aeb97756734236761f9e94aead9ba420a2d8c5832158f7fe57fd722c85c019baf4280974b12d9aa769a034457f50b3969147f0cdc2de275c98db6a92c4c0e1c0def27dae2d656f5884c116a372aa1745fffc0c36d04957608ff8cdc1c807efe6694936acf909d9332588051fdb234d2e37ee1f9422d61cc4e6033aea54bdc4efab285a87c4630a1e34af364f90748ca4226f4380ab0700eb7efca4084c7414d927aafe461487285cfc91238e2a9944d06f5fad7597b5723d2bfeb0403e110d999b60cd54766bfbc3c7d070179e0ab662b398387caa3cf96a9bba4d8fc930f72509abff007590c106fcc55539c687ec5e3716f13bb0c61211bd49d070f8e88eeefa772747bbafbc8e3d732876bc2fd4c5d05445ab6909ada5a512113aa64d7f37aeb65c0c08996608251f91ae6b60841998edad1698cc88e47ec1191604a05a72b05e4acfca66f3581d2061ad42ae7380c773cb202ae45c5decc5e34a4cf1a4ac397061d5fbdc56793a25e45892bc6b1d9a0f70fdfc501b7202e54e54ed81915c36932f02e43683d12fcc19aa512426e5e1c00f6192f3d006a1d0a3cac8abf1c93c68daa9ed446ef48dbd0f7b9a24730b908b0c904d68f205f40819eed41a73f54a720d7c47b62d8c1cfd7b2a8900731716b9a33521ff4aab63e0ae0b6433c2ed7171a54bb5a0ebea1b2ec321f6c01a8759375b9aa884c1e830317ce26688eeb3062276a5c39b855a7e55d8a4f5ff3f4b8fb86c13582c14a105f64f903e2e4174e3501f93b93947c2d8c3254c3962fc311ebbf7e0b281c4db1d094427b00cd6fb20769fac734bbfac63c5c8d5b7305813ce162dd3d388bd0ba00bbdcbb161b0224a4eda4e62516a6bfc817490d5f12247850ef3832ee3caae66bc526a18bc676f35a374222b87078512472acda5a12822942760e1d10b832cac8a5eee6b42f505e86f7e2cd6f25c54d7b8741664dff1e1c5489faaf334a4feed5b8ec7838a1aec44d728059a169c278e0917e5021138abe36a062052547b138f57d7cfe85df02e4f613167a82c0d8f5a9a203e7ff0d7e55cc5025052b69c6ae6bf370f961ba93232577d6021d0d1ce8963cfa78bab595e02b3981e6b35d8a1493e9616b5f398daac4d1ce28f43ffec71761ddd9ae490f51d1bccc9d0a2a3e38d2652ee8d3097f5dd0dbc6d817398b1a072330aafac5b0e0211b24072956d7cf64446c1ce461f429af56dd9839006fa8ec88279fb963790869fea43481ff70f7e0dbc1aee4528c0fdd11afc2c94fbefce085abdcaacc6004ce2ca1cfea47b76463b5d3f6df013d880eef72b48d463a04d0e37a19ceed3bc89a38f99112350492abaf2c118098c3b52271e9b7749bdef14c1b42183fe97b4ebb5d52455b598af0cdc6e0566a37d7f3f126cea56e625aadfa8f228f40f33d1ee4ed2c46b7832af500e54e8ea71ca144e276eef94c1bb1a17e63ad134191749bd4ee7cad923d6d5c6934293b1ffa0a3c0103fdfd488b1f5aec4592f17390abf844f723ed1d9ff53cd1f8172115dd21276c257826abc9cbf02404859bea7b7f12d28a864f2535bd8e31d6499838e6f613088c775ebf7efebc2dee94cb0fd819f0b0718b5f5a8310cf0ce58b0983d0b1ae09623a38c9fe2dfd29359e57dda76377ce5b1cd8de16018e902201acaa1a7f676ec8f3d68be50df4c1f01147fb613e1feaec2daa405d003bc0ad9e9134d100"/6176], 0x1820) [ 1409.130430] loop7: detected capacity change from 0 to 40 [ 1409.140449] FAULT_INJECTION: forcing a failure. [ 1409.140449] name failslab, interval 1, probability 0, space 0, times 0 [ 1409.142099] CPU: 1 PID: 28263 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1409.143254] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1409.144858] Call Trace: [ 1409.145242] [ 1409.145598] dump_stack_lvl+0x8b/0xb3 [ 1409.146166] should_fail.cold+0x5/0xa [ 1409.146735] ? vm_area_dup+0x78/0x290 [ 1409.147317] should_failslab+0x5/0x10 [ 1409.147868] kmem_cache_alloc+0x5b/0x480 [ 1409.148468] vm_area_dup+0x78/0x290 [ 1409.149028] ? lock_release+0x3b2/0x6f0 [ 1409.149621] ? avc_has_perm_noaudit+0x1c8/0x390 [ 1409.150293] ? lock_downgrade+0x6d0/0x6d0 [ 1409.150907] ? copy_page_range+0x2cc8/0x47b0 [ 1409.151577] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1409.152358] ? __sanitizer_cov_trace_cmp2+0x22/0x80 [ 1409.153116] ? avc_has_perm_noaudit+0x1ef/0x390 [ 1409.153841] ? avc_has_extended_perms+0xeb0/0xeb0 [ 1409.154114] FAT-fs (loop7): invalid media value (0x00) [ 1409.154564] ? lock_is_held_type+0xd7/0x130 [ 1409.155310] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1409.155872] ? vm_area_alloc+0x110/0x110 [ 1409.157205] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1409.158035] ? selinux_vm_enough_memory+0x10f/0x170 [ 1409.158798] ? selinux_sctp_sk_clone+0x370/0x370 [ 1409.159513] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1409.160333] ? percpu_counter_add_batch+0xb4/0x170 [ 1409.161092] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1409.161825] ? __vm_enough_memory+0x184/0x360 [ 1409.162502] ? security_vm_enough_memory_mm+0x8b/0xc0 [ 1409.163479] dup_mm+0x53f/0x1250 [ 1409.164023] ? replace_mm_exe_file+0x490/0x490 [ 1409.164687] ? __raw_spin_lock_init+0x36/0x110 [ 1409.165572] copy_process+0x3848/0x6cb0 [ 1409.166151] ? lock_is_held_type+0xd7/0x130 [ 1409.166765] ? find_held_lock+0x2c/0x110 [ 1409.167566] ? __cleanup_sighand+0xb0/0xb0 [ 1409.168229] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1409.169230] ? _copy_from_user+0x139/0x170 [ 1409.169904] ? kernel_clone+0x2f8/0xa60 [ 1409.170645] kernel_clone+0xe7/0xa60 [ 1409.171225] ? lock_is_held_type+0xd7/0x130 [ 1409.172030] ? create_io_thread+0xf0/0xf0 [ 1409.172654] ? lock_is_held_type+0xd7/0x130 [ 1409.173508] __do_sys_clone3+0x1dd/0x2e0 [ 1409.174106] ? __ia32_sys_clone+0x150/0x150 [ 1409.174767] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1409.175549] ? fput+0x2a/0x50 [ 1409.176034] ? __secure_computing+0xb4/0x290 [ 1409.176674] do_syscall_64+0x3b/0x90 [ 1409.177220] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1409.177965] RIP: 0033:0x7f9fb3b18b19 [ 1409.178485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1409.181871] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1409.182883] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1409.183865] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1409.184846] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1409.185844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1409.186828] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1409.187844] 17:20:37 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0xf5ffffff}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1409.220083] blktrace: Concurrent blktraces are not allowed on sg0 [ 1409.231782] blktrace: Concurrent blktraces are not allowed on sg0 17:20:37 executing program 0: r0 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:20:37 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f0000000080)=0x1) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r2, 0x4c01) ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000001040)={0x1000, 0x3, 0x10001, "1a0d1b4da476a7aa14fc1729af7265a1a3cdec27358a4286d4efc42db91a045d1604dd24e76e5020c0540930daf5019f6696a82e71988540778946b023e4cd5e746ce33a9b15c4aac67594ba75ebbc16f826a95d3c41d85464c80b6ccd5a1bc0536f633cf6f221956d0c2a7befa7c4d9c55b65c9c661d1b52a71d8f5ef37b72aac08a0d8b7af47e105574968b2d1010a091a70aff692f00233cebe4d3745dd3d5f6d9da5dc0dab802ed9201f1647742525dcdcb32d30521cce3bd29c26e26c0e0a29aa687a5a683c1a9fe3bc27164e995757c14608264f8a0b3e113e949680bf25aca04e2b2c9fb09012865fcfcee93ab8a0eb469ff4dcbf5c2d8629651a0f96fccf83e8fbc1044bacf3b757de62307de92df2dd546d6ba3fda7af4cc80fc476b2eea1aa9ab2b7889bbaba3a726e4e16aee2dce91bb80f3e02e84549477c119ca7c0a06164623cd3667da815305445151b34674c16d0a54033ce25da6703507ca7182dba3f2bc03a634a58bddb7041f0f562300d519b3575080291a910732eb980cc9f59709fab158df1b4d0c448f53e1de92c8015490c7fc23a6925cb224c2f15cca83edc3d94a94558a0b0256fed758a5cec71cda731e1b4c8af6fa31ba55068e7af1efb0afbbe8ae534fcecb249e74c0bdda9a793d1cc1b6936462372cb3ea1ac718664783fedf8bf54478765376c4cea01b3db21f738761a009d10ead712df57161fc2b62804a4ff1bdd1c239e4a79f93e43ab2c55cf756e4fc9566b95b2dd1d663806bb8a47ba48bd498001dec0ae5b38bc1ca31e4fc269cc36a94e2782bcb27581a4a09c7b73bd9ef2da708fbbfec08a71f48f5508e6aaaf8e1233565f2236810cc3bd7aba3d4af8d44ccca5f4499340624481b2942a287712d7e0ce57f4d286177ba1bcf5c912326b9e1113954f28fa11f2f5e0229ed4a2d7b491a769aa0023c896d9f4d3f457f5de1187384455be2ae580b492f87150c56d0b402f40e5ee98e264ef3c9feede449e1768f56aabcdb07580ccc0252f63da2433a3ddf6efede39459ee75d62465d2e917247cd458125c6818557a72bbb70c8b8d64a297d9e990dec087a12611963917e5840ffceebc0b444f14d3f73f779c42c08932a9732461b89e1369706e592b77e0a504ec099f636f5f56469686cb8751df01c0036c4ea963e8bc53af6249c99b059389df23a8f91475805ff9a8f9e6040ce9078c8a81a98532f9da01fc9e028ef042b03f8c1514d6792e617862ed97c0e4114257e3eb3eda14fc094d4fe463ea8026f77c3ad1bba1d08be0bede0f5c79e8b0aeba56f0895e732ec9469f47e9d22bfaa7c29e124d39993c1a27a11a315ce16203e05d8278691141eff643c90ea1dd4c3024a215fbe97d996445a27f885511462175374b2721142be24d17e3339f6d28e2fadf1b6ef9de656d37118d8b9d0b635491a1015038a6adfec0ca5b6731fb7ada2cf3c55a5e85f26856efc006dd328ad577e49ddb064f4bd35edd737488f509707fb450cd094c6fdf85d9a59f4ee9abe3a6997b25c8e79e433e55db130eb6176d0cee6e028585dff4cac962e6d986dca568363ac7bbca9e8404f8c4d60328aa338085c9c554b287c84f6f4b6859f985f58d5df34e1b9204761bc11f3617c1c2d1f1b31ca85a7e334cccb71b1b0c38a7a9b42faf525f426c06537b7c0136ea786cac7be0617eedc837aff14fd5fb068259c9f9201e10f714f7577299ee7e2987574d739de5bdebc3d5191ebadce681aba425f6282d778b398e2d57d4eb276625dc709e315d1a16f54e8022babae83014928cfb03e404d2d338628e066b9c2444a8a950cbe6d1ed38a56f1090c972722abbc01a8ba8be4dc1925635335e1e4527f5814595135bd30f7102c1b797a72cd2005f6c98e526f8c14603eaab8eb77366803cb8f5e33d1d6110fff56266a07359ae46f57f4dc30c260505610379cb5e95d99325427e17d09e95c47c9406968c5b53a7a4e78163681bf737a99ac248fffe71fe2cc162ad71d89afce64870161881c63e3f5d7f9016d2e2ae1580b720a0c187cc5c28c3c7e0a166ae4c62810d1ff104f62e24659378c7c9334ef3ddc53eb6c1e6de0df6983f588c5944095ad38f6bdf3a39b177f9b9f41125fe81a45c0c7928def7b2cafd026bf86c3cb34ed4d815df3261288fd048df3beec80c8de6e2d8d7309e483c7d41edfada7dc0634dfe2824052cc935f712dc2ee8391f31a7bfa24f5dd616752558b10734d6be897065679d2ccd6db62786b55d88e6f55604d00eccdf7bda91c48c66f8579175499a1bc7f8213d092d89ea1c21db5b5d94621a4e85a10c50ddd3b5747df5c667e1ab56330dbd310048cd62a4fc7237f01dfba0fdda08f872f0cdd348a0d1dc48e8acf4e2a50a7a528a494bb516f0d8f956272d868eb4ad42e204700b9cab11fc5a3dfc452abe0624e48e6665a65e722365a9b8537289bff379181b4117397fb64cd74b33441fd92c29889cb5744d787b211b95605d9256e10cf52d05c1c840198edd04b62d588d49120d6a08bf74e93eea394c44c15a12c3a77d99808f2c3d9d0893683ca1d150bd58349138456d746c3e8cd4557698a2128620bae8f64da31505b35263c84686038d015fe6df5e09c2e5ef9541d83b5e2a87cc1dd5367f43a1de8719639bc7e25fdf6497c4c8875efc116ddec37148ed23da1ac1908b326b25d0068dd50ea02db40f2a9548cbb328258627d34cb45352445b1bddd4a7be2acf9849cda15c47a1de99e98f194c8b7c6b005b12741f5dff5d8fa7ab5cb50c533f9aca80dccc8434fa05ee2b7611fdaf8bc8b8d3d5d94f00853bb52cfb2923f379baf2050cfb17714157e1341278c0d341ff4cd6bc3271e13bda9b6037b25b95e991399d5c9f9cf0d67222c70fb3d748f83a2e9e8b8289815011f2aed0b70bd66a4b092b503aef7f78561f4563b3de201b6346492a2280df4755988d1e918a76ce3fcdf8b38faf491a0c3f14cb0df5ce4872122c7b41bff951008f6c58531c125896bd0575733964eefbcfac58c3fe8cd087c05ff09339101fdd2052929f4547c149109602c99e11221becf7f079c5529dcc8fa9dc33e4b6a2da67dc9c7ca271b196eb8e707981c0086ce2d03a5d8db381d468589a80d82233a2254f8770dd00c5051b230b965c672de77ac3cc371169e7a1b418067dd9d412cdbb63a96bd76590371febe0920b5048539e59286e601310745befe015f389620f2a2ad4e35509bceef42e7bc7acc36b84255077288a55ec11bfbf2b114cdfd2dbe22e64bbc5d3a2353674c94989ad66df7757552f2a2f3b14045d9ddafae3f89071605c9c32956df2ae7a8e4afbad08d0f24e016b0a0598ead52e5546e690550f3944d6944e0f5d2576c859d4ce090b5e6a982bcc3c5afd91e201c6cf86fc0b6b944f3c85009c9463f0fc01c1e4f768546f5997ff14b2854d1e650c9a6bb09742d6d4ee3d1cdb57511ff27223bae743a33a4ebbfb856457a12c2c66acd7ac47d589b707baa02f9109edccf361633802983ae9180fcfd91233e3de945483804148a80b4fffa33639ee2e8a26a6ab8de43c63032f5c94fdecb70a6ba034e54fab64307200e79930ab5a41fc4c27b6d1224b9e44766060c00a1801684ed9c70a53132f8206837bcaefb6919b8caf4546e4c107593f616a509c5b090c4e19490ee91c0b73807822a4e92d191058b44c3c3bdac584d91d6f7494b9c96badff2b3687a33029005d01f496d18731cdf236bc0278d749f8addc46498cc4024be3561f1afd0d3b5037a2a7a607bd333cb54eff532bb1f7031aa51cffdbad1a1f82a02c4c00e18deb2176e2f15345d2f5bce486bcd757a2e2e30c644d6a7d9a33321c0be8d31092a1d70dddfb14a6a1a09f10c5a71681e17b054670b75269de5f2c71831522eacc895e57902322cae6a83366a59b2e3f998415524102c9980abd0b5c4e674b19ff7fd1ce4693d7457ae522f4edbc8e356bcf8e9a1a0414b2db7d244ae974479a26b5536026c6253b0cffaa40f4f1ced7fcb918ed636ba4cf9819658457149f24b1c417c7fa87bb47e99f5a699261887534e2e18c3318451df9254b3dae4b65049a682f272b6389e744335ac397bbadf4a8528bb2ee055591b34219d10998e5a63b04bd817f7c7f008d4bd491bdfe9154636a7b66debcaa645a0d3799478fc58c0e9336af120eae553b641a30a9fc3f4ee3f9f5270ecdc6829b18db4c3a96f61b2d3630f2698ac432d76f023b276a536b3c5edd320a6fdd166d71279c1b313c66be677ba1dad4a74f6ba04424dad8857b81cc9d10dddd4288d78113e3fee771022ed6a1f1aa9221bb0a2e78f3a0f1a299d4fa053625e8bf04ac26bcce3bc345463c2570bd2c24f2e0a53de15c4c82ae31b235842d735aaa04d060822b813d9ad927fc5d4e2751992ef63ec4f3689477a2540d5814b3b29127e71e84a915f692fb761b7b11378d5a416921dc1d60fae9aa7bfac8ef314464f2351dfa6416abea2ffa2ccd55a1a497f01e628860b5ca9f3ee69d6e0d1dda858c4fa795e37bd90a05d5dc8c1f500cd5bbbd0f5973d422544a652b03aa44cbd71a023b9051b74c2d684f41fbe9bde054f84f8d4f984fb36d3f14da13763bf54ec67dbbc6225525788ebc730184d8112c105323bf26f047e23469d80c97a1b582c26eed417170dbba1367a34280013023147d93659aa0d53f14e411e3053f1410bcef3c4b83dc7302343aac08e2313a8f61a44c378276524527c1416ce1747f8dd140d2af65726f6c7bbb118c1450962491ac03c727c6af7d335e3c4e9e51f0eaa4ec019b125bb4ad762126dc9fa88bf80c0d09127266a32cfdcb05b696154c3f36be8d6bc691a7951060ce5befb6577f71f1e05def55e482e7e9131a30c145742f0984e7df7455ef5003fd656995d9216f2ba9102845044f3fe7b668bf379529cfe1084d08be3a26eeb294532f0ecdb31c4e5cfe280c6540d5bbdbf3e9ef1371083a695e5930355aa943d15b92f3bbf6dc12524c8321e77adbf937dadf408276871e8bbc07b5b5d3f0c89f871fa6500bbe27891dea6daf2a9e0c5cca504dc8b3be2d59e0a03097f16c4a15034d900346e72cf17872ee2fdf3f9318de13520f51fcd2cbe853b3b2b8038e3de347b51ccef87185f68a3df7ebee47582169f2921efb12c0e7c50f38b2ab0aff2ef83173acf4d264f53c04fd4d8271265c0187678fa433c9d84d35abea68223bc2e2ba082ce574a0e9b8483fd94846e4fcce49605b50d2730bdf2df0beaae3466141825a746a6dce775074ecf7435e5b11181c2701098daf53251fd7ffc55a62c7a04d92d692f1bd26ad02a8e4a2e97b84857372bfe93949c115d4f6953b028831958e86048f6ac2c91423d0734047b2df796d78474683a835c85c2bec4fb885572aeb163d339678fe90290aff391bcb4acbea7e6b0ef9b8dad5379b187adf08468830a2c0024b7df130539ed605475d8c3e42dfcac4a2f213cd9767be9cb3949db6257f20a41f92f2d89a95e622db9bd584fd38de3de6b3f66766f70a52928ad8229a15a79c8e785a889a4e4c97bced056d0c412f9b311de8d1af0732882f7a098e3c16c934f06a4b4ea07ad3aba98f1c376247d96db723055c27b4bb9459d2f94d646df10754999bd28faa231ce632e5b3326cff606c09e0d304226319693afbbaa314330e139f22b9c94bd4caca11f9ddec8cc8951f5d84b75597b94470446a3bdcf3e4b0ca973817fa56de7e4f1cb9f3db02b50e1352a23e691321763dac1c75528fe772ef94d07b"}) 17:20:37 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:20:37 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0xfbffffff}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1409.471918] blktrace: Concurrent blktraces are not allowed on sg0 17:20:37 executing program 0: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1409.485643] blktrace: Concurrent blktraces are not allowed on sg0 17:20:37 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 48) 17:20:37 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0xfc, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) [ 1409.507948] loop7: detected capacity change from 0 to 40 [ 1409.554189] FAT-fs (loop7): bogus number of FAT sectors [ 1409.555432] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1409.574777] FAULT_INJECTION: forcing a failure. [ 1409.574777] name failslab, interval 1, probability 0, space 0, times 0 [ 1409.576413] CPU: 0 PID: 28691 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1409.577500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1409.578936] Call Trace: [ 1409.579278] [ 1409.579577] dump_stack_lvl+0x8b/0xb3 [ 1409.580101] should_fail.cold+0x5/0xa [ 1409.580614] ? create_object.isra.0+0x3a/0xa20 [ 1409.581241] should_failslab+0x5/0x10 [ 1409.581760] kmem_cache_alloc+0x5b/0x480 [ 1409.582314] create_object.isra.0+0x3a/0xa20 [ 1409.582901] ? kasan_unpoison+0x23/0x50 [ 1409.583444] kmem_cache_alloc+0x239/0x480 [ 1409.584001] vm_area_dup+0x78/0x290 [ 1409.584499] ? lock_release+0x3b2/0x6f0 [ 1409.585036] ? avc_has_perm_noaudit+0x1c8/0x390 [ 1409.585687] ? lock_downgrade+0x6d0/0x6d0 [ 1409.586236] ? copy_page_range+0x2cc8/0x47b0 [ 1409.586820] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1409.587518] ? __sanitizer_cov_trace_cmp2+0x22/0x80 [ 1409.588195] ? avc_has_perm_noaudit+0x1ef/0x390 [ 1409.588815] ? avc_has_extended_perms+0xeb0/0xeb0 [ 1409.589470] ? lock_is_held_type+0xd7/0x130 [ 1409.590055] ? vm_area_alloc+0x110/0x110 [ 1409.590606] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1409.591319] ? selinux_vm_enough_memory+0x10f/0x170 [ 1409.591974] ? selinux_sctp_sk_clone+0x370/0x370 [ 1409.592599] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1409.593308] ? percpu_counter_add_batch+0xb4/0x170 [ 1409.593978] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1409.594629] ? __vm_enough_memory+0x184/0x360 [ 1409.595222] ? security_vm_enough_memory_mm+0x8b/0xc0 [ 1409.595918] dup_mm+0x53f/0x1250 [ 1409.596400] ? replace_mm_exe_file+0x490/0x490 [ 1409.597023] ? __raw_spin_lock_init+0x36/0x110 [ 1409.597668] copy_process+0x3848/0x6cb0 [ 1409.598205] ? lock_is_held_type+0xd7/0x130 [ 1409.598783] ? find_held_lock+0x2c/0x110 [ 1409.599342] ? __cleanup_sighand+0xb0/0xb0 [ 1409.599914] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1409.600631] ? _copy_from_user+0x139/0x170 [ 1409.601209] ? kernel_clone+0x2f8/0xa60 [ 1409.601753] kernel_clone+0xe7/0xa60 [ 1409.602256] ? lock_is_held_type+0xd7/0x130 [ 1409.602843] ? create_io_thread+0xf0/0xf0 [ 1409.603426] ? lock_is_held_type+0xd7/0x130 [ 1409.604011] __do_sys_clone3+0x1dd/0x2e0 [ 1409.604560] ? __ia32_sys_clone+0x150/0x150 [ 1409.605172] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1409.605920] ? fput+0x2a/0x50 [ 1409.606374] ? __secure_computing+0xb4/0x290 [ 1409.606968] do_syscall_64+0x3b/0x90 [ 1409.607455] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1409.608133] RIP: 0033:0x7f9fb3b18b19 [ 1409.608618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1409.610921] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1409.611938] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1409.612861] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1409.613779] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1409.614694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1409.615603] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1409.616542] 17:20:53 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x0) 17:20:53 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0xfffffff5}, 0x0, 0x0, 0x0, 0x0}, 0x58) 17:20:53 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:20:53 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x8, &(0x7f0000000000)=[{0x2, 0x80, 0x4}, {0x1ff, 0x8}, {0xf7, 0x81, 0x56, 0xcde}, {0x178, 0x7, 0x76, 0x40}, {0xfff8, 0x5, 0x2, 0x5a83}, {0x8, 0x4, 0xff, 0x6}, {0x81, 0x40, 0x1}, {0x4, 0x81, 0x7f, 0x1f}]}) r1 = getpid() r2 = dup2(r0, r0) clone3(&(0x7f0000001700)={0x4108100, &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600), {0x3d}, &(0x7f0000000640)=""/105, 0x69, &(0x7f00000006c0)=""/4096, &(0x7f00000016c0)=[r1], 0x1, {r2}}, 0x58) r3 = fork() tkill(r3, 0x0) r4 = fork() tkill(r4, 0x9) waitid(0x0, r4, &(0x7f0000000440), 0x2, &(0x7f00000004c0)) recvmsg$unix(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000340)=[{&(0x7f0000000140)=""/218, 0xda}, {&(0x7f0000000040)=""/44, 0x2c}, {&(0x7f0000000240)=""/132, 0x84}, {&(0x7f0000000300)=""/62, 0x3e}], 0x4, &(0x7f0000000380)=[@cred={{0x1c, 0x1, 0x2, {0x0}}}], 0x20}, 0x140) ptrace$setopts(0x4206, r5, 0x0, 0x21) syz_open_procfs(r5, &(0x7f0000000400)='net/nf_conntrack\x00') 17:20:53 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) read(r0, &(0x7f0000000080)=""/204, 0xcc) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:20:53 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x4) r2 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x0, 0x5, &(0x7f0000000440)=[{&(0x7f0000000180)="3e978b44d119e4106db5e8429055ae84b171f6f9b4965f09751b8ec1675e93b30420f982989e2b6404462a5cfc8bd3d0ec4c", 0x32, 0x101}, {&(0x7f00000001c0)="01801abb9bd53a76a0258b2cd4823bb5892ca66f02d026e136597299c54b624d17d42a7b7b35dde79683ea34a2d186820e0bf5144b9d164366f8d6d7c62d95a20f6dcf43f2e986b6f92a67dc7682e1dc87af8d359df147da738778cf9be6590e974f0251e5e7ea5e290f6fd99b6d0cbaf0316bc30277e24daf8415cff37fb8c6b3a81a885319df88b6996e99d278f88eed9d21a87d8efca2ee65fadded73d858d2c2c13e199de2a5d913666e819f0b0ebb5204299bc3de79aea864ed4b3acc3d211beced19df7df2c101b4f5c0a0d4306801fe3f54634e5867bc6f72356dd4b4cbcb409b", 0xe4, 0xffffffffffffff81}, {&(0x7f00000002c0)="8128e70ca79cf2dac2b43cdc6d706d2c2eafe5bb463029be6986cd7ec3c885ec1521aac703fb97715a03d8db271b18784f9c545293d79f44f927f7362b6a9171d18085b60c64701f2ebc03486cb78e1a7b10511155df5f62898ad7bf2e8a2cccc2c05d1f54e216c452fc766ac0a9079cdb225fba9ad2847a1ca67e0e91917f44a5bb273288dd8e7a7f1993f4f26081cc64f6ab1af9a4db9473c013f77664bdd081d2eb2693897297f5b68716419cf07ef6f4ea2d4bcd0fa2cec90940c080606edf1a64ad6bcd2fd9992eb5612f2b0e465a8d621f5179ab9c534cba172ff7", 0xde, 0x6}, {&(0x7f00000003c0)="44beac26c2a674b575d2ccccf44bf170d9c3e9a98600b279a2e648", 0x1b, 0x1f}, {&(0x7f0000000400)="0c317cd4d114132c1ab0", 0xa, 0x9f8}], 0x20000, &(0x7f00000004c0)={[{@nr_blocks={'nr_blocks', 0x3d, [0x5, 0x34, 0x25, 0x37, 0x6b, 0x32, 0x35, 0x6d, 0x74]}}, {}], [{@uid_gt={'uid>', 0xee00}}]}) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) stat(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r7, 0x801c581f, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) r9 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r9, 0x801c581f, 0x0) r10 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r10, 0x801c581f, 0x0) sendmsg$netlink(r4, &(0x7f0000001f80)={&(0x7f0000000680)=@kern={0x10, 0x0, 0x0, 0x22a0400}, 0xc, &(0x7f0000001b80)=[{&(0x7f00000006c0)={0x1274, 0x29, 0x800, 0x70bd2b, 0x25dfdbfc, "", [@nested={0xad, 0x67, 0x0, 0x1, [@generic="732c06c6a68d58425e36f57b0217710ee73d76b7f1989494043a530be1bface402188a2c1e09e0bbd5fb55e2f7f987fdbb2ff32484ecd7276d9552b46b2606fc8a4da047b3f6386022d4174e878b66280a66ec35c5f478f9a95da48ce3b08926d5b4cf36601e9eaeef073830a2a96b4c863cde6631e11e5bfb4b29d3c5997510c93616649626ead4767bd3cc71cf9307a27c172fabc3ceb3d11d6163538007e1fcb35cccf02f6ed922"]}, @typed={0x8, 0x19, 0x0, 0x0, @fd=r1}, @typed={0xc, 0xb, 0x0, 0x0, @u64=0x5}, @nested={0x19d, 0x25, 0x0, 0x1, [@generic="88260958bf5cc27daa04f520006e35ca395ed704831fdd5ad6be2522d4debc6deea8da3feb7cb21a31580441294b0246ae1d15efcf1a5f41c0f17c37c1f7498c976febcb8b0600715ab01ca47aeb6687754f", @typed={0x8, 0xe, 0x0, 0x0, @ipv4=@loopback}, @typed={0x8, 0x80, 0x0, 0x0, @uid=r5}, @generic="a0f90f2d03045bbba59803f6440a2547eeea61d1f8aec4b30ce1194f7bee4fdd3812e1f729115afdd1d536eea0c677ad7d2dc545d302a73a31658d803605254b92e86b3f7dcb5185859fb17d88f053d371c3df7ebda786d02623ccc60b802536aa7747ab54c043bdb26d23397372b54d5c9410f0a840a24d15061ea5cdc9821abb3d677f551958d6992559f3a2bbaf64755155c525046430fe60", @typed={0x8, 0x39, 0x0, 0x0, @ipv4=@local}, @generic="4f509332698ae235af96f5c9042fbfbfe643abafe79f21a17f4951c156d6611d1d8d1df67c18380ede6aa4b4d998d75f0587d5c0393d448ea1f23b459a881a8d6f655d558e5e23dcb3c63ad7609fa5662350b2a26f13e1f702275ab7d5b43e6f058080fde573b7402d52528b3afad7bebc0a11de8280dc39877ff5d63202cf95cc8efd5193787cfb41f29ccd25663cf5cb5c33aad0"]}, @generic="b368555ba6586b8a0b84a56dfe8920cc6152e2a00c1005d988efdc8998663cd9271a4c12b4d6acf29bc04f5b97c815f69a5bf874605cd86fbfaf501c7e3db26cebf3697512af7b2f6f04dfe6b1e2273bf5d0ec254868b960951fd2de10392009964366c7847f6756348d2b22c7ba8e5c52aab7c6ef5390218bf8766a00f32a78394dffe17fd3d7584eb8bc6d2e71ab683218f3bd8e83ec9eb6c6e3700ab774fd8d2ccace2ae82b902e7f95ffc139a5e85c4509bee5c7cd3d62d9ad3b7eb272ec5dab3e5c1355cc2af18debc5fb285a2b9ce021b6841d229570cc00d2f9011fcf894d314464562cf6dc6988814e94379b9a501e69570b1c894085788b29683d8de0c6d93232e589c12ff36de3b552897437788c328c7de224f6fd1e46670eb624d1bd0e88390f074ae4ad36ca74fa373487ebce59f4cd2628e1eb9d886e78c03f07f459ca49964a7936365dcd494383866e922d9bdaa030b135954f72cf1c21a507475572c4f9e54151e9f244a2efb7ddb01d148cea504573d659c4d6990f65e21c96676933138c03934145d2fe10e3d3b8db9a14e79d78a422d1d278ab95f100818aef8ce3e7768f59652b59c1607c9a01f15dc92e9f2006608356201f4469d902f08d9e0e365affa7ecbbe3eb14a73cf18c6afe4256007c1291ae8d44457a1b8272413fd4123a191288050fb163a5d4a821259049eb2cec2f1aad172341cf7d36226aabd8bd6872189ea9543ff0a314ee806b405683972b3042d565e5dcad404aebb6fc370dfee00a69b55e73b960425ecb95cc454321e5cc658a7051f3ef0d678abb632583cb78bc5a6799c961148e656e314e95a6caf549efd28f374f3036eec4edd3f3462b3b36db024efcefe983f7e9e86282c9d36d312d738baadec8dff8fd30c8639743e13326b45b9eaf06003e150ac7c60c824bb3e35dc410b17ccfc62251adc363cde8a902b7835ad2d1e6d16eb038f49d480caf2b443b92e26913dd67b8e14895f554938ca61ddbaea1bb83b9b67df19e57e6f81d57bcd7168ce189f06eead119af4f34cefeddffefadac347530cfc2c1b0f1e0f5f80fc62560330073ef4f78757c5a6cc41a6f50c8292bc33fe05073a5faca4bc6d92707b1dd00c02ddc7f9622ae89b81c08d08e400849216ca23b1a5aa36fac0b3cae609388ea908f10f9227139fe4e55e6d904898f8a5d85f3136e420c0bfd34e5900207eef5543fa064341f67f9e9b7d288e2c0c368ae7bf67a51d56b22385421695cb314ba40057222728914b71b67f8e785e21250cac657259689c024ccd1ae22d45fef0df598e0535e1085b88210b1a7079337eb61f3bd2c4ef315037df87586a07c78d82e27e07431d9df99f6a16fe62b4ac01a30f1f4a3318d08ccad58623f2d4191be51eb23ea907da2ea273eef56ccbbe945bd2404558849bed2200747a972f0f02f37240114b7395009560b4eba7042bf62255d3c1eee987bdcdec2e43ab4b9a12b1c50ddef86cea5a2b707a9c53cafeece8d2b2b1ed6979fc01b67a94d15085c8bbc62ab764d5473b5f7b21aed120567310cb52059e44e5e6819fc6c091ad406c5acc831cbd0d7b424aaa7892581a61cdd75c07ff6e7cc4a983cbe1cb8648f010d5365772d884fb6758ceeb39523bdf57286d6d2b766946ee01da5d84ada74f07ada862a7ca861027c7e336a7884e8ed547b26e676fa2805cfa855a0e9f738ca26af4fc7b0737a2f4bde7f4671768aff70c21689633e054610c7692c1ac4f329b81861b9573b756f3cf362b400ef3341cfd35cb2e9f613c955cd85020007498aaf680ed2c8b8553267d4d88ba27c43d7c19ee75cf5b1004600349b47e19cd9559dc9dd3f85b3e4ed0f6884e0c0e9557525e4d3cdce8dddb49dbf0fc481dbc99078befb15fc3885e6d38f1944a93dc3b59000ec326d37fd4653abf0c2e012723968a4fb0599cf61a9cb2d346bbdd24400ca048d19a471cba1ffeb83cf91d75ea6dc0a523f1519955603b4458faaf86dd92279f5a092882cbe6281c89c1329aca7860296cff529a092bd36037fdcd46aff4effcd9998beb46dffb064c46c7f72de42941c8a1b956121ee867add83a9baa079a1a6ca1886de9c689fffe9a3248b4540763439fcec52bd6178c051b1fdd744f47f6f8650e1fb9a3b0da1858860de413667b4af10fa7ccc4b667e2d0a943e35eca3253b20bbcd58af60495f2b1ef51b05e87f5c8ecf909a3ca1a482722b5cf4868ebe817113bcb19a67cac40e017a13c71008bd5d4c30c7dcdcaf65913cc40e4e9cc3519d46f65807dad7c3b7992df3edb50200eaa688069c5ffaaa3223d2d55ec6e119f4314a3d878d126e1f77746f1c1ae27c9f72166d590795490b40c52c3407367116adb856716b5e92a5b354f89585246cede7fbe2b6159bb6ae1991ddb33c23f0b4448708acb9a20d99b0db2fab1731996a6f72d917a73a8945129c505303131371e7e0fa5eada2334112abc7f4de19d453673c54285653950c611afdcc1748ec9f905b33da07500a2b26ed511e7aa9ec2eb2e377186f771909704d33bc5d4e2aaa39004c74a0066724435e64e43c6ad6ae9aeb19372fa7bbd6b61e65de1c72e29b9416a162a6cebf466655150ce84816bce682f9a4fd1bcbb3414349e723c3f1b47015859561deaf6cdac774765d6e8b0af2785e2ce0667940fb71ef91d411f8b2ebec883b38a6db470c796f9f3c0566cdd91e5aa60c6ed25774ed9954f0e7b10a7d27b42d68cb1624d4d13deb301d33a99b938ce68baf07d06868e5f982b791a4eb2d4f8da7d77cc92153f982af41bcbf15ed5236e02560e0deb0a5343930d50a351172c49b76cb60a4b9785ba643292c073de3aea33c4d2bafeccd41ea7fab5c7f269fd5f1f366beb808a10062e63e153f231969de872cde96253b51ec1342aae31fe3287c33e4997c4e90c7d9e76abf0c5beed2ef7d8911dee3d7068b07825d8d3753b837184be061fb5fdb12556fcfee51771922f780bc1eaa49947b6e98f7b780bd064683a32b928279b19bd3d4eb313c60ec148fe844ab0fb4179c988f47d84b28bf76409198351676d81131a0c74385292ae0ba1907a40000fe5dbd76798a8ab9c171d17cd4d187b4aa5cad45fd3a450490dccd5c53e9e320daae81ba79a0f49b67bd4e67a1fe5b559afb83a2382cf2caaf875109a09bf6b1bf63c935ee0a5375e0484f44d8544dcdbf17b6cf4820a36a7a5ae4820c26d1ee80911759d6e55eaf4e0c36e1007fa8815265566d925761dcb471a7a1804f96bcdd23539b829d48cfd20cec21ddb9c5d15282857db21dbd368a620679f736cda293dbec5952a006b99c7522bf9cbca6d8b6205f5aea99e160a90ccc25acfb5fc77624fff5002a212c7f692c23a7a970c9c43e689d4adb2f992c7e608c1479c53fd700c57d0deb7db100f37cb32ba210f4f08272472a32f1825767311648b79af4934bf4cd34dde4e7cff89f017f5cb90de846737a5cfb842fb7dd3c84be171b6ed86d4e62b513c0da666e8c3a371b5e5a7d48398cadf2ff207ccd378e6212eded2aacf3358d24b52e02566399151a0b95edc4ca970e0d64fa824f1ba7b9c5eea2bda7c8c14d70d4d0d245700957de63bc1e9ec4c1f56a71443afe14064a6965a1030af7fb58c0a7ee838bee70c3d349196c1edf13b170f07eaff86dccff8e5ffa0b825890b3c39082d1012e671db1ae2849d60518618f83b45dd8c24d6e888ae8c235ccbbd91039b7519d738bdeb59c5f2a5d62153423438b0a06960bb9cce5c1b6d88012816abe57166063fa09630a8d18be6a858968da50a07e7d8e920f7a167ff804d0d46186aaba70b3117843167507e9bac3bb8655fe0ac7785b1f2aa54e8957df6b32ddb98a753a8168174190cd0aab423993f273aceff557d0e546cf75f715d88064f91abf96bc5fcfc47988c6ff5c4dba79124ddf0ebc6f6a3e161a09f3ab3b442299c6266b53ccef79417999ff6becc6fb927465ada0a2c3f23afe3d6a9f583e61e906d9028865b504a5beff9c86ac30274a8a5676d5958f0cba85087d3654ce1d05e6d1c7ff3c45214d5b1e11c252a1b0572e0adcb5833b8def9f2fba602fdbfebf3fd2c193b9c3cd160adc4d19a25f133aedee28f93ef3da757279837df8e4b27cf31698f72774c57f9e37443c5532303fa049ba1cd95a30d6069d680518bc258f2276c6c23d194b38e73137df52ee69b5c130b686955f0cd70a8d9906debaeeddb2d56837ea1f0590f46a8cf1f52a466176e608d5c696e2dd8068cdd0294f2511a374a06ca88273f53bc0f76a5c02b3557c7226c8d3a7875e6e1c11f32981985efa1dd8aebeefc6f723024f66259840a6c87e04a7d88a0694b052064dcda2d9bc6ddad43adad9de50957c86a32b0531610982a63917c7c7f293e9ac8fbc3954dd788cacd96faaa9175072cd47cd63db81ff6820e2a6f60a0fef19c6da83a011852801504dbeda1af1abbdcd7e222446700479d0d599032c32b70de64514fb1fba28717a176902c7238ede986391aa54a3fba30e05c42602247aaaba9dcc09f6c1c1714ae984f70bdffe50746d1e7a4ca9447f4f8910aba2d520aa67039a2bffa36c13cd29127315a83734eafc1b12de3268bddbff42a4ecea52aa420d04769404b98c466bd0d0faec6a99273855b3b8ff6243f31dfa3a92ee0cbbb8fc3a316339ff36e2d9d94bea9dd47505cbb6e408ed5c04e4500ade196c46ad5a2ed15775f9303eb88610efcb9762bafd498761944d685dcf2b0bbf20aec68c915e2490fe4b20a03f0509db4050b89246f94a354ca2bd87491b43adc1c321431e088beffda2a86abcedd11f3784a9ef84b2a07e3286ead5a1f311b115182f155d26bd840d4c490601368a9ea9eb32549493753c45a9109f470fa676bc4c2c0b15ed31aeaf3b74c2a24b4ae5735e438b6c0d3e7d6025cc9e27cd2412e6ab0eb8b0a4491c3a8b7b0512094cddc2acb26ec30962ad65ed92950c0c1dece98722bbb2e3e0ce8fd24800b4037308238b2296e6984035b6344d74a920c600a6018ad39e3ff57b42da762806303746737a1f439a0aeba4e6256ab5bd7739e623f52a6e7ce386a4c2bac3c43bcf700f6e0dd6d29e4f5818b9ece039147f1cf3cc4cff308a2798ac7338c208c978ae7eb55c6ebef6ee60d8e57abd466812ac903aaf6cc9856f7be39346c09535070b09a5e5c671aa43a0cb95c620ac129477d7b3e7d6af3d5254793aa060be107ccdf002aa95b5b9882beee517cfef4019fe52903dd5dee451ccca19be36bc78b7ba4f8e0dbffa53e2510d30aea395a4484154f563770965efad500288261debe6a73e039268dc37d3c9908c3e054cdaac0c790f7aba99b4d70581678e5e0cad760ee4107766bb1e438d35728a755705782a762d9d35dd33b3a136f677a6975d2e18d2dfa551ff41bcb942258659c5b116dcd91c942486463535ea47533837dfcfeb4e8f5b2a156a98f664d72a789ec37e745cfac0b818dfa3c6ed1c737926a5e44f17e037e62669e0da50acd57cb526c4b3406cc11726bb3120c412e5b1a020425e972e0f2472953c5483d1f04aa5e640e52476eb9220a07c9b16c5c604d8322284436f16a1d4f8c4b4e9c7a3fd30ea1b3ced9ec9372714de182a3a05b80ef54af53ea248d01bd82f86186dd74680d8bb647b13af51de02dfd24eafd8185f83766878d99e52fcbc066ee0d6ed5ec810fc98bd5733a7c502f557d7ddd5450782654ab66541ce4f2c2a144b2b782ea61b54eccb313d837ba950f23c70e74c18a3505e9ed57129a2ea"]}, 0x1274}, {&(0x7f0000001940)={0x220, 0x23, 0x8, 0x70bd27, 0x25dfdbfe, "", [@nested={0x14a, 0x4b, 0x0, 0x1, [@typed={0x14, 0x81, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast1}}, @generic="a2378697e81c579fb01fd87c2169e723476ce5f5186b0a84665e5b1c2b22fe82e55d0a26ba8c05b231a6d506", @generic="6e175928828c597ea1561be1163e94b48675564f54324cbd3170f9945502a50019574f1651906e462cfb9171272189acc6a9989af14a0d882e1675b7fea5f84c2020a2da30ed0f12568b54121a5f2e6c7b88e3c50a60d920fc22a3ab6814cf842af4fa4d1b60af4e8f4f1080a98037ac6f45ddec9a68ece9614e2ee33ceeacc5862080b7dbf43a20b3a0f9f52e096235a65dd6a37ad8f037d75efa", @typed={0x8, 0x3b, 0x0, 0x0, @uid=r5}, @generic="91e6ca95d56d1b6532d3ed6619db7703184167b7bf952b4a2a36e697bb52e0cc4c3c6d35208580d910ac7731a5ccadb4351df98b525256cef4c8014551603ec49b696a", @generic="a180a385e7af99c13626badf124ce867911c5a22b37a3d03a8b8ddb66ee8394d"]}, @generic="04e9b34914eb659dd437e6b1c97bcca6fea666f6887695af0cd5e21dfd9e3ed28a5cd907b26133435f363ac9e456986d637f3a093f1282a792dfd7e30aaad353bb6e083bf5f3fac078bdb9702f19a8b74d783ebc320283475403f9474c7d68968a81cb8a649f13fd3f67591e41a6bbbbd016bf5a23c556f9", @typed={0x7, 0x6b, 0x0, 0x0, @str='uid'}, @generic="b630480cfa0473ff67c95d7ef25449369500789920e94bf1fd4cc9187639abcd8b2c44f83b78da70cc6492dd45e79094e1d3e057c358dc02eba7", @generic="cfb8168612c2f0c05dc5"]}, 0x220}], 0x2, &(0x7f0000001f00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r6}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r5, r6}}}, @rights={{0x18, 0x1, 0x1, [r8, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r9, r10]}}], 0x70, 0x8800}, 0x1) ioctl$FS_IOC_FSGETXATTR(r8, 0x801c581f, 0x0) poll(&(0x7f0000000540)=[{r0, 0x4100}, {r0, 0x2500}, {r1, 0x100}, {r2}, {r3, 0x8000}, {r4, 0x1320}, {r0, 0x2000}, {r7, 0x224c}, {r8, 0x2122}, {r0, 0x8008}], 0xa, 0x5) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) r11 = fork() tkill(r11, 0x0) 17:20:53 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 49) [ 1425.379415] loop7: detected capacity change from 0 to 40 [ 1425.381768] loop6: detected capacity change from 0 to 16383 [ 1425.405103] FAT-fs (loop7): bogus number of FAT sectors [ 1425.405645] FAT-fs (loop7): Can't find a valid FAT filesystem 17:20:53 executing program 0: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1425.449502] blktrace: Concurrent blktraces are not allowed on sg0 [ 1425.459921] FAULT_INJECTION: forcing a failure. [ 1425.459921] name failslab, interval 1, probability 0, space 0, times 0 [ 1425.461060] CPU: 0 PID: 28832 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 17:20:53 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {0xfffffffb}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1425.465793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1425.466702] Call Trace: [ 1425.466898] [ 1425.467058] dump_stack_lvl+0x8b/0xb3 [ 1425.467394] should_fail.cold+0x5/0xa [ 1425.467640] ? anon_vma_clone+0xdc/0x580 [ 1425.467916] should_failslab+0x5/0x10 [ 1425.468238] kmem_cache_alloc+0x5b/0x480 [ 1425.468530] anon_vma_clone+0xdc/0x580 [ 1425.468798] anon_vma_fork+0x82/0x6a0 [ 1425.469129] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1425.469451] ? __vm_enough_memory+0x184/0x360 [ 1425.469756] dup_mm+0x91b/0x1250 [ 1425.470060] ? replace_mm_exe_file+0x490/0x490 [ 1425.470433] ? __raw_spin_lock_init+0x36/0x110 [ 1425.470814] copy_process+0x3848/0x6cb0 [ 1425.471149] ? lock_is_held_type+0xd7/0x130 [ 1425.471510] ? find_held_lock+0x2c/0x110 [ 1425.471856] ? __cleanup_sighand+0xb0/0xb0 [ 1425.472203] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1425.472657] ? _copy_from_user+0x139/0x170 [ 1425.473012] ? kernel_clone+0x2f8/0xa60 [ 1425.473336] kernel_clone+0xe7/0xa60 [ 1425.473639] ? lock_is_held_type+0xd7/0x130 [ 1425.474031] ? create_io_thread+0xf0/0xf0 [ 1425.474376] ? lock_is_held_type+0xd7/0x130 [ 1425.474738] __do_sys_clone3+0x1dd/0x2e0 [ 1425.475073] ? __ia32_sys_clone+0x150/0x150 [ 1425.475446] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1425.475887] ? fput+0x2a/0x50 [ 1425.476175] ? __secure_computing+0xb4/0x290 [ 1425.476541] do_syscall_64+0x3b/0x90 [ 1425.476853] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1425.477280] RIP: 0033:0x7f9fb3b18b19 [ 1425.477582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1425.479037] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1425.479640] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1425.480127] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1425.480568] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1425.481112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1425.481573] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1425.482216] 17:20:53 executing program 0: syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:20:53 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x8, 0x0, 0x0}, 0x58) 17:20:53 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, 0x0) 17:20:53 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:20:53 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x10}}], 0x10}, 0x3) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)) tkill(r0, 0x0) 17:20:53 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x0) 17:20:53 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x180}]}) r0 = fork() tkill(r0, 0x0) 17:20:53 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x11, 0x0, 0x0}, 0x58) [ 1425.765181] loop7: detected capacity change from 0 to 40 [ 1425.781811] FAT-fs (loop7): bogus number of FAT sectors [ 1425.782388] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1425.799957] audit: type=1326 audit(1643044853.628:35): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29138 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8692deab19 code=0x0 [ 1426.221784] blktrace: Concurrent blktraces are not allowed on sg0 [ 1426.623444] audit: type=1326 audit(1643044854.452:36): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=29138 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8692deab19 code=0x0 17:21:11 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 50) 17:21:11 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x1100, 0x0, 0x0}, 0x58) 17:21:11 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) r1 = socket$inet6(0xa, 0x80000, 0x7) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611) 17:21:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) r1 = epoll_create(0x4) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) recvmsg$unix(r2, &(0x7f00000003c0)={&(0x7f0000000080), 0x6e, &(0x7f0000000380)=[{&(0x7f0000000100)=""/213, 0xd5}, {&(0x7f0000000280)=""/32, 0x20}, {&(0x7f00000002c0)=""/105, 0x69}, {&(0x7f0000000340)=""/23, 0x17}], 0x4}, 0x2000) ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000001040)={0x1000, 0x6, 0x3, "15d9e30aa96bd1c1d6bb3f6c0309571f52b51aeacda68d7e70bd42de65aa9eb6f9eeef3d97fae83f1fcc5de9ca256e43c26c6ebe934617df39040035815ec8b237b8420c5b5a1b617cf8f71386ce1c1aea3dfcfb2d7858d75600a1a89a44715eab58c4668d77335ab4bc5ae3ab87ac621635d7195d7f85e077a6887f3f25ad2c0e526e390761427074369a71386d2d08ce1618e594d56f2eafe57387f485a40f5a9f5f1c8344dee59ace9889a96caabf5afb6c227edc35e5149cbeec14c96f8c894c70cc06920da52cb888b0c7416b7f89b8b8d1d8b6f2f5d72d9d4d95be75c7e69286aed31274d72557657ceab73f782cd07c818847e0a1b036a04572c38c17c05b585b665380ef960ebf53ba349f8c7e86ba7def540a95717385d97258d3085aeccc584fd91d32de523046596b0f0af2c150e7741b08eae042000d110caf8768736e2c1594819219ad12b7c25ed234863b711c9eb222d52d565cc6b4f637e8189fa4db0263a04792eb07f3e4f7ba263a287a77e439b64b91ab4146b4d9fd13db46ec12895b1e5482233edbe0ff020cc96295a622980f6bf7378d8044607bae81af08654816f7bde2511a8f9e85e34da2faed62cbb77bd91b9147309f07fef00c92b7952313c5ca96b60e9dbb354c0a230d3066dc12214f62c4618c7cfd7297df3c5030e50655843b08991f7931652e21d8ead36d0f8b48f0e8aeba9e3db79188a9f0961d8ea74158855c2a32d6a7c7367faae9fc43769bc73a4941b0f67a0d6dfa588be724dd7beed65abb206552fdac9d820ca8b5dbdb2ff2ea695d9de63d305395d2daed1ae9fe91f35b3be4c2e3076962c54049e03374aa3afed501ede70d69461a876f74f8916cc35fcf0c158a9d3389728290e11105d4c96c9e82aeb3152a651271cd78d517ee940b6b231cbf7f49058059a13b58598359c039a8b139c40c6ef0003efa8c64ef4b144e617a66ec7dab35dda0ee4ebd83f9b4d40fe48ea567607adafe1230967675f3b84b691426e3ac1414a9f43d701f354ec369625b5d914637c81e839585fc3599faaa0540aef721e5065535056aaf908da51d41bfce81f56e174cf426168972572648fc128df4cc6e735274bbde167170f3a2633013a74cb07b09e9a3544feb11831c7504c525cb3141da1ab4a98b23ef79962c3990324b551f1d8c0033956ed4219d16130eacd41d1abb8eca209ed6661ec8fc823e5fc5c918c139764133fef533758e6b6dc7e7356f9104e66c174536b7a3156f766a8cd94ba0c2c063361a23d7ad8da0756611d92d7ab8591817fca6181bab8533ed761a14da3354056b3a1b1e0bdc387536280da3221427e2c0b5000a864993059059ae987ee8803ac477ddac8e361eb720de45b3904aa3dbd7bc2acdb55e455b13f6357033fe7661affa164dc5752cbdf23869d0d88a7bcd137c7afa755986f0b65d69fcfd121856843e2f13886ae3b9bbe4c025932510b75eba115e253809a54589ef81391c0b72edb42ca640ac863e440d28c39d594b67b5db670ef5b354401656b138975f55bd42ab9d21dec54e117b06b964aa657de8e14f0d12d92f9ebdfe42f2acc1fde6507cc8093cc5903202e949c10d8e5d00b18b75aeebae82fb65c652cf594c0df3bcc6d2669b0aa1c20df977348e277bf1b24e9f78c0beebbdf40a38ecc74863b6eb0b72388adafeb2ef96b3b764f40da7ff406a0f1d0bf3eaa1bb51af7c171ba594a620850c1f10e7c78f03db3e7a90ed54043115605a414b491c3250132c66619270e3284eea74de8e60934fd6ab8b58f9ba6f34beffff3a382ce338a8cb64ee6a1927cbdb74db45049ceb3b0aea4cd09c5038123ff7170f4b1a35bebf38c3bc862d52725cc83a5fec515a9e9875768d2aa73b7895099b0a18857cd6474732df479d4fd5121436614c61fb5c066d9cc9044ed050ba629e93cf06e91d0559d07c075b3876550febbc93896db544217ddbfdc1edbcaba0f6a4d94e99c4cbf632b14f9c9cf9ca60b2472130f894a97301b67fe0b64cfdc84332f5594e96521b27af872122c115d6d1f969c92753a755128354c1729100865c3d12b45fcb789d6b4fdafd359e84ac7661b289f0c04080fd87bcdaddd828228f875153684f7b013af3236f2709c2edfbb7b15bf560cacb867e798e17fb44f96fa8cc057aa82a0a0091c333d68d409b3774706039875bbcf247ae201931512508e0d65d4b84b9f26b8695132ee5a07516ce2f295fe94e09dc9f9343572028bb0d9572e387cad197ecd73c25be893e0a3559fd50ee4daed1c200f2c418494b6b9b2717aacbf75a1985f34d437ee3d92446574eb3c70eb02b6988dbc16c979c8e1891021d78efef612cefc8b2ed94fc582635e9e7765c6125419a662b04abee7eb5f25d77e1302c08c9bff82b7dd82ac21655adfb12b341b7991090d62e359a44758ff7acbbd414a43c62001dcaae5690b95e265b766c5ad59d1dda50ac204c06a7dc2705594a0d4d74ba4e8f4078e3c9e49d80c988f776f7f3ed41c3e7e8c7adaaefc1ea47bca82e82718aecc6a1d542ac5e3e7fbcdf9c38b1ffd12e42f3993386d92fc10fb69e766187edcfa52651610dcf70d93989fe49e0c08ac6288e3fe2c15fea627a7315b46b6e10766ba60a9d999cf506335e765defe592ab597c883d446d86e088971913bf2d1a1a8ff3bd26b19fc403e5d5e2a6e921438655bddbf13491728371874774e7f0b52e34c85fd6ed04e35cbb116465ee5797032a839e98623eba65bebda494048937b50016c025df025359d3e89dc8d2ce0dc97b373ac855e65c9619180d1134a06bc84d8444860108186562fff5927f3a24eed9764f4d3493acc02042638c86edb977497781fe4dc90d209a03be0f04f39b04db3e4126fbd9f6cf5fda129da67a0f6485fdbe99a714b8e93def12bbb2d732fc7dc7283280be139d4b357c08878cfc07ccc79f10943863208250379cfe1e61caa7cd48e1e85f23d829b58b393d042fb1d0eb7b3a9973bae0c2453f9c33e4fd2772af9f7a4565a170ae5d6877eeb31968399918c0b2b5cec067e4530c5a6e4d334be119c60787fd0f889ec84d2c7f34726bf633f1bf64bbd16dc09023147b330d4e5c836c6b60e86a278da8513d2b7c558c688ed3f2608fa9b36d8f6695f74e4ffe4b825b4df7ac1f512e0123bc1f118cad555c8120a49923a5ca44779a0f61d760e9125c17032591545161228147ed1283d6ce75821e7a231d8267a526ed18bd2238f537f0ab40ef50c60b88cefd1e18dd0600577ca8d50983a092acad37513e991f4234289fc074bd52934f1eb3f4fdabd357e190a71a890aa50b1a2561dca92719cd47ecbc3ebc6b8f9eab574daea2438a972d7e6928abcf9fac7e277fc817999799262a5b5e029d6b74c10dbdd1c3c947f24bd883e55e504b951976c0e15c5bd3cd9e99e176dd76065bb593473ef25a9d4227957761369987e8a80eb6465d00abd9f550aac635448274fc9224f29eb358fa1d0961661bc99eea9837cfd7d6d115a6d34178401840cc804e93af11dd43bc7234fb11fb91f433d4eb4400a667498846911392280babec3e2c674f3d96a0bfc00061fa60e1a2b9b75079184b1795216e31b43d8339e1c1166c2e5ea219d4e25dd53a440514d7ed8fde57dcc69a5017cf563ed83fee2190b2c64c18009ec2dda6443d40042274b2e4138a42a1cd74fa218c743d673acc6e329107dfd82520a9171b10fadcd8bf2a9ea29ff25289e085b1930774388786e23c53f936e34d155831403ae3449cf1b027269940ba4e8bf17a720aec213093cc531ca573c7ae23fbe362d7fc02f92eaea359d4f412e6c0a37e2b86b84f8aec24c025ad3d6816487ce673680b8b897b841ea7e18f4c644e53d23f83aad214783115d94b5138116fe9d558880f38a8fc93d8dabde1e35dbf5d827abcf9208330bc81006a7972125e7d7a06f5ce6495cb3c1052a79a5d8bf3242c2c604965876f4b0af47bf66dd88023f4609143e637a67028ac637caea165563eaacce7635642d8114bfe696874f0ad99effad8fce4b866084cd6aef06088d43abe4863d15873d5d4665b775425a44370a4aaef6184bc3313597f209cfb5d15e108c751e92d9fcbb26d9fbe0b2f8fe0dd2e3cdc7dbb28198eea8a4a747d6d578c5adffb5701ee840045da8d3e6522e3d30b1a24762cd69ee7797e821cefc7f142d01f15b86d88cc5afaa68296567158d0fc94af641f2a98a3e8a4755501aee2a310cec70e29f5ef452c65b25315ac409eabc36808225f0e4b8b9a2dad94e43d886f3affedafaf57486b22fbd43dfa018418f11d2fb90a19658fb7b0d772bd3772cbb1bc04a9184038a2779a3911e4ed42358ec6652e255ae341c452cc3fee26f636d9d25b260426bfbb5c755af25ed88b3abbc779588a17c4564ca4d0b1fc373eac8222e3a7d1f7926f9c1344911f48d59bb8a84474112a254e7fa68fea46127424e12e284245d3a042b8223a71debbea1b4dcd66c01b2ea9094965595c475e361b077bca9f4cdadfda038ae9375b139bc99be41dcbb4d3988a887c5bb25f436f4848815f429a0830ef5856a73c99df0d52cafced7797276efaedf90b76dc22ecd771cd37eb0166ec9c1f88c36a5ae022def41263ffd91c16de6c1f00de0726b3a897e5999cefb32bf1fe62dbd18fc89f5f6b3cf81b5e53b01c6034e195e0792d0bd141a81cdecb3f13cd1fc720efa3abdbd63d46802d36e81a31c4fe8764b62dc5e060dade603a332f92fd643c29c37e7e45117b57badc007d9d3fd21950e1524733dc4ba9150c172ecfbeb72f2f773e347be6b7afe3e14a3a0af99f37b64c7435e51e2fb4c01c1fa044ec7f0f0d3b730668c766ceb26d8004bf66c3a0c81c66b702b123a9992c7aa772b1da4909e04e30f3036083055427b688f4eb720c95d1e32c6d3c91a1893af301dda1fff5d0e71a37a9051b76ad61af0ff55205527ae7d4a4b3298c424a940db8f9289b57b95128b3ee885f048f5177e7940530c1e63a02d94c145284d962f06cab8522c1da31cdcd0d126f3ad62ca9731a51a2c2d298be7424aa81e7b84d579ff68b52edb176c2ba3561d2b581b3e4882221750292b479a2e4663b6f73634ecc84d9abc80361f02ee8833aecabc6ce5c40914879b132b87e32c12aaf03482279717dcd1bd4f94365639556c37b9ccfdfa6317467a142eff18090cff01c83c1d4430a8324f88202fc4a4d550ea45de3f3112c6d3504714cd8c3ee6af57129dc79195922785357227f7b09aec05d82c64c4363d781488dd053d7ab317a97c3c3cacd850bbae1318a8b71e24ebcc6d7b99991c7e8126af4c94960ec4bef16f01ad14a6730c03c9634a10a7444bbec53dd7312556ffa8dd558a47e8dd43ae46a5402d0cb61445cb0d6e7f717c8261c64ea6cc85de56631237a4f2c50ac786ac585001a57eb82d02563bb629b42a856b23b50ab6d6775da88e78ff1216239a11ed36c4c8c7b552570a98b06e43f588551d06dcd63e1d27cacf9d6c78473ed179cc4303711211019119ef5764d1f7d6020a8575a065e4749e0cb850d7f7321028e69efa6c72018127d182c3700bd06d936b485d3cb6e3a51be6263d628ad9042d3f0e1574e5631b482b65e541ba846f6efc71c4c33a903ca9a8afeca251fbad88b52840372924ebf7d08b70a878f12c5d1cdbc69043b572f1616a9bb25a26adb671ca619a0d52386715c90af2f9eb96f1aaf8095ea2f4d27f499e5c5b30e713693c68f4d5c5e5048bec85c05029228629af348ed43d7f61640dd4323"}) 17:21:11 executing program 3: sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x5c, 0x0, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:auditd_unit_file_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x98, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ip6tnl0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'tunl0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private2}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @remote}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @loopback}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'gre0\x00'}]}, 0x98}, 0x1, 0x0, 0x0, 0x2c004005}, 0x4000880) r0 = fork() tkill(r0, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r1, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x2c, r2, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast2}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x80) 17:21:11 executing program 2: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002140)) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x6, 0x9}) r1 = fork() tkill(r1, 0x0) 17:21:11 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:21:11 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, 0x0) [ 1443.906360] FAULT_INJECTION: forcing a failure. [ 1443.906360] name failslab, interval 1, probability 0, space 0, times 0 [ 1443.907361] CPU: 0 PID: 29361 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1443.908063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1443.908990] Call Trace: [ 1443.909223] [ 1443.909432] dump_stack_lvl+0x8b/0xb3 [ 1443.909807] should_fail.cold+0x5/0xa [ 1443.910183] ? lock_downgrade+0x6d0/0x6d0 [ 1443.910645] ? create_object.isra.0+0x3a/0xa20 [ 1443.911083] should_failslab+0x5/0x10 [ 1443.911418] kmem_cache_alloc+0x5b/0x480 [ 1443.911798] create_object.isra.0+0x3a/0xa20 [ 1443.912244] ? kasan_unpoison+0x23/0x50 [ 1443.912613] kmem_cache_alloc+0x239/0x480 [ 1443.912990] anon_vma_clone+0xdc/0x580 [ 1443.913345] anon_vma_fork+0x82/0x6a0 [ 1443.913680] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1443.914123] ? __vm_enough_memory+0x184/0x360 [ 1443.914515] dup_mm+0x91b/0x1250 [ 1443.914837] ? replace_mm_exe_file+0x490/0x490 [ 1443.915357] blktrace: Concurrent blktraces are not allowed on sg0 [ 1443.918260] ? __raw_spin_lock_init+0x36/0x110 [ 1443.918696] copy_process+0x3848/0x6cb0 [ 1443.919047] ? lock_is_held_type+0xd7/0x130 [ 1443.919422] ? find_held_lock+0x2c/0x110 [ 1443.919796] ? __cleanup_sighand+0xb0/0xb0 [ 1443.920174] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1443.920652] ? _copy_from_user+0x139/0x170 [ 1443.921029] ? kernel_clone+0x2f8/0xa60 [ 1443.921380] kernel_clone+0xe7/0xa60 [ 1443.921711] ? lock_is_held_type+0xd7/0x130 [ 1443.922131] ? create_io_thread+0xf0/0xf0 [ 1443.922509] ? lock_is_held_type+0xd7/0x130 [ 1443.922896] __do_sys_clone3+0x1dd/0x2e0 [ 1443.923266] ? __ia32_sys_clone+0x150/0x150 [ 1443.923687] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1443.924168] ? fput+0x2a/0x50 [ 1443.924500] ? __secure_computing+0xb4/0x290 [ 1443.924898] do_syscall_64+0x3b/0x90 [ 1443.925236] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1443.925688] RIP: 0033:0x7f9fb3b18b19 [ 1443.926013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1443.927521] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1443.928125] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1443.928687] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1443.929277] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1443.929868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1443.930478] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1443.931093] [ 1443.937206] loop7: detected capacity change from 0 to 40 [ 1443.948604] blktrace: Concurrent blktraces are not allowed on sg0 17:21:11 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, 0x0) 17:21:11 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x2000, 0x0, 0x0}, 0x58) 17:21:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x7, 0xffe3}) ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000080)={0x1, 0x9}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x4a802, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000100)={0x72, 0x8001, 0x4, "9b42ec4be711155856102f3172a0c807646d01e91f7ecaab8f196838991a4f7efd0effed9420e89a56a76bf9b678d93490ae6e8847d977ac9687a611c7ed2934d9321261f6113347c8bf5b2ed386d6d995d249207e1a2410e34c93c8dab86282a4497315ef74736bf3fce00af324dda7dd19"}) [ 1444.183814] blktrace: Concurrent blktraces are not allowed on sg0 17:21:12 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x3f00, 0x0, 0x0}, 0x58) [ 1444.196957] blktrace: Concurrent blktraces are not allowed on sg0 17:21:12 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 51) [ 1444.225781] FAULT_INJECTION: forcing a failure. [ 1444.225781] name failslab, interval 1, probability 0, space 0, times 0 [ 1444.227976] CPU: 1 PID: 29682 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1444.228701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1444.229679] Call Trace: [ 1444.229913] [ 1444.230161] dump_stack_lvl+0x8b/0xb3 [ 1444.230514] should_fail.cold+0x5/0xa [ 1444.230868] ? anon_vma_clone+0xdc/0x580 [ 1444.231240] should_failslab+0x5/0x10 [ 1444.231594] kmem_cache_alloc+0x5b/0x480 [ 1444.231972] anon_vma_clone+0xdc/0x580 [ 1444.232349] anon_vma_fork+0x82/0x6a0 [ 1444.232715] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1444.233155] ? __vm_enough_memory+0x184/0x360 [ 1444.233613] dup_mm+0x91b/0x1250 [ 1444.233950] ? replace_mm_exe_file+0x490/0x490 [ 1444.234414] ? __raw_spin_lock_init+0x36/0x110 [ 1444.234968] copy_process+0x3848/0x6cb0 [ 1444.235326] ? lock_is_held_type+0xd7/0x130 [ 1444.235701] ? find_held_lock+0x2c/0x110 [ 1444.236074] ? __cleanup_sighand+0xb0/0xb0 [ 1444.236504] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1444.236967] ? _copy_from_user+0x139/0x170 [ 1444.237337] ? kernel_clone+0x2f8/0xa60 [ 1444.237685] kernel_clone+0xe7/0xa60 [ 1444.238028] ? lock_is_held_type+0xd7/0x130 [ 1444.238444] ? create_io_thread+0xf0/0xf0 [ 1444.238817] ? lock_is_held_type+0xd7/0x130 [ 1444.239198] __do_sys_clone3+0x1dd/0x2e0 [ 1444.239564] ? __ia32_sys_clone+0x150/0x150 [ 1444.239980] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1444.240451] ? fput+0x2a/0x50 [ 1444.240772] ? __secure_computing+0xb4/0x290 [ 1444.241179] do_syscall_64+0x3b/0x90 [ 1444.241515] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1444.241996] RIP: 0033:0x7f9fb3b18b19 [ 1444.242338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1444.243817] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1444.244436] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1444.245816] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1444.247462] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1444.249178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1444.250371] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1444.251018] 17:21:12 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1444.311716] loop7: detected capacity change from 0 to 40 [ 1444.802281] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 17:21:28 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:21:28 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 52) 17:21:28 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:21:28 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x9, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000300)=0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002480)={0x7, &(0x7f0000002440)=[{0xfc00, 0x9, 0x0, 0x4}, {0x7ff, 0x3, 0x1, 0x1ff}, {0x2, 0x7f, 0x6, 0xd7}, {0x9, 0x3, 0x0, 0x5}, {0x3a2, 0x6, 0x81, 0x8}, {0x0, 0x3, 0x8, 0x8000}, {0x0, 0x6, 0x80, 0x10001}]}) recvmmsg$unix(0xffffffffffffffff, &(0x7f00000021c0)=[{{&(0x7f0000000340), 0x6e, &(0x7f0000000640)=[{&(0x7f00000003c0)=""/206, 0xce}, {&(0x7f00000004c0)=""/81, 0x51}, {&(0x7f0000000540)=""/237, 0xed}], 0x3, &(0x7f0000000680)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{&(0x7f0000000740), 0x6e, &(0x7f00000018c0)=[{&(0x7f00000007c0)=""/4096, 0x1000}, {&(0x7f00000017c0)=""/57, 0x39}, {&(0x7f0000001800)=""/144, 0x90}], 0x3, &(0x7f0000001900)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x168}}, {{&(0x7f0000001a80)=@abs, 0x6e, &(0x7f0000001b40)=[{&(0x7f0000001b00)=""/32, 0x20}], 0x1}}, {{&(0x7f0000001b80), 0x6e, &(0x7f0000001d00)=[{&(0x7f0000001c00)=""/246, 0xf6}], 0x1, &(0x7f0000001d40)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}}, {{&(0x7f0000001dc0), 0x6e, &(0x7f00000020c0)=[{&(0x7f0000001e40)=""/147, 0x93}, {&(0x7f0000001f00)=""/57, 0x39}, {&(0x7f0000001f40)=""/207, 0xcf}, {&(0x7f0000002040)=""/76, 0x4c}], 0x4, &(0x7f0000002100)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}], 0x90}}], 0x5, 0x100, &(0x7f0000002300)={0x77359400}) pipe2(&(0x7f0000002380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) clone3(&(0x7f00000023c0)={0x1800200, &(0x7f0000000040), &(0x7f00000000c0), &(0x7f0000000100), {0xd}, &(0x7f0000000140)=""/240, 0xf0, &(0x7f0000000240)=""/141, &(0x7f0000002340)=[r0, r1, r0, r2], 0x4, {r3}}, 0x58) [ 1460.479284] debugfs: File 'dropped' in directory 'loop0' already present! [ 1460.481169] debugfs: File 'msg' in directory 'loop0' already present! [ 1460.497086] loop7: detected capacity change from 0 to 40 17:21:28 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x4, 0x4, 0x0, 0x7fff0000}]}) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1, 0x12, r0, 0x26bc1000) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r1, 0x4008941a, &(0x7f0000000080)=0x2) r2 = fork() tkill(r2, 0x0) 17:21:28 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000008c0), 0x6e, &(0x7f0000000080)=[{&(0x7f0000002040)=""/4096, 0x1000}], 0x1, &(0x7f0000000940)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x128}, 0x40) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000840)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @scatter={0x9, 0x0, &(0x7f0000000680)=[{&(0x7f00000000c0)=""/196, 0xc4}, {&(0x7f00000001c0)=""/170, 0xaa}, {&(0x7f0000000280)=""/27, 0x1b}, {&(0x7f0000001040)=""/4096, 0x1000}, {&(0x7f00000002c0)=""/82, 0x52}, {&(0x7f0000000340)=""/167, 0xa7}, {&(0x7f0000000400)=""/236, 0xec}, {&(0x7f0000000500)=""/92, 0x5c}, {&(0x7f0000000580)=""/214, 0xd6}]}, &(0x7f0000000740), &(0x7f0000000780)=""/102, 0x2, 0x12, 0x3, &(0x7f0000000800)}) ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0) 17:21:28 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x4000, 0x0, 0x0}, 0x58) [ 1460.516302] blktrace: Concurrent blktraces are not allowed on sg0 [ 1460.531624] blktrace: Concurrent blktraces are not allowed on sg0 [ 1460.537721] FAULT_INJECTION: forcing a failure. [ 1460.537721] name failslab, interval 1, probability 0, space 0, times 0 [ 1460.539007] CPU: 1 PID: 29704 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1460.539902] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1460.541091] Call Trace: [ 1460.541371] [ 1460.541620] dump_stack_lvl+0x8b/0xb3 [ 1460.542059] should_fail.cold+0x5/0xa [ 1460.542502] ? lock_downgrade+0x6d0/0x6d0 [ 1460.542973] ? create_object.isra.0+0x3a/0xa20 [ 1460.543485] should_failslab+0x5/0x10 [ 1460.543922] kmem_cache_alloc+0x5b/0x480 [ 1460.544377] create_object.isra.0+0x3a/0xa20 [ 1460.544877] ? kasan_unpoison+0x23/0x50 [ 1460.545325] kmem_cache_alloc+0x239/0x480 [ 1460.545798] anon_vma_clone+0xdc/0x580 [ 1460.546246] anon_vma_fork+0x82/0x6a0 [ 1460.546686] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1460.547244] ? __vm_enough_memory+0x184/0x360 [ 1460.547765] dup_mm+0x91b/0x1250 [ 1460.548172] ? replace_mm_exe_file+0x490/0x490 [ 1460.548684] ? __raw_spin_lock_init+0x36/0x110 [ 1460.549223] copy_process+0x3848/0x6cb0 [ 1460.549674] ? lock_is_held_type+0xd7/0x130 [ 1460.550178] ? find_held_lock+0x2c/0x110 [ 1460.550669] ? __cleanup_sighand+0xb0/0xb0 [ 1460.551171] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1460.551789] ? _copy_from_user+0x139/0x170 [ 1460.552256] ? kernel_clone+0x2f8/0xa60 [ 1460.552715] kernel_clone+0xe7/0xa60 [ 1460.553140] ? lock_is_held_type+0xd7/0x130 [ 1460.553616] ? create_io_thread+0xf0/0xf0 [ 1460.554094] ? lock_is_held_type+0xd7/0x130 [ 1460.554592] __do_sys_clone3+0x1dd/0x2e0 [ 1460.555065] ? __ia32_sys_clone+0x150/0x150 [ 1460.555565] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1460.556180] ? fput+0x2a/0x50 [ 1460.556544] ? __secure_computing+0xb4/0x290 [ 1460.557058] do_syscall_64+0x3b/0x90 [ 1460.557475] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1460.558055] RIP: 0033:0x7f9fb3b18b19 [ 1460.558468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1460.560420] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1460.561242] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1460.561996] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1460.562783] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1460.563529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1460.564294] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1460.565062] 17:21:28 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x0, 0x81, 0xffffffffffffffff, 0xffe3}) 17:21:28 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:21:28 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x20010, 0x0, 0x0}, 0x58) 17:21:28 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000140)) r1 = fork() tkill(r1, 0x0) 17:21:28 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x400401, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0xe0, 0x4, 0x7ff, "51e24a0d79dc36277bf23b95e98aa3a1751ab8a1b37c29b88b5c4c319d3c27601affaa68e0fc83bb2d1d2e473e3a0f2e4bf74681e47c86729c24e5d01c27974941fcbae2cec50a4f2dcf3e4a8775c8dc21e746c1c2976519602f06a745eaaf5aa7f6fa74810a11d008da95840c879a9ae15ea7aa25d9e8388911bf7badbdf615eea45028081909cad8ebf0aa32c9c5badf94e36ef14e2d8da4a23aa3eeee1df08943e51a134be0d3c649e22478d73d70ddeff53c82b0d26debd1d47ab3de473ba4ef190fc6e066ee02166d6bb77e4aeb876c41b588bfc1fc5559979c02eb8fa4"}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 1460.685322] loop2: detected capacity change from 0 to 40 [ 1460.780385] blktrace: Concurrent blktraces are not allowed on sg0 17:21:28 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x20200, 0x0, 0x0}, 0x58) 17:21:45 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x0, 0x81, 0xffffffffffffffff, 0xffe3}) 17:21:45 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)) r0 = fork() tkill(r0, 0x0) 17:21:45 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, 0x0) 17:21:45 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:21:45 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x80000, 0x0, 0x0}, 0x58) 17:21:45 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x6, &(0x7f0000000040)=[{0x8086, 0x0, 0x81}, {0x7f, 0x81, 0x4, 0xffff}, {0x0, 0x1f, 0x3, 0x10001}, {0x828, 0x4, 0x2f}, {0xffb1, 0x6e, 0xb6, 0xfffffff9}, {0x8000, 0x1, 0x23, 0x4}]}) tkill(r0, 0x0) 17:21:45 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000080), 0xb22, 0x208240) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:21:45 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 53) [ 1477.455273] FAULT_INJECTION: forcing a failure. [ 1477.455273] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.456283] CPU: 0 PID: 30042 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1477.456971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1477.457912] Call Trace: [ 1477.458143] [ 1477.458350] dump_stack_lvl+0x8b/0xb3 [ 1477.458743] should_fail.cold+0x5/0xa [ 1477.459096] ? anon_vma_clone+0xdc/0x580 [ 1477.459470] should_failslab+0x5/0x10 [ 1477.459807] kmem_cache_alloc+0x5b/0x480 [ 1477.460178] anon_vma_clone+0xdc/0x580 [ 1477.460556] anon_vma_fork+0x82/0x6a0 [ 1477.460910] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1477.461364] ? __vm_enough_memory+0x184/0x360 [ 1477.461777] dup_mm+0x91b/0x1250 [ 1477.462113] ? replace_mm_exe_file+0x490/0x490 [ 1477.462545] ? __raw_spin_lock_init+0x36/0x110 [ 1477.463009] copy_process+0x3848/0x6cb0 [ 1477.463381] ? lock_is_held_type+0xd7/0x130 [ 1477.463775] ? find_held_lock+0x2c/0x110 [ 1477.464160] ? __cleanup_sighand+0xb0/0xb0 [ 1477.464555] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1477.465040] ? _copy_from_user+0x139/0x170 [ 1477.465427] ? kernel_clone+0x2f8/0xa60 [ 1477.465803] kernel_clone+0xe7/0xa60 [ 1477.466151] ? lock_is_held_type+0xd7/0x130 [ 1477.466549] ? create_io_thread+0xf0/0xf0 [ 1477.467029] ? lock_is_held_type+0xd7/0x130 [ 1477.467427] __do_sys_clone3+0x1dd/0x2e0 [ 1477.467796] ? __ia32_sys_clone+0x150/0x150 [ 1477.468207] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1477.468693] ? fput+0x2a/0x50 [ 1477.469008] ? __secure_computing+0xb4/0x290 [ 1477.469412] do_syscall_64+0x3b/0x90 [ 1477.469769] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1477.470246] RIP: 0033:0x7f9fb3b18b19 [ 1477.470588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.472136] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1477.472805] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1477.473427] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1477.474055] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1477.474717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.475337] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1477.475988] [ 1477.476602] loop7: detected capacity change from 0 to 40 17:21:45 executing program 4: r0 = syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x40000) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000100)={0x43, 0x4, 0x8000, "dfc8a2cba9bcef3e295fe19f4198a90fa4e1427494496d3fae337927265f0ebf3df38ac34e396d9475514eaa7480fa058edd3fb19e4ab79015a2225f83e33a20021309"}) 17:21:45 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x0, 0x81, 0xffffffffffffffff, 0xffe3}) 17:21:45 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) r1 = fork() tkill(r1, 0x9) ptrace$peeksig(0x4209, r1, &(0x7f0000000040)={0x2, 0x1, 0x1}, &(0x7f00000000c0)=[{}]) 17:21:45 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x20000001, 0x0, 0xffffffffffffffff, 0xffe3}) 17:21:45 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x101000, 0x0, 0x0}, 0x58) [ 1477.667156] blktrace: Concurrent blktraces are not allowed on sg0 [ 1477.679433] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1477.694713] blktrace: Concurrent blktraces are not allowed on sg0 [ 1477.701435] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO 17:21:45 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0xf0ff1f, 0x0, 0x0}, 0x58) 17:21:45 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:21:45 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r1, 0x4c01) mq_notify(r1, &(0x7f00000001c0)={0x0, 0x29, 0x1, @thr={&(0x7f00000000c0)="2c913e7ae56fb72bb3db7e0acb5496cc86ca23106e9930ac0291f0a8a6cdc388d09589585abb5448039779fd539bb5eaeccf5dcfcfd263d40b3e1ffe799d3f01bc14bb7efbd120f6e34d3cd33cbf598b6639776f93aacf48d249c342e4737d93f46033731ddaa144867848a5856c1d2ba5ef4399ed51feffd8994aab95ec04e2fcb6314f4da950b1b250498347b8e1a8976e8495f7210cf914f9d633c4bed4df1c3fe867db53ab6a1cb53a6c413253acc52ca1098910cec030fcb92c3980de7194d1f62320b6e612b2d28e13e16a3774fc988789f984f6d66b8702400f41d9c8d115d5cb443659ad42f502d177eee72c7463fae0ed87", &(0x7f0000000040)}}) tkill(r0, 0x0) 17:21:45 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x20000001, 0x0, 0xffffffffffffffff, 0xffe3}) 17:21:45 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) fcntl$dupfd(r0, 0x0, r0) r1 = syz_open_dev$mouse(&(0x7f0000000080), 0x81, 0x1) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000180)={0x115, 0x8d5e, 0x7, "cf6490b6b0a1810851f8c673c56af124670a798fdda06b51dbe36f354066f786016926af781ffdcf692c4fc88e601618dbd4f23df3970f26a1d0ebf5e5a094019ec33f86ebc4077711bf25a36533a078aed48ef88840e5eeb9830db22da704264a1f5bd56c9019329f28a42a22f95ce46082d02a89e4a00ed3468a74ff0eed426cab2738f71ed6f0262ad61ba7dfe46b3065f4cb29e4291f2a5d82f5f1bd01f89bfa6417634ec0000000002c2abb00716302891b3d637ddf63e9cdef35f2b0100e6734a165e99c3d4a3c6367f9a3ec4caea37a352386264cd3b559f6e8ac13094c6579fdf21359783ed9dc634c9a4116bbedbaba1577e12b108724fc9ad1c27b130465068400008b00"/277}) 17:21:45 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 54) 17:21:45 executing program 6: write$binfmt_aout(0xffffffffffffffff, &(0x7f00000000c0)={{0x10b, 0x3, 0x3f, 0x3d8, 0x14d, 0x1d, 0x2f4, 0x3}, "f7d7ea2c8efbae1145f95e7e302d5c2f2bbc006186b5fdd4f19550388912c5b096022577392fda433262f20dce5548abf042acf7bfaba5591df590127fb8f5aca970b8ba421004a0309669c23be82b7c9c74cee682c286a5d2d3ae70f4d61f7be942d4e7c4c4db18a8e518009493790e94ab37a3a9fe521d98b701ab135716db7979ad21d7bad48a78476fbdef15cc3c4fba42372878c364c26124a614601ef6d1d30eab34dbf9b52567642d7b24731ff3e0a7c7edfff38a57251742a25a833d50c28d6c0c98354a971988a1e8699321a8c6758e8d8d5c5c8f7276fd77faf994ada7719d644e8ba3662cc2444cd3292bc50335", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x913) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0xfc, 0x0, 0x7fff0000}]}) r1 = fork() tkill(r1, 0x0) waitid(0x1, r1, &(0x7f0000000a00), 0x1, &(0x7f0000000a80)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000b40)) 17:21:45 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x1000000, 0x0, 0x0}, 0x58) [ 1477.868187] blktrace: Concurrent blktraces are not allowed on sg0 [ 1477.896250] blktrace: Concurrent blktraces are not allowed on sg0 [ 1477.959911] FAULT_INJECTION: forcing a failure. [ 1477.959911] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.960956] CPU: 1 PID: 30381 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1477.961802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1477.962806] Call Trace: [ 1477.966764] [ 1477.966983] dump_stack_lvl+0x8b/0xb3 [ 1477.967333] should_fail.cold+0x5/0xa [ 1477.967670] ? anon_vma_clone+0xdc/0x580 [ 1477.968042] should_failslab+0x5/0x10 [ 1477.968373] kmem_cache_alloc+0x5b/0x480 [ 1477.968741] anon_vma_clone+0xdc/0x580 [ 1477.969101] anon_vma_fork+0x82/0x6a0 [ 1477.969443] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1477.969876] ? __vm_enough_memory+0x184/0x360 [ 1477.970248] dup_mm+0x91b/0x1250 [ 1477.970557] ? replace_mm_exe_file+0x490/0x490 [ 1477.970981] ? __raw_spin_lock_init+0x36/0x110 [ 1477.971360] copy_process+0x3848/0x6cb0 [ 1477.971694] ? lock_is_held_type+0xd7/0x130 [ 1477.972078] ? find_held_lock+0x2c/0x110 [ 1477.972560] ? __cleanup_sighand+0xb0/0xb0 [ 1477.972935] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1477.973419] ? _copy_from_user+0x139/0x170 [ 1477.973805] ? kernel_clone+0x2f8/0xa60 [ 1477.974180] kernel_clone+0xe7/0xa60 [ 1477.974528] ? lock_is_held_type+0xd7/0x130 [ 1477.974958] ? create_io_thread+0xf0/0xf0 [ 1477.975359] ? lock_is_held_type+0xd7/0x130 [ 1477.975765] __do_sys_clone3+0x1dd/0x2e0 [ 1477.976147] ? __ia32_sys_clone+0x150/0x150 [ 1477.976571] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1477.977058] ? fput+0x2a/0x50 [ 1477.977370] ? __secure_computing+0xb4/0x290 [ 1477.977774] do_syscall_64+0x3b/0x90 [ 1477.978118] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1477.978590] RIP: 0033:0x7f9fb3b18b19 [ 1477.978967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.980523] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1477.981232] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1477.981855] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1477.982476] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1477.987186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.987814] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1477.988451] 17:21:45 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x20000001, 0x0, 0xffffffffffffffff, 0xffe3}) 17:21:45 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x8000000, 0x0, 0x0}, 0x58) 17:22:01 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) r1 = fork() tkill(r1, 0x9) ptrace$peeksig(0x4209, r1, &(0x7f0000000040)={0x2, 0x1, 0x1}, &(0x7f00000000c0)=[{}]) 17:22:01 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 55) 17:22:01 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) r1 = fork() tkill(r1, 0x9) getpgrp(r1) 17:22:01 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x20000001, 0x81, 0x0, 0xffe3}) 17:22:01 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:22:01 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = epoll_create(0x4) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) epoll_pwait(r3, &(0x7f00000002c0)=[{}, {}, {}], 0x3, 0x8, &(0x7f0000000300)={[0x800]}, 0x8) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r4, 0x801c581f, 0x0) r5 = epoll_create(0x4) r6 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r6, &(0x7f0000000000)) r7 = signalfd4(r3, &(0x7f0000000380)={[0x9]}, 0x8, 0x800) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r3, &(0x7f0000000340)={0x10004003}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000)) r8 = socket$nl_route(0x10, 0x3, 0x0) r9 = fsopen(&(0x7f00000003c0)='ocfs2_dlmfs\x00', 0x1) ioctl$BTRFS_IOC_SNAP_CREATE(r8, 0x50009401, &(0x7f0000001800)={{r9}, "5b1641975238716abacf452ff4a5c04dcf4b7ddedbf23ef8871575f968b806a577479c3b2467b773d618f31a60eb7deda1c9dab1ea220fd71897f108c9d3290b80c86ca46d17968ef0a0221f6b07950980711e09ffb1763d7ec9ac25d4e880f93978cd2772c48421ed66f95cdbd91b6029fcfd9e96058e26c264c8a3f9009fd4ce8823cbd9b157ec59f117e1b5cb30c2defea8c2cee965b9789429f352edf89374791ebaabac809f6a535c0a45b326a97b0f21107c8c1e4aab1c1f296a53492cd01565df3889ae691f914ba613a740ed7714ab7d5ba87e623f5760c33c2aa2069fe9d130a22f2b26f5949cca5a483f179dff6defd1ed96d146b9fbdd4b0b5b863fe41764e48f650230228cdf8dd911318a41eaceb26ff55403182fd96862158f5f8354904703d0f09c437ec3f176ca9ef4c208062715d7e9d11ecc669bf664ca1a97df2e825209abbf5849f3fd8a9686889ad0340b2b08288390a7d7d1bb35d653b28769e78c7d4769b3da0b1d7247e43dc35483a33e66389c4c6228c700e1a777996a19c1c129a96d2c8910d20846a705149944e2aa6b17f3ac72a04e454fbee8c0c5e3deded9dae153f7222b3fe8d208047d8f4c9259a8c826833ac459c7dd02306011f06cc3bc6be5bd303157f3faab92115793292b46df96788a37ca8f3d8906751409d4a870fd71582a023985540f46795ae44e53fb06cf5d58f4d0d0a90b894f655c6f5c468b944c7cbb24eac4e3c2a13a73ba759dc7edd42b194e662a0e24eff3931d1bb7fe314904bb56502ae3fbca2e97127ff01d59f4d12a60009b9946b9988a9242dc600d32d779bb3e7b4f8ad125e1c3d27ec4fa8f3bf0d4c7f29cc931236c7c95c2f8c8bf9b7d91080422d190625c2685045ddfac42c42417bf2cdaff78eb5ab13d519067c21345ee8371524b543cd09942415e3453e4fb13c76f72b8065b79385cb815ccdda7e44fd03006cac595541c57a38e78cb0aab39214ad62bf054d0b4470ec2835e14dfbaf1da00cef6167e9285213389b730d02bc283ce5dea08ea168438f6782e56678d6d3b31c943fe6e8e20042664aa18fbcdf9ce2d01250665eebd4e63daa20c1a7a4cb82c99ccf27ab90862abbeb6d00451bbd949a1dac32124942e1393e7d35a3bdd3fbaa24b9b11805a0f5ff4862e5d5df013b52b6d5ec2387484ba244f1a69789e9b06358b86216389955beb7de2d5417d6067eeb6b447c602a051d91c14020651348797e39261d198db27a228fd922167887661d8662d162247dba29db88ec30c8234e0268ec243835c1df702b9780f081b5080cda7457c589a8a5231dd7b819c613fa7c43163a2bbed5fec9d99ddbaa382b770b252129c860a7e99963e529077e59f5ace2eba09509470ea4a5ff687328a44198fb84028ffb1aa445bbf777731d61c12409474020931ab97c773a526752e0115a722d7486f73fc498fea00cdd5fd4bbd4db7600db7e4d29e9efcd3f87c7c183e8938b53725ed20dcef0ec4fffc4deba03503ef68032ba79dcbb16297c5e4b4ceab1f43827dcc6789f7bfb3b26c378c0f10bcb2be3f44e1131820ea128428ea6c91fae367ef1de2d8a7a2cd9a254002a2627129e48df0747df36a7b2c1476237a2a00ae19d0c9252c5e7e4dbc056253a5f9eae51d347b3cacccfdb92a5c523bcd6bb8d09fa3908ef570bdf8f45f92ed7662917ac3415329c64306a56e1e6592621440c6269a84acfb6a2fa1e1dd74131accd8d817f966b7c05ebb5611bc51e4174628e0f85ae1fb33fe904d79f884d69956605182695ee5fe2956d33ee7a48f226ebacdd1bb1ffd883fabc375567cf8c6abfc3f2eecfeecc8533b232117ac293c111e6ca81b796730b27eb7c4d37d4b0f5508ca3b585977d70dc03a8782cbaad6a91f1a73a0faa4d5f3333ecfd2f6adf7cc19ae6387a43012a2f28cad809a38b21675aa6f0ca21e841f339a37cbb1c1b65e0cb4ebca9bdb99a9acf388746ee1dc658495be13a0845c504da6586bce186e163c8109282fbdab5abbdb3ecfbb8ec003bb2359a2ee9f8bc7367658c56287c7538d1c5934ff7c0bd846ff7655c781a32aa9577c64922d46da450cf7a2a6fd76f576125e02c226d5f8fc51096a53d6ec80f9effa5ed5095579ec7e6293f1320aa6086c635478d8feed76a056954904a3419bdcaa1cf4b117dca5d86f9f264b5354d25c88be1b0c9b221c6666f80eecaa19be98c5396a978306a6cb9a07b607f76bcc27bd3c8c64b290a805e94f1897dbc89530caec039ed29784386c5d9fdeeb6a1e2223a54b916b499959b4fdd30c551aa3621ed783edc0fca2bf62abcc57856a77826154df40bd81f32b17b4e4ef4bef1344d9d9ea77cba76dabf0d55f0f16e054ec98e9ba3e4f0db2e46b3d209dc38e59befed590b9b56b0e6d48755cca9e7cb579629e8301b8abb249fa80b0cf19c137f40b7716d723ada6e025b65769e414548ee46cd91020b15571216dc6202876a38fe22827ef845446b8566bbef9cfd6651723769b81d5523217dab4cfbe9ec276a70ff4e26e49bbe56bffe982bf6635bb5f1dfd46baf41d8113f7d432895f941af8f70d6a1676cbc3fe43da0c28b883f1d5922bf12bf53e5db787ebebce4d204bc5829e38c06343de22fd6d26b1ed3b1a179a29d201c7296ac21f10edc24ca538efdd43a3d4d1170c0eb030f59ab85259d24e1cc34c41fb20c4d70fd40869a4d61f9edbbc0ff33b38b8ff94fff44454b94f9c3250c2858ce1f42ebb8035b936fac88d938e9032834c82b762eb186adc3dbd45a206a25ba7f7bceee2ad0ee11327258605bc0821eb46e914ab41672d267622bea752af80cfa12f54949834cf68a912a185f135616e58aeddf085353664f8adb811e6d34a402f848711f97efc8afabfb9121527490cc98adc3d3c96122bdfd0dc0f70ee468fbb5cc0c66b25e90f8c37c3af2b8d95392a78b69dd1a87fd5a679fbba34400e721ccc6997b0f8a8b272ec34673446a4e2bcbf4b791ef574568caf19fa7736add9e334b74672caf28817c4348edae9de6d01d962465b40161e02c0adf94f3ff6ed7e7307be1ca0b476ea1f0cb9b44653e7c7bacb8e17cc7336cb935b2a406f9f9b412207172bdbbcda84843ca0d0225909c44d52cd996ca0d7591e6ed924fadacbdd007f8b6f41320e3f5b94c990c69ffd665a67ba3a33785995897a65467a8a14175d9df99b8d56416a50fca91f1e57ee7b9104b4a3af14245542fc5cc440421353c3ecfe8e49c39023f68248cb9b3e59ae78f9e4dc98fbb2045c5d3d13ced2fb55c30a8c0c5658491feb48f2e7949cec70e01317304f3a3d9e71a49cc04c3eebab4be57cbdfa1f236588a123a9b994542a7338279080cf0ec99562cfe90a99d7f997731b37bcb8ebfe9ca3fb68c0f29345e21e3905d8ffade834c27b49cf075f80f8ae94cfbbd43117face180fc50abaecc24e13e6d423a54b7d4bfde4aa85b09f4fa6b65c64ecbffb4d3294eaa3b27dbd3f8f2ec91816d6f11ead0ea2984bc3cce45e3f90e611d8c6376111aef611e7da8d30752627938ce08d785816d1c1bfc23e6a3cc2a3d74f783364377539b5c2cc16f19deddfe10f9007824c6ba4aa39e3aa4c85e95de50fede3d68aedf7c38f960b26d716f826014d699988eb264236159c5aa7f2beab23d88b621a4534b918e4696f4cf33a7cce6cde929ba268633d1bc474ab4cffb8e4503ff795d121ba969a893c6bb1f45e17d01d9a87f6f4f9c4d9b28532a68d0ac9ce82a778f632166262d6d4b0b14ae797bcdaab14eaaf50adef05a9895fefe88be5abe4ed08de0832d736967f3c4f907baa12b402581d3726865559ff0c8f8795917fe48043898d416febc8c5acd1ba796e1448aaca987d95b2758602f8bba12e9b26ad88f880054d9d2e2aba7fa60414997330b150a5e3905ae24b4c16da9d7eabec462c9f69b9897a8dcc810836d9a3e3d45ea5a615d4f7e5d42d1c78a9ba6694cca7536fc5ad6e863578e6f18a343f2e5bbdfb85c7c3a08f159695184906655ce232294f8b24a9907c5794db6b1741ac53f1a894d049d07682620ad9497be61f6888b1b9f956dfce2078185a60230e274d9cbbd614350e5a8687cab47584820d53656522344da83cd29662caa2400f262cbfbb46c92d6b256d62e1060a93078304cd92a8869cc08e021dd9d9992d86fc8a48a53a46c9b37dbdb3547a5c72f6034b365ebbec726299be7cea7fdb9e502bf44fcd8bdc6186d8e306008165bdb9161110b16bbc2bc278d0af8cdbf76989635ea1f65700df86464bc3fa7554d71c0e678b3f765a5fd052a8f532213980e9fbf7ea2bd6241a58d8214429e6f5f6d5f115684848599392367402f6358f80ab8441db4aecbb897a53e57408cc0363fa76906c6bf197ae9e2ec08bbcbdabd5e7f2d53b49fb114be6e7fbb81a38b2ba9074118a67e14a9315e767204feabb590ceea1b5f456633239891aa66275407010f1fdd889b39aa4cb19805d9dc2da76d2eba7dc518b656a6245977a892075c5199b884705f0ffe212d594ba561b82d900e6159f6ffa0cc3b78502ae69d9917e7ec6f32019c6f4dd633cb9296448d87342139dd32c52b5b14b151ff123788aa46dd3d36c46ffa13fc35dad93b84a68fd7993c225fa61bb691bc8215a0e7bc3824f34484ca9d46032b7bddccb004906cf812fc36ae35dae81e625aca802c2a9cf1268df772db463668a43a0e6f1faa06f64ea39c032e1c5ee4607bd77fab2d6be1cd232cad4cbf20926a87d9ff4aed118fd6ea641bd11d52708807a0da1975b2981d43901dab3b49ac674b37cc15012569d65d3b6317cb64278e9148499f9a421eed996f524b903d2b96e010098edaa7f9e6baef85d50763b34e1af1676e6c940d3b41ed12bdcb00efbdf9c2b55f538b6726c8c31dbd539d05895389f94a09769f8696ec7586851eb91d8fd1b08cafca0a5cb62aff62efb0337e9c483ded9cd5a81967902f661a05ded1eab81bbc5b899ca99938fb20f2d0d6531c08f9ac3de70807d6055ce81fd7cf71ee5fb34a8a94a7fd97ded86ef9e14b0757030455cbbfcd3cd652225d0cf111ba5a29627dd61f9fb06b8ac020a15ea3f6e4aa06856b75a8576fbeb2bef0c886717b64952f11c5f227a732822d4aa784f716c77144985ee2665f9e6b81870a579b176ad2fdb18442578be65d8ffcd0c72e7b8dc62b646e747b3cd1cff8a104879edeb0bb9287a4fa630b4e0e2e0437d259ee309cd9b51a5f62ed81ae9f4ff1469f46c6cd422bcb033a8ef67cc3c2797f6f698b66308afc82b83f7f31226684fb7c0b588894ffaa4579a1e621dbc9b8b75ab7e6091493a0d91a2a4ec6290d2c71cb8476146b8509f462872ca8e5bcb02a3849835a1308bd23453e09880b2f23fe3faeb16ab1d9cde56961dd050da44b501facc4fd4c626271172f997b47bcd01516a9ed4791dcffe0f70a19274da811b263a96c50eb181cecdce73feaca449d947ec0202ead05431ed479bf54ce75828508872c5c516736c946ac61cfd820762362c3d6dc11b19071de9cfdd43669957ca2659786fd8aa2aad04efec193c65585013cea9d70326abd1807400fdc57956503664e6be90e79621d8fa88abd4e96926a33dd8b89fb34e139c6f962bbe1c0794e4020d042f4c3d846caaca1a80d6ed0ba9735907765e4d2dfe3a2870c968e038cc454e812d70e87ded90431c218f54f976ac164d3bc8d979409a013dd9cc06a8cccfbe480ff9235464f99da73e6ac7e23fb0ee2adae7fd3ec184bc6e"}) ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) ioctl$SG_IO(r2, 0x2285, &(0x7f00000001c0)={0x53, 0xfffffffffffffffd, 0x9, 0x20, @buffer={0x0, 0x4b, &(0x7f0000000080)=""/75}, &(0x7f0000000100)="cc1984f3beed6021c1", &(0x7f0000000140)=""/16, 0x7ff, 0x10001, 0x3, &(0x7f0000000180)}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:22:01 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x10000200, 0x0, 0x0}, 0x58) 17:22:01 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) [ 1493.396437] loop7: detected capacity change from 0 to 40 [ 1493.402087] FAULT_INJECTION: forcing a failure. [ 1493.402087] name failslab, interval 1, probability 0, space 0, times 0 [ 1493.403737] CPU: 1 PID: 30595 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1493.404904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1493.406411] Call Trace: [ 1493.406783] [ 1493.407122] dump_stack_lvl+0x8b/0xb3 [ 1493.407709] should_fail.cold+0x5/0xa [ 1493.408273] ? anon_vma_fork+0xed/0x6a0 [ 1493.408860] should_failslab+0x5/0x10 [ 1493.409426] kmem_cache_alloc+0x5b/0x480 [ 1493.410030] anon_vma_fork+0xed/0x6a0 [ 1493.410596] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1493.411371] ? __vm_enough_memory+0x184/0x360 [ 1493.412036] dup_mm+0x91b/0x1250 [ 1493.412603] ? replace_mm_exe_file+0x490/0x490 [ 1493.413279] ? __raw_spin_lock_init+0x36/0x110 [ 1493.413916] copy_process+0x3848/0x6cb0 [ 1493.414469] ? lock_is_held_type+0xd7/0x130 [ 1493.415127] ? find_held_lock+0x2c/0x110 [ 1493.415776] ? __cleanup_sighand+0xb0/0xb0 [ 1493.416443] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1493.417264] ? _copy_from_user+0x139/0x170 [ 1493.417922] ? kernel_clone+0x2f8/0xa60 [ 1493.418544] kernel_clone+0xe7/0xa60 [ 1493.419164] ? lock_is_held_type+0xd7/0x130 [ 1493.419830] ? create_io_thread+0xf0/0xf0 [ 1493.420507] ? lock_is_held_type+0xd7/0x130 [ 1493.421183] __do_sys_clone3+0x1dd/0x2e0 [ 1493.421813] ? __ia32_sys_clone+0x150/0x150 [ 1493.422509] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1493.423356] ? fput+0x2a/0x50 [ 1493.423865] ? __secure_computing+0xb4/0x290 [ 1493.424558] do_syscall_64+0x3b/0x90 [ 1493.425142] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1493.425929] RIP: 0033:0x7f9fb3b18b19 [ 1493.426493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1493.429199] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1493.430330] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1493.431447] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1493.432533] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1493.433619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1493.434740] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1493.435922] [ 1493.438526] blktrace: Concurrent blktraces are not allowed on sg0 [ 1493.467323] debugfs: File 'dropped' in directory 'loop0' already present! [ 1493.467842] debugfs: File 'msg' in directory 'loop0' already present! 17:22:01 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x11000000, 0x0, 0x0}, 0x58) 17:22:18 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x20000001, 0x81}) 17:22:18 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) r1 = fork() tkill(r1, 0x9) ptrace$peeksig(0x4209, r1, &(0x7f0000000040)={0x2, 0x1, 0x1}, &(0x7f00000000c0)=[{}]) 17:22:18 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:22:18 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x1ffff000, 0x0, 0x0}, 0x58) 17:22:18 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 56) 17:22:18 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x2, &(0x7f0000000080)=[{0x7, 0x6, 0x0, 0x8001}, {0x0, 0x5, 0xfc, 0x3}]}) r0 = fork() tkill(r0, 0x0) 17:22:18 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0x3}}, './file0\x00'}) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000140)=ANY=[@ANYBLOB="b9000000080000003bf2000033df9d57fe82b53b0666e53628e82d1586fdf9cd1b1635bc67b68db884df867cef2b23c56ac8673e809ceca83b54a7e868a9e01b22136cca7fff5fdb7a835eb3b9e98540b8c0f8a2fe9e6f9fb07ecfada4bd8047e75fe9a3dbce6eccbdef42a85dfb70cd8340d6f1043d45036b603cf98ebc0c123f6636c336be21edae408f47c428211333e1a6811811f33239009c9a8a6aefecf54803913108e6f88f4e4b437ddffe4bb7b60fac6ddfb47d1778849c401186679e16950870"]) r2 = fork() tkill(r2, 0x25) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x5, 0x2, 0x3, 0x10000000, 0x1, r2}) 17:22:18 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = fork() r2 = epoll_create(0x4) r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000240)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000040)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f00000000c0)={r5, 0x2, 0xffffffffffffffff, 0x3a5}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000040)={r5, 0x0, r0, 0x1}) tkill(r1, 0x0) [ 1511.169347] FAULT_INJECTION: forcing a failure. [ 1511.169347] name failslab, interval 1, probability 0, space 0, times 0 [ 1511.170350] CPU: 0 PID: 30938 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1511.170967] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1511.171762] Call Trace: [ 1511.171946] [ 1511.172113] dump_stack_lvl+0x8b/0xb3 [ 1511.172400] should_fail.cold+0x5/0xa [ 1511.172684] ? create_object.isra.0+0x3a/0xa20 [ 1511.173022] should_failslab+0x5/0x10 [ 1511.173300] kmem_cache_alloc+0x5b/0x480 [ 1511.173603] create_object.isra.0+0x3a/0xa20 [ 1511.173925] ? kasan_unpoison+0x23/0x50 [ 1511.174229] kmem_cache_alloc+0x239/0x480 [ 1511.174560] anon_vma_fork+0xed/0x6a0 [ 1511.174841] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1511.175207] ? __vm_enough_memory+0x184/0x360 [ 1511.175558] dup_mm+0x91b/0x1250 [ 1511.175830] ? replace_mm_exe_file+0x490/0x490 [ 1511.176167] ? __raw_spin_lock_init+0x36/0x110 [ 1511.176507] copy_process+0x3848/0x6cb0 [ 1511.176805] ? lock_is_held_type+0xd7/0x130 [ 1511.177122] ? find_held_lock+0x2c/0x110 [ 1511.177432] ? __cleanup_sighand+0xb0/0xb0 [ 1511.177750] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1511.178145] ? _copy_from_user+0x139/0x170 [ 1511.178457] ? kernel_clone+0x2f8/0xa60 [ 1511.178759] kernel_clone+0xe7/0xa60 [ 1511.179034] ? lock_is_held_type+0xd7/0x130 [ 1511.179358] ? create_io_thread+0xf0/0xf0 [ 1511.179674] ? lock_is_held_type+0xd7/0x130 [ 1511.179994] __do_sys_clone3+0x1dd/0x2e0 [ 1511.180294] ? __ia32_sys_clone+0x150/0x150 [ 1511.180627] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1511.181027] ? fput+0x2a/0x50 [ 1511.181269] ? __secure_computing+0xb4/0x290 [ 1511.181596] do_syscall_64+0x3b/0x90 [ 1511.181869] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1511.182248] RIP: 0033:0x7f9fb3b18b19 [ 1511.182515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1511.183834] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1511.184378] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1511.184885] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1511.185386] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1511.185890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1511.186394] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1511.186917] [ 1511.189668] loop7: detected capacity change from 0 to 40 [ 1511.192162] blktrace: Concurrent blktraces are not allowed on sg0 [ 1511.199110] debugfs: File 'dropped' in directory 'loop0' already present! [ 1511.199719] debugfs: File 'msg' in directory 'loop0' already present! 17:22:19 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1511.299078] loop7: detected capacity change from 0 to 40 17:22:19 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:22:19 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x20000000, 0x0, 0x0}, 0x58) [ 1511.308542] loop0: detected capacity change from 0 to 40 17:22:19 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 57) [ 1511.362683] FAULT_INJECTION: forcing a failure. [ 1511.362683] name failslab, interval 1, probability 0, space 0, times 0 [ 1511.363579] CPU: 0 PID: 31258 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1511.364171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1511.364921] Call Trace: [ 1511.365101] [ 1511.365262] dump_stack_lvl+0x8b/0xb3 [ 1511.365557] should_fail.cold+0x5/0xa [ 1511.365829] ? anon_vma_fork+0x1de/0x6a0 [ 1511.366126] should_failslab+0x5/0x10 [ 1511.366391] kmem_cache_alloc+0x5b/0x480 [ 1511.366688] anon_vma_fork+0x1de/0x6a0 [ 1511.366985] dup_mm+0x91b/0x1250 [ 1511.367256] ? replace_mm_exe_file+0x490/0x490 [ 1511.367589] ? __raw_spin_lock_init+0x36/0x110 [ 1511.367929] copy_process+0x3848/0x6cb0 [ 1511.368219] ? lock_is_held_type+0xd7/0x130 [ 1511.368527] ? find_held_lock+0x2c/0x110 [ 1511.368825] ? __cleanup_sighand+0xb0/0xb0 [ 1511.369141] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1511.369531] ? _copy_from_user+0x139/0x170 [ 1511.369834] ? kernel_clone+0x2f8/0xa60 [ 1511.370125] kernel_clone+0xe7/0xa60 [ 1511.370402] ? lock_is_held_type+0xd7/0x130 [ 1511.370715] ? create_io_thread+0xf0/0xf0 [ 1511.371026] ? lock_is_held_type+0xd7/0x130 [ 1511.371355] __do_sys_clone3+0x1dd/0x2e0 [ 1511.371656] ? __ia32_sys_clone+0x150/0x150 [ 1511.371975] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1511.372371] ? fput+0x2a/0x50 [ 1511.372611] ? __secure_computing+0xb4/0x290 [ 1511.372938] do_syscall_64+0x3b/0x90 [ 1511.373210] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1511.373585] RIP: 0033:0x7f9fb3b18b19 [ 1511.373853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1511.375133] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1511.375650] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1511.376153] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1511.376659] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1511.377161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1511.377664] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1511.378254] 17:22:35 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x3f000000, 0x0, 0x0}, 0x58) 17:22:35 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0x3}}, './file0\x00'}) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000140)=ANY=[@ANYBLOB="b9000000080000003bf2000033df9d57fe82b53b0666e53628e82d1586fdf9cd1b1635bc67b68db884df867cef2b23c56ac8673e809ceca83b54a7e868a9e01b22136cca7fff5fdb7a835eb3b9e98540b8c0f8a2fe9e6f9fb07ecfada4bd8047e75fe9a3dbce6eccbdef42a85dfb70cd8340d6f1043d45036b603cf98ebc0c123f6636c336be21edae408f47c428211333e1a6811811f33239009c9a8a6aefecf54803913108e6f88f4e4b437ddffe4bb7b60fac6ddfb47d1778849c401186679e16950870"]) r2 = fork() tkill(r2, 0x25) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x5, 0x2, 0x3, 0x10000000, 0x1, r2}) 17:22:35 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 58) 17:22:35 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x2, 0x0, 0x7fff0000}]}) r1 = fork() tkill(r1, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) r4 = epoll_create(0x4) r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000240)={0x20000000}) ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000000400)=0x0) fcntl$getownex(r5, 0x10, &(0x7f0000000840)={0x0, 0x0}) ioctl$TIOCGSID(r5, 0x5429, &(0x7f0000000880)=0x0) r9 = fork() tkill(r9, 0x9) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000900)={{0x1, 0x1, 0x18, r4, {0x0, 0xee00}}, './file0\x00'}) clone3(&(0x7f0000000940)={0x210000000, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000280), {0x21}, &(0x7f00000002c0)=""/55, 0x37, &(0x7f0000000300)=""/224, &(0x7f00000008c0)=[0x0, r6, r3, r7, r8, r1, r1, r9, r1, r1], 0xa, {r10}}, 0x58) epoll_ctl$EPOLL_CTL_MOD(r4, 0x3, r5, &(0x7f0000000000)) ioctl$LOOP_SET_STATUS64(r5, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff35, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x3]}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000140)={r2, 0x2, r0, 0x9}) r11 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r11, 0x801c581f, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000040)={r2, 0x2, r11, 0x2c6, 0x80000}) 17:22:35 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:22:35 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000640)=[{&(0x7f0000000140)=""/108, 0x6c}, {&(0x7f00000001c0)=""/172, 0xac}, {&(0x7f0000000280)=""/72, 0x48}, {&(0x7f0000000300)=""/243, 0xf3}, {&(0x7f0000000400)=""/187, 0xbb}, {&(0x7f00000004c0)=""/73, 0x49}, {&(0x7f0000000540)=""/240, 0xf0}], 0x7, &(0x7f00000006c0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}], 0xf0}, 0x40000102) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r1, 0x9, &(0x7f00000007c0)=""/90) tkill(r0, 0x38) fork() 17:22:35 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:22:35 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x1, 0x2, 0xffe3}) [ 1527.693700] FAULT_INJECTION: forcing a failure. [ 1527.693700] name failslab, interval 1, probability 0, space 0, times 0 [ 1527.694854] CPU: 0 PID: 31268 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1527.695591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1527.696548] Call Trace: [ 1527.696788] [ 1527.697000] dump_stack_lvl+0x8b/0xb3 [ 1527.697369] should_fail.cold+0x5/0xa [ 1527.697731] ? create_object.isra.0+0x3a/0xa20 [ 1527.698152] should_failslab+0x5/0x10 [ 1527.698490] kmem_cache_alloc+0x5b/0x480 [ 1527.698999] create_object.isra.0+0x3a/0xa20 [ 1527.699401] ? kasan_unpoison+0x23/0x50 [ 1527.699824] kmem_cache_alloc+0x239/0x480 [ 1527.700307] anon_vma_fork+0x1de/0x6a0 [ 1527.700674] dup_mm+0x91b/0x1250 [ 1527.701031] ? replace_mm_exe_file+0x490/0x490 [ 1527.701446] ? __raw_spin_lock_init+0x36/0x110 [ 1527.701873] copy_process+0x3848/0x6cb0 [ 1527.702228] ? lock_is_held_type+0xd7/0x130 [ 1527.702623] ? find_held_lock+0x2c/0x110 [ 1527.703006] ? __cleanup_sighand+0xb0/0xb0 [ 1527.703392] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1527.703961] ? _copy_from_user+0x139/0x170 [ 1527.704339] ? kernel_clone+0x2f8/0xa60 [ 1527.704702] kernel_clone+0xe7/0xa60 [ 1527.705090] ? lock_is_held_type+0xd7/0x130 [ 1527.705490] ? create_io_thread+0xf0/0xf0 [ 1527.705893] ? lock_is_held_type+0xd7/0x130 [ 1527.706296] __do_sys_clone3+0x1dd/0x2e0 [ 1527.706652] ? __ia32_sys_clone+0x150/0x150 [ 1527.707073] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1527.707629] ? fput+0x2a/0x50 [ 1527.708500] ? __secure_computing+0xb4/0x290 [ 1527.709390] do_syscall_64+0x3b/0x90 [ 1527.710157] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1527.711158] RIP: 0033:0x7f9fb3b18b19 [ 1527.712040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1527.715705] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1527.716374] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1527.717048] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1527.717685] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1527.718305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1527.718910] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1527.719576] [ 1527.732536] loop7: detected capacity change from 0 to 40 [ 1527.745061] blktrace: Concurrent blktraces are not allowed on sg0 [ 1527.774874] loop2: detected capacity change from 0 to 40 17:22:35 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x40000000, 0x0, 0x0}, 0x58) 17:22:35 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) r1 = dup3(r0, r0, 0x0) clone3(&(0x7f0000000200)={0x0, &(0x7f0000000080), &(0x7f00000000c0)=0x0, &(0x7f0000000100), {0xb}, &(0x7f0000000140)=""/19, 0x13, &(0x7f0000000180)=""/33, &(0x7f00000001c0)=[0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x6}, 0x58) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000280)={'\x00', 0xef84, 0x80000001, 0x1, 0x81, 0x9, r2}) 17:22:35 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1527.891310] loop7: detected capacity change from 0 to 40 17:22:35 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 59) 17:22:35 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0xf5ffffff, 0x0, 0x0}, 0x58) 17:22:35 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x200, 0x0, 0x0, 0x7fff0000}, {0x4, 0x0, 0x9, 0x1b}, {0x81, 0x7c, 0x6, 0x5}]}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) fstat(0xffffffffffffffff, &(0x7f00000000c0)) r2 = fork() tkill(r2, 0x0) fremovexattr(r0, &(0x7f0000000180)=@known='system.posix_acl_access\x00') fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) ptrace(0x4207, r3) r4 = timerfd_create(0x5, 0x80800) ioctl$AUTOFS_IOC_CATATONIC(r4, 0x9362, 0x0) 17:22:35 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x3f000000, 0x0, 0x0}, 0x58) [ 1528.066506] FAULT_INJECTION: forcing a failure. [ 1528.066506] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1528.069330] CPU: 1 PID: 31435 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1528.071289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1528.072194] Call Trace: [ 1528.072416] [ 1528.072609] dump_stack_lvl+0x8b/0xb3 [ 1528.072932] should_fail.cold+0x5/0xa [ 1528.073255] prepare_alloc_pages+0x17b/0x500 [ 1528.073627] __alloc_pages+0x131/0x4e0 [ 1528.074014] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1528.074540] ? lock_release+0x3b2/0x6f0 [ 1528.074897] alloc_pages+0x1a0/0x2f0 [ 1528.075240] get_zeroed_page+0x14/0xa0 [ 1528.075622] __pud_alloc+0x33/0x270 [ 1528.075955] copy_page_range+0x35ea/0x47b0 [ 1528.076354] ? find_held_lock+0x2c/0x110 [ 1528.076732] ? lock_downgrade+0x6d0/0x6d0 [ 1528.077113] ? vm_iomap_memory+0x190/0x190 [ 1528.077494] ? up_write+0x148/0x460 [ 1528.077824] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1528.078306] ? __vma_link_rb+0x540/0x700 [ 1528.078680] dup_mm+0x961/0x1250 [ 1528.079017] ? replace_mm_exe_file+0x490/0x490 [ 1528.079438] ? __raw_spin_lock_init+0x36/0x110 [ 1528.079898] copy_process+0x3848/0x6cb0 [ 1528.080262] ? lock_is_held_type+0xd7/0x130 [ 1528.080656] ? find_held_lock+0x2c/0x110 [ 1528.081039] ? __cleanup_sighand+0xb0/0xb0 [ 1528.081431] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1528.081908] ? _copy_from_user+0x139/0x170 [ 1528.082291] ? kernel_clone+0x2f8/0xa60 [ 1528.082665] kernel_clone+0xe7/0xa60 [ 1528.083008] ? lock_is_held_type+0xd7/0x130 [ 1528.083402] ? create_io_thread+0xf0/0xf0 [ 1528.083846] ? lock_is_held_type+0xd7/0x130 [ 1528.084246] __do_sys_clone3+0x1dd/0x2e0 [ 1528.084614] ? __ia32_sys_clone+0x150/0x150 [ 1528.085034] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1528.085514] ? fput+0x2a/0x50 [ 1528.085818] ? __secure_computing+0xb4/0x290 [ 1528.086204] do_syscall_64+0x3b/0x90 [ 1528.086541] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1528.086984] RIP: 0033:0x7f9fb3b18b19 [ 1528.087298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1528.090985] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1528.092787] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1528.094093] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1528.095428] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1528.097184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1528.098968] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1528.100783] 17:22:35 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:22:36 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1528.296764] loop2: detected capacity change from 0 to 40 [ 1528.919136] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 17:22:52 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:22:52 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) r1 = dup3(r0, r0, 0x0) clone3(&(0x7f0000000200)={0x0, &(0x7f0000000080), &(0x7f00000000c0)=0x0, &(0x7f0000000100), {0xb}, &(0x7f0000000140)=""/19, 0x13, &(0x7f0000000180)=""/33, &(0x7f00000001c0)=[0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x6}, 0x58) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000280)={'\x00', 0xef84, 0x80000001, 0x1, 0x81, 0x9, r2}) 17:22:52 executing program 6: fsetxattr(0xffffffffffffffff, &(0x7f00000003c0)=@random={'security.', '@}]+\x00'}, &(0x7f0000000400)='-\x00', 0x2, 0x1) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fork() ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140), 0x6e, &(0x7f0000000040)=[{&(0x7f00000001c0)=""/77, 0x4d}, {&(0x7f0000000240)=""/184, 0xb8}], 0x2, &(0x7f0000000300)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="17000000"], 0x48}, 0x40002040) tkill(r1, 0x5) r2 = fork() tkill(r2, 0x9) 17:22:52 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:22:52 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) 17:22:52 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0xfbffffff, 0x0, 0x0}, 0x58) 17:22:52 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 60) 17:22:52 executing program 4: keyctl$unlink(0x9, 0x0, 0xfffffffffffffffb) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 1544.525232] loop7: detected capacity change from 0 to 40 [ 1544.542314] blktrace: Concurrent blktraces are not allowed on sg0 [ 1544.546241] blktrace: Concurrent blktraces are not allowed on sg0 [ 1544.559101] loop0: detected capacity change from 0 to 40 [ 1544.591582] FAULT_INJECTION: forcing a failure. [ 1544.591582] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1544.594342] CPU: 1 PID: 31629 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1544.596259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1544.598886] Call Trace: [ 1544.599491] [ 1544.600037] dump_stack_lvl+0x8b/0xb3 [ 1544.600944] should_fail.cold+0x5/0xa [ 1544.601794] prepare_alloc_pages+0x17b/0x500 [ 1544.602912] __alloc_pages+0x131/0x4e0 [ 1544.603985] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1544.605524] ? find_held_lock+0x2c/0x110 [ 1544.606575] ? lock_downgrade+0x6d0/0x6d0 [ 1544.607579] ? do_raw_spin_lock+0x121/0x260 [ 1544.608670] alloc_pages+0x1a0/0x2f0 [ 1544.609661] __pmd_alloc+0x37/0x680 [ 1544.610598] copy_page_range+0x3575/0x47b0 [ 1544.611720] ? lock_downgrade+0x6d0/0x6d0 [ 1544.612826] ? vm_iomap_memory+0x190/0x190 [ 1544.613911] ? up_write+0x148/0x460 [ 1544.614851] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1544.616217] ? __vma_link_rb+0x540/0x700 [ 1544.617328] dup_mm+0x961/0x1250 [ 1544.618257] ? replace_mm_exe_file+0x490/0x490 [ 1544.619438] ? __raw_spin_lock_init+0x36/0x110 [ 1544.632244] copy_process+0x3848/0x6cb0 [ 1544.632595] ? lock_is_held_type+0xd7/0x130 [ 1544.632956] ? find_held_lock+0x2c/0x110 [ 1544.633308] ? __cleanup_sighand+0xb0/0xb0 [ 1544.633664] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1544.634115] ? _copy_from_user+0x139/0x170 [ 1544.634888] ? kernel_clone+0x2f8/0xa60 [ 1544.635250] kernel_clone+0xe7/0xa60 [ 1544.635969] ? lock_is_held_type+0xd7/0x130 [ 1544.636959] ? create_io_thread+0xf0/0xf0 [ 1544.637878] ? lock_is_held_type+0xd7/0x130 [ 1544.638916] __do_sys_clone3+0x1dd/0x2e0 [ 1544.639870] ? __ia32_sys_clone+0x150/0x150 [ 1544.640835] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1544.641299] ? fput+0x2a/0x50 [ 1544.641650] ? __secure_computing+0xb4/0x290 [ 1544.642131] do_syscall_64+0x3b/0x90 [ 1544.643059] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1544.644179] RIP: 0033:0x7f9fb3b18b19 [ 1544.644957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1544.646456] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1544.647075] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1544.647674] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1544.648294] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1544.648901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1544.649508] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1544.650127] 17:22:52 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) syz_io_uring_complete(0x0) syz_open_dev$loop(&(0x7f0000000080), 0x5, 0x28000) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0xfd, 0x1, 0x9, 0x40000002, 0xffe3}) 17:22:52 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:22:52 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0xfffffff5, 0x0, 0x0}, 0x58) 17:22:52 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1544.813091] loop7: detected capacity change from 0 to 40 17:22:52 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 61) 17:22:52 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) r1 = dup3(r0, r0, 0x0) clone3(&(0x7f0000000200)={0x0, &(0x7f0000000080), &(0x7f00000000c0)=0x0, &(0x7f0000000100), {0xb}, &(0x7f0000000140)=""/19, 0x13, &(0x7f0000000180)=""/33, &(0x7f00000001c0)=[0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x6}, 0x58) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000280)={'\x00', 0xef84, 0x80000001, 0x1, 0x81, 0x9, r2}) [ 1544.881214] loop0: detected capacity change from 0 to 40 17:22:52 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10010, r0, 0x4a1ee000) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000100)={0x0, 0x2, r0, 0x1, 0x80000}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) r2 = syz_open_dev$vcsn(&(0x7f0000000080), 0x18c, 0x8000) ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0) [ 1544.907016] FAULT_INJECTION: forcing a failure. [ 1544.907016] name failslab, interval 1, probability 0, space 0, times 0 [ 1544.908172] CPU: 0 PID: 31946 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1544.908893] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1544.909814] Call Trace: [ 1544.910044] [ 1544.910245] dump_stack_lvl+0x8b/0xb3 [ 1544.910584] should_fail.cold+0x5/0xa [ 1544.910913] ? __pmd_alloc+0x94/0x680 [ 1544.911284] should_failslab+0x5/0x10 [ 1544.911628] kmem_cache_alloc+0x5b/0x480 [ 1544.912008] ? alloc_pages+0x1a8/0x2f0 [ 1544.912358] __pmd_alloc+0x94/0x680 [ 1544.912679] copy_page_range+0x3575/0x47b0 [ 1544.913084] ? lock_downgrade+0x6d0/0x6d0 [ 1544.913462] ? vm_iomap_memory+0x190/0x190 [ 1544.913844] ? up_write+0x148/0x460 [ 1544.914194] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1544.914667] ? __vma_link_rb+0x540/0x700 [ 1544.915040] dup_mm+0x961/0x1250 [ 1544.915377] ? replace_mm_exe_file+0x490/0x490 [ 1544.915787] ? __raw_spin_lock_init+0x36/0x110 [ 1544.916258] copy_process+0x3848/0x6cb0 [ 1544.916617] ? lock_is_held_type+0xd7/0x130 [ 1544.917044] ? find_held_lock+0x2c/0x110 [ 1544.917430] ? __cleanup_sighand+0xb0/0xb0 [ 1544.917830] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1544.918323] ? _copy_from_user+0x139/0x170 [ 1544.918711] ? kernel_clone+0x2f8/0xa60 [ 1544.919066] kernel_clone+0xe7/0xa60 [ 1544.919414] ? lock_is_held_type+0xd7/0x130 [ 1544.919797] ? create_io_thread+0xf0/0xf0 [ 1544.920216] ? lock_is_held_type+0xd7/0x130 [ 1544.920615] __do_sys_clone3+0x1dd/0x2e0 [ 1544.920996] ? __ia32_sys_clone+0x150/0x150 [ 1544.921417] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1544.921896] ? fput+0x2a/0x50 [ 1544.922208] ? __secure_computing+0xb4/0x290 [ 1544.922745] do_syscall_64+0x3b/0x90 [ 1544.923129] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1544.923572] RIP: 0033:0x7f9fb3b18b19 [ 1544.923925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1544.925422] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1544.926042] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1544.926625] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1544.927202] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1544.927783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1544.928439] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1544.929054] 17:22:52 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) r0 = fork() tkill(r0, 0x0) 17:22:52 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) tkill(0x0, 0x0) r0 = getpid() tkill(r0, 0x24) 17:22:52 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) [ 1544.953668] blktrace: Concurrent blktraces are not allowed on sg0 [ 1544.956351] blktrace: Concurrent blktraces are not allowed on sg0 17:22:52 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0xfffffffb, 0x0, 0x0}, 0x58) [ 1544.985206] blktrace: Concurrent blktraces are not allowed on sg0 17:22:52 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) recvmsg$unix(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000240), 0x6e, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}, {&(0x7f0000001440)=""/243, 0xf3}, {&(0x7f0000001540)=""/138, 0x8a}], 0x6, &(0x7f0000001680)=ANY=[@ANYBLOB='\x00', @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x38}, 0x3) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000080)={0xc3, 0x4, 0x4, "a7409491a76d4be55ce745b8363cd1e1013aa281e3f9aada2e2464e73dbeff7712a1e755c089109882e2d95202fdf31c9be5434e137d716f485e32c1572a552ad6197807f3e1e673b3b053980711092a015752ab5f4e7af0dea2ee62db62efb02e2e5d684c35984b1ec21220ecdb30baab9cfbce99db189accfb74f40eb874bcc852cda33c918acc533a5f2f341df0d3e889746419fa2a97220c798c2a7eebc6826debc78e7ffdde2672bbec98ea0fb7441a6767aa21a18beafd4ebdf3aca5c5c25b30"}) [ 1545.039700] loop7: detected capacity change from 0 to 40 17:22:52 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 62) 17:22:52 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000100)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x7, 0x5, 0x4, 0x800}, {0x1ff, 0x40, 0x1, 0x5}, {0x400, 0x7f, 0xe8, 0x7}, {0x4, 0x9e, 0x4, 0x401}]}) r0 = fork() tkill(r0, 0x0) 17:22:52 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x100000800, 0x0, 0x0}, 0x58) [ 1545.130560] blktrace: Concurrent blktraces are not allowed on sg0 [ 1545.170205] FAULT_INJECTION: forcing a failure. [ 1545.170205] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1545.171409] CPU: 0 PID: 32104 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1545.172190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1545.173128] Call Trace: [ 1545.173363] [ 1545.173570] dump_stack_lvl+0x8b/0xb3 [ 1545.173915] should_fail.cold+0x5/0xa [ 1545.174260] prepare_alloc_pages+0x17b/0x500 [ 1545.174671] __alloc_pages+0x131/0x4e0 [ 1545.175023] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1545.175561] ? lock_release+0x3b2/0x6f0 [ 1545.175946] alloc_pages+0x1a0/0x2f0 [ 1545.176296] get_zeroed_page+0x14/0xa0 [ 1545.176640] __pud_alloc+0x33/0x270 [ 1545.176968] copy_page_range+0x35ea/0x47b0 [ 1545.177367] ? find_held_lock+0x2c/0x110 [ 1545.177772] ? lock_downgrade+0x6d0/0x6d0 [ 1545.178165] ? vm_iomap_memory+0x190/0x190 [ 1545.178546] ? up_write+0x148/0x460 [ 1545.178917] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1545.179397] ? __vma_link_rb+0x540/0x700 [ 1545.179763] dup_mm+0x961/0x1250 [ 1545.180128] ? replace_mm_exe_file+0x490/0x490 [ 1545.180546] ? __raw_spin_lock_init+0x36/0x110 [ 1545.180969] copy_process+0x3848/0x6cb0 [ 1545.181340] ? lock_is_held_type+0xd7/0x130 [ 1545.181736] ? find_held_lock+0x2c/0x110 [ 1545.182111] ? __cleanup_sighand+0xb0/0xb0 [ 1545.182493] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1545.183025] ? _copy_from_user+0x139/0x170 [ 1545.183421] ? kernel_clone+0x2f8/0xa60 [ 1545.183800] kernel_clone+0xe7/0xa60 [ 1545.184188] ? lock_is_held_type+0xd7/0x130 [ 1545.184581] ? create_io_thread+0xf0/0xf0 [ 1545.184964] ? lock_is_held_type+0xd7/0x130 [ 1545.185351] __do_sys_clone3+0x1dd/0x2e0 [ 1545.185710] ? __ia32_sys_clone+0x150/0x150 [ 1545.186128] ? __secure_computing+0xb4/0x290 [ 1545.186580] do_syscall_64+0x3b/0x90 [ 1545.186918] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1545.187370] RIP: 0033:0x7f9fb3b18b19 [ 1545.187706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1545.189230] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1545.189869] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1545.190476] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1545.191092] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1545.191728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1545.192372] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1545.193026] 17:22:53 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:22:53 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='y', 0xfffffe5f, 0x7a00) 17:22:53 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x0) getpid() 17:22:53 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) ioctl$BTRFS_IOC_SYNC(r0, 0x9408, 0x0) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000080)={0xed, 0xffffff68, 0x10000, "36bbe5fea9ed8eb1d524a695c04809cb0c5f5ea90a05e5dd3f3f2d798db5716bdeea8ec26862bc2a74e35d6f7fdfb6877b0a9abc7456e28d324972caacc8cf387b2bb90efb2b1eb9baa230126357df2af3d3f839accea2194278847f9ce84a61020dda31a7eba6ea95f6dac53cd9a3013677dd3aff344e92ccc566bbf8c77dddc9996d471e859a24b4a25a0006cd3e8d4d59b85b470cbebd233dfafdd4759725c92985f70f060a790a9086a47cb1565157870d40ce680e316998e4fc2a9072c22fc4ea7ade25a1a165ad8466be9d724b3f13c5f58a186352d7e95167a8498bd8b4695e41d7f1c25da2fef39b3e"}) [ 1545.264731] loop0: detected capacity change from 0 to 40 [ 1545.272615] loop7: detected capacity change from 0 to 40 17:22:53 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x1b0cc1f000, 0x0, 0x0}, 0x58) [ 1545.318732] blktrace: Concurrent blktraces are not allowed on sg0 [ 1545.339309] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1545.343772] blktrace: Concurrent blktraces are not allowed on sg0 17:23:10 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() fork() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f00000000c0)=0xc) rt_sigqueueinfo(r1, 0xe, &(0x7f0000000100)={0x36, 0x8, 0xc20}) r2 = fork() tkill(r2, 0x9) tkill(r0, 0x0) 17:23:10 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x10000000000, 0x0, 0x0}, 0x58) 17:23:10 executing program 2: epoll_create(0x4) r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:23:10 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, 0x0, 0x0, 0x7a00) [ 1562.705778] loop7: detected capacity change from 0 to 40 17:23:10 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) syz_io_uring_complete(0x0) syz_open_dev$loop(&(0x7f0000000080), 0x5, 0x28000) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0xfd, 0x1, 0x9, 0x40000002, 0xffe3}) 17:23:10 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 63) 17:23:10 executing program 4: syz_io_uring_setup(0x56e6, &(0x7f0000000080)={0x0, 0x7332, 0x4, 0x3, 0x209}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:23:10 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x3, 0x0, 0xc4}]}) r0 = fork() fork() r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) fgetxattr(r1, 0xfffffffffffffffe, &(0x7f0000000100)=""/207, 0xcf) ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, &(0x7f0000000200)={{0x2, 0x4e21, @multicast1}, {0x6, @broadcast}, 0x68, {0x2, 0x4e21, @multicast2}, 'batadv_slave_1\x00'}) r2 = fork() tkill(r2, 0x9) syz_open_procfs(r2, &(0x7f0000000080)='net/sco\x00') tkill(r0, 0x0) syz_open_procfs(r0, &(0x7f0000000000)='net/ipv6_route\x00') [ 1562.751047] blktrace: Concurrent blktraces are not allowed on sg0 [ 1562.751245] audit: type=1326 audit(1643044990.574:37): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=32400 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8692deab19 code=0x0 [ 1562.753893] FAULT_INJECTION: forcing a failure. [ 1562.753893] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1562.756008] CPU: 0 PID: 32402 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1562.756982] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1562.758266] Call Trace: [ 1562.758568] [ 1562.758839] dump_stack_lvl+0x8b/0xb3 [ 1562.759299] should_fail.cold+0x5/0xa [ 1562.759770] prepare_alloc_pages+0x17b/0x500 [ 1562.760311] __alloc_pages+0x131/0x4e0 [ 1562.760781] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1562.761488] ? lock_is_held_type+0xd7/0x130 [ 1562.762004] ? find_held_lock+0x2c/0x110 [ 1562.762491] alloc_pages+0x1a0/0x2f0 [ 1562.762940] pte_alloc_one+0x16/0x1f0 [ 1562.763398] __pte_alloc+0x69/0x200 [ 1562.763850] ? pmd_install+0x250/0x250 [ 1562.764333] ? do_raw_spin_unlock+0x4f/0x210 [ 1562.764859] ? _raw_spin_unlock+0x24/0x40 [ 1562.765353] copy_page_range+0x1b84/0x47b0 [ 1562.765909] ? vm_iomap_memory+0x190/0x190 [ 1562.766393] ? up_write+0x148/0x460 [ 1562.766832] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1562.767459] ? __vma_link_rb+0x540/0x700 [ 1562.767945] dup_mm+0x961/0x1250 [ 1562.768391] ? replace_mm_exe_file+0x490/0x490 [ 1562.768978] ? __raw_spin_lock_init+0x36/0x110 [ 1562.769659] copy_process+0x3848/0x6cb0 [ 1562.770260] ? lock_is_held_type+0xd7/0x130 [ 1562.770890] ? find_held_lock+0x2c/0x110 [ 1562.771518] ? __cleanup_sighand+0xb0/0xb0 [ 1562.772160] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1562.772953] ? _copy_from_user+0x139/0x170 [ 1562.773449] ? kernel_clone+0x2f8/0xa60 [ 1562.773917] kernel_clone+0xe7/0xa60 [ 1562.774353] ? lock_is_held_type+0xd7/0x130 [ 1562.774863] ? create_io_thread+0xf0/0xf0 [ 1562.775367] ? lock_is_held_type+0xd7/0x130 [ 1562.775887] __do_sys_clone3+0x1dd/0x2e0 [ 1562.776370] ? __ia32_sys_clone+0x150/0x150 [ 1562.776909] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1562.777528] ? fput+0x2a/0x50 [ 1562.777914] ? __secure_computing+0xb4/0x290 [ 1562.778425] do_syscall_64+0x3b/0x90 [ 1562.778875] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1562.779472] RIP: 0033:0x7f9fb3b18b19 [ 1562.779894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.781917] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1562.782785] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1562.783587] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1562.784393] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1562.785182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1562.785989] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1562.786811] [ 1562.789223] blktrace: Concurrent blktraces are not allowed on sg0 [ 1562.791805] debugfs: File 'dropped' in directory 'loop0' already present! [ 1562.795062] debugfs: File 'msg' in directory 'loop0' already present! [ 1562.795497] blktrace: Concurrent blktraces are not allowed on sg0 17:23:10 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) syz_io_uring_complete(0x0) syz_open_dev$loop(&(0x7f0000000080), 0x5, 0x28000) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0xfd, 0x1, 0x9, 0x40000002, 0xffe3}) 17:23:10 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x81000) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000340)={0x53, 0xfffffffffffffffd, 0x71, 0x1, @scatter={0x1, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/104, 0x68}]}, &(0x7f0000000180)="e3f840c1bdc4613101ba8b93cdb744edc496320942688602833dbea8a60d0b137bb580944651957127f601ff4ea71b72f264143b56b6ec8e0347b525b46ee9cea598332be3d8dfc0aed656ca1410353a12ea6bfd2c92dd1fc729fef7eef9f5eb09d1efd0f15d40e0a5c3318c0435981ca8", &(0x7f0000000200)=""/244, 0x1, 0x10032, 0xffffffffffffffff, &(0x7f0000000300)}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) [ 1562.901276] blktrace: Concurrent blktraces are not allowed on sg0 [ 1562.914482] sd 0:0:0:0: [sda] tag#0 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1562.915575] sd 0:0:0:0: [sda] tag#0 CDB: opcode=0xe3 (vendor) [ 1562.916237] sd 0:0:0:0: [sda] tag#0 CDB[00]: e3 f8 40 c1 bd c4 61 31 01 ba 8b 93 cd b7 44 ed [ 1562.917124] sd 0:0:0:0: [sda] tag#0 CDB[10]: c4 96 32 09 42 68 86 02 83 3d be a8 a6 0d 0b 13 [ 1562.918025] sd 0:0:0:0: [sda] tag#0 CDB[20]: 7b b5 80 94 46 51 95 71 27 f6 01 ff 4e a7 1b 72 [ 1562.918882] sd 0:0:0:0: [sda] tag#0 CDB[30]: f2 64 14 3b 56 b6 ec 8e 03 47 b5 25 b4 6e e9 ce [ 1562.919781] sd 0:0:0:0: [sda] tag#0 CDB[40]: a5 98 33 2b e3 d8 df c0 ae d6 56 ca 14 10 35 3a [ 1562.920842] sd 0:0:0:0: [sda] tag#0 CDB[50]: 12 ea 6b fd 2c 92 dd 1f c7 29 fe f7 ee f9 f5 eb [ 1562.921953] sd 0:0:0:0: [sda] tag#0 CDB[60]: 09 d1 ef d0 f1 5d 40 e0 a5 c3 31 8c 04 35 98 1c [ 1562.923050] sd 0:0:0:0: [sda] tag#0 CDB[70]: a8 [ 1562.927677] blktrace: Concurrent blktraces are not allowed on sg0 [ 1562.933116] sd 0:0:0:0: [sda] tag#0 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1562.934189] sd 0:0:0:0: [sda] tag#0 CDB: opcode=0xe3 (vendor) [ 1562.934793] sd 0:0:0:0: [sda] tag#0 CDB[00]: e3 f8 40 c1 bd c4 61 31 01 ba 8b 93 cd b7 44 ed [ 1562.935697] sd 0:0:0:0: [sda] tag#0 CDB[10]: c4 96 32 09 42 68 86 02 83 3d be a8 a6 0d 0b 13 [ 1562.936638] sd 0:0:0:0: [sda] tag#0 CDB[20]: 7b b5 80 94 46 51 95 71 27 f6 01 ff 4e a7 1b 72 [ 1562.937625] sd 0:0:0:0: [sda] tag#0 CDB[30]: f2 64 14 3b 56 b6 ec 8e 03 47 b5 25 b4 6e e9 ce [ 1562.938760] sd 0:0:0:0: [sda] tag#0 CDB[40]: a5 98 33 2b e3 d8 df c0 ae d6 56 ca 14 10 35 3a [ 1562.939875] sd 0:0:0:0: [sda] tag#0 CDB[50]: 12 ea 6b fd 2c 92 dd 1f c7 29 fe f7 ee f9 f5 eb [ 1562.940995] sd 0:0:0:0: [sda] tag#0 CDB[60]: 09 d1 ef d0 f1 5d 40 e0 a5 c3 31 8c 04 35 98 1c [ 1562.941896] sd 0:0:0:0: [sda] tag#0 CDB[70]: a8 17:23:27 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x2a0f3ad34000, 0x0, 0x0}, 0x58) 17:23:27 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, 0x0, 0x0, 0x7a00) 17:23:27 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, 0x0) ppoll(&(0x7f00000000c0)=[{r0, 0x400}, {r1, 0x80}, {r0, 0xb40a}, {r0, 0x8405}, {r0, 0x1060}, {r0, 0x2200}, {r2, 0x2050}], 0x7, &(0x7f0000000100)={0x0, 0x3938700}, &(0x7f0000000140)={[0x2]}, 0x8) r3 = fork() tkill(r3, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)) 17:23:27 executing program 4: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000140), 0x8000, 0x0) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f00000001c0)={0x20002011}) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x7, 0xffffffffffffff37, 0x0, 0x12, 0xc, 0x0, "23c2d80353e2f6a33c3e59015505ac0d65bc8b584c0564cf1252925367d826dee4aed502dc498a3d5c028f7b69f143afd05a4631a6ae553f096dd6e8a33af795", "970da5fd2a5ca37306ba38b5bc51fbc98a6fdf16294e20401cf1632175cc9150dad985aa02040d9d566fd3881b67dd89a5da4c3da629ed5abc60dce05e0c79f8", "367043bc1c4a0680996102355937587a7b0008000000000000035f223600", [0x1a5, 0x1]}) r3 = socket$packet(0x11, 0x3, 0x300) epoll_create(0x3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000080)={r4, 0x1, 0x6, @broadcast}, 0x10) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000180)={r4, 0x1, 0x6, @broadcast}, 0x10) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000080)={'syztnl0\x00', r4, 0x4, 0x3, 0x5, 0x10001, 0x8, @loopback, @local, 0x80, 0x10, 0x6, 0x1}}) r5 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x1, 0x9, 0x2, 0xffe3}) 17:23:27 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)) fork() fork() r0 = fork() tkill(r0, 0x9) tkill(r0, 0xfffffffe) 17:23:27 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 64) 17:23:27 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) syz_io_uring_complete(0x0) syz_open_dev$loop(&(0x7f0000000080), 0x5, 0x28000) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0xfd, 0x1, 0x9, 0x40000002, 0xffe3}) 17:23:27 executing program 2: epoll_create(0x4) r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1579.925903] blktrace: Concurrent blktraces are not allowed on sg0 [ 1579.928400] FAULT_INJECTION: forcing a failure. [ 1579.928400] name failslab, interval 1, probability 0, space 0, times 0 [ 1579.929469] CPU: 0 PID: 32632 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1579.930230] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1579.931164] Call Trace: [ 1579.931393] [ 1579.931595] dump_stack_lvl+0x8b/0xb3 [ 1579.931945] should_fail.cold+0x5/0xa [ 1579.932293] ? ptlock_alloc+0x1d/0x70 [ 1579.932657] should_failslab+0x5/0x10 [ 1579.933003] kmem_cache_alloc+0x5b/0x480 [ 1579.933370] ptlock_alloc+0x1d/0x70 [ 1579.933700] pte_alloc_one+0x68/0x1f0 [ 1579.934047] __pte_alloc+0x69/0x200 [ 1579.934396] ? pmd_install+0x250/0x250 [ 1579.934764] ? do_raw_spin_unlock+0x4f/0x210 [ 1579.935155] ? _raw_spin_unlock+0x24/0x40 [ 1579.935533] copy_page_range+0x1b84/0x47b0 [ 1579.935958] ? vm_iomap_memory+0x190/0x190 [ 1579.936347] ? up_write+0x148/0x460 [ 1579.948647] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1579.949289] ? __vma_link_rb+0x540/0x700 [ 1579.949751] dup_mm+0x961/0x1250 [ 1579.950149] ? replace_mm_exe_file+0x490/0x490 [ 1579.950635] ? __raw_spin_lock_init+0x36/0x110 [ 1579.951140] copy_process+0x3848/0x6cb0 [ 1579.951580] ? lock_is_held_type+0xd7/0x130 [ 1579.952041] ? find_held_lock+0x2c/0x110 [ 1579.956686] ? __cleanup_sighand+0xb0/0xb0 [ 1579.957158] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1579.957731] ? _copy_from_user+0x139/0x170 [ 1579.958185] ? kernel_clone+0x2f8/0xa60 [ 1579.958627] kernel_clone+0xe7/0xa60 [ 1579.959049] ? lock_is_held_type+0xd7/0x130 [ 1579.959525] ? create_io_thread+0xf0/0xf0 [ 1579.959970] ? lock_is_held_type+0xd7/0x130 [ 1579.964766] __do_sys_clone3+0x1dd/0x2e0 [ 1579.965206] ? __ia32_sys_clone+0x150/0x150 [ 1579.965680] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1579.966225] ? fput+0x2a/0x50 [ 1579.966571] ? __secure_computing+0xb4/0x290 [ 1579.967025] do_syscall_64+0x3b/0x90 [ 1579.967421] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1579.967959] RIP: 0033:0x7f9fb3b18b19 [ 1579.968358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1579.969920] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1579.970576] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1579.971215] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1579.971834] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1579.984610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1579.985229] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1579.985854] [ 1579.994030] device syz_tun entered promiscuous mode [ 1579.995108] blktrace: Concurrent blktraces are not allowed on sg0 [ 1579.995844] device syz_tun left promiscuous mode [ 1580.003291] debugfs: File 'dropped' in directory 'loop0' already present! [ 1580.015630] device syz_tun entered promiscuous mode [ 1580.016910] device syz_tun left promiscuous mode [ 1580.017592] blktrace: Concurrent blktraces are not allowed on sg0 [ 1580.018289] debugfs: File 'msg' in directory 'loop0' already present! 17:23:27 executing program 0: r0 = epoll_create(0x4) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x20000000}) r2 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) [ 1580.058665] loop7: detected capacity change from 0 to 40 [ 1580.170137] debugfs: File 'dropped' in directory 'loop0' already present! [ 1580.170809] debugfs: File 'msg' in directory 'loop0' already present! 17:23:43 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 65) 17:23:43 executing program 2: epoll_create(0x4) r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x20000001, 0x81, 0xffffffffffffffff, 0xffe3}) 17:23:43 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = fork() tkill(r0, 0x3f) 17:23:43 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, 0x0, 0x0, 0x7a00) 17:23:43 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x553a286e8000, 0x0, 0x0}, 0x58) 17:23:43 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, 0x0, 0x0, 0x7a00) 17:23:43 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000200)={0x3, &(0x7f0000000140)=[{0x5, 0x81, 0x8, 0xfffff72b}, {0xffe1, 0x2, 0x1, 0x7ffbffff}, {0x401, 0xff, 0x3, 0x7f}]}) r0 = fork() seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000100)={0x4, &(0x7f00000000c0)=[{0x9, 0xf9, 0x4, 0x1}, {0x3f8, 0x1, 0x2, 0x6}, {0x100, 0x53, 0x1, 0x9}, {0xa6f6, 0x7, 0x80, 0x564}]}) tkill(r0, 0x400017) tkill(r0, 0xe) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)=0x0) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r2, 0x40086607, &(0x7f00000001c0)=0x3) ptrace$setopts(0x4200, r1, 0x65b0, 0x22) 17:23:43 executing program 4: syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000080), 0x0, 0x80) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x101, 0x4000001, 0x9, 0x2, 0xffe1}) [ 1595.202505] debugfs: File 'dropped' in directory 'loop0' already present! [ 1595.203569] debugfs: File 'msg' in directory 'loop0' already present! [ 1595.212875] FAULT_INJECTION: forcing a failure. [ 1595.212875] name failslab, interval 1, probability 0, space 0, times 0 [ 1595.214473] CPU: 0 PID: 32959 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1595.215582] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1595.217092] Call Trace: [ 1595.217453] [ 1595.217768] dump_stack_lvl+0x8b/0xb3 [ 1595.218316] should_fail.cold+0x5/0xa [ 1595.218852] ? create_object.isra.0+0x3a/0xa20 [ 1595.219498] should_failslab+0x5/0x10 [ 1595.220027] kmem_cache_alloc+0x5b/0x480 [ 1595.220599] create_object.isra.0+0x3a/0xa20 [ 1595.221258] ? kasan_unpoison+0x23/0x50 [ 1595.221872] kmem_cache_alloc+0x239/0x480 [ 1595.222483] ptlock_alloc+0x1d/0x70 [ 1595.223022] pte_alloc_one+0x68/0x1f0 [ 1595.223601] __pte_alloc+0x69/0x200 [ 1595.224158] ? pmd_install+0x250/0x250 [ 1595.224769] ? do_raw_spin_unlock+0x4f/0x210 [ 1595.225431] ? _raw_spin_unlock+0x24/0x40 [ 1595.226067] copy_page_range+0x1b84/0x47b0 [ 1595.226753] ? vm_iomap_memory+0x190/0x190 [ 1595.227377] ? up_write+0x148/0x460 [ 1595.227928] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1595.228747] ? __vma_link_rb+0x540/0x700 [ 1595.229366] dup_mm+0x961/0x1250 [ 1595.229898] ? replace_mm_exe_file+0x490/0x490 [ 1595.230590] ? __raw_spin_lock_init+0x36/0x110 [ 1595.231429] copy_process+0x3848/0x6cb0 [ 1595.232037] ? lock_is_held_type+0xd7/0x130 [ 1595.232718] ? find_held_lock+0x2c/0x110 [ 1595.233479] ? __cleanup_sighand+0xb0/0xb0 [ 1595.234132] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1595.234930] ? _copy_from_user+0x139/0x170 [ 1595.235558] ? kernel_clone+0x2f8/0xa60 [ 1595.236150] kernel_clone+0xe7/0xa60 [ 1595.236725] ? lock_is_held_type+0xd7/0x130 [ 1595.237364] ? create_io_thread+0xf0/0xf0 [ 1595.238010] ? lock_is_held_type+0xd7/0x130 [ 1595.238663] __do_sys_clone3+0x1dd/0x2e0 [ 1595.239266] ? __ia32_sys_clone+0x150/0x150 [ 1595.240087] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1595.240887] ? fput+0x2a/0x50 [ 1595.241385] ? __secure_computing+0xb4/0x290 [ 1595.242220] do_syscall_64+0x3b/0x90 [ 1595.242780] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1595.243526] RIP: 0033:0x7f9fb3b18b19 [ 1595.244060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1595.246565] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1595.247624] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1595.248601] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1595.249587] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1595.250563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1595.251540] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1595.252550] [ 1595.278670] loop7: detected capacity change from 0 to 40 17:23:43 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = fork() ptrace$setopts(0xffffffffffffffff, r1, 0x101, 0x4) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) r3 = fork() tkill(r3, 0x9) syz_open_procfs$userns(r3, &(0x7f0000000040)) tkill(r2, 0xfffffffc) 17:23:43 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)) r0 = fork() tkill(r0, 0x0) fork() 17:23:43 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x2001000000000, 0x0, 0x0}, 0x58) 17:23:43 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 66) 17:23:43 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, 0x0, 0x0, 0x7a00) 17:23:43 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000), 0x0, 0x7a00) [ 1595.466431] loop7: detected capacity change from 0 to 40 [ 1595.494362] FAULT_INJECTION: forcing a failure. [ 1595.494362] name failslab, interval 1, probability 0, space 0, times 0 [ 1595.496132] CPU: 0 PID: 33181 Comm: syz-executor.1 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1595.497241] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1595.498718] Call Trace: [ 1595.499076] [ 1595.499392] dump_stack_lvl+0x8b/0xb3 [ 1595.499928] should_fail.cold+0x5/0xa [ 1595.500456] ? vm_area_dup+0x78/0x290 [ 1595.501010] should_failslab+0x5/0x10 [ 1595.501536] kmem_cache_alloc+0x5b/0x480 [ 1595.502098] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1595.502793] vm_area_dup+0x78/0x290 [ 1595.503324] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1595.504068] ? copy_page_range+0x2cc8/0x47b0 [ 1595.504731] ? vm_area_alloc+0x110/0x110 [ 1595.505314] ? vm_iomap_memory+0x190/0x190 [ 1595.505899] ? up_write+0x148/0x460 [ 1595.506409] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 17:23:43 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, 0x0, 0x0, 0x7a00) [ 1595.507143] ? __vma_link_rb+0x540/0x700 [ 1595.507895] dup_mm+0x53f/0x1250 [ 1595.508403] ? replace_mm_exe_file+0x490/0x490 [ 1595.509097] ? __raw_spin_lock_init+0x36/0x110 [ 1595.509780] copy_process+0x3848/0x6cb0 [ 1595.510331] ? lock_is_held_type+0xd7/0x130 [ 1595.510919] ? find_held_lock+0x2c/0x110 [ 1595.511489] ? __cleanup_sighand+0xb0/0xb0 [ 1595.512141] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1595.512935] ? _copy_from_user+0x139/0x170 [ 1595.513531] ? kernel_clone+0x2f8/0xa60 [ 1595.514113] kernel_clone+0xe7/0xa60 [ 1595.514668] ? lock_is_held_type+0xd7/0x130 [ 1595.515297] ? create_io_thread+0xf0/0xf0 [ 1595.515900] ? lock_is_held_type+0xd7/0x130 [ 1595.516492] __do_sys_clone3+0x1dd/0x2e0 [ 1595.517079] ? __ia32_sys_clone+0x150/0x150 [ 1595.517747] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1595.518558] ? fput+0x2a/0x50 [ 1595.519035] ? __secure_computing+0xb4/0x290 [ 1595.519671] do_syscall_64+0x3b/0x90 [ 1595.520231] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1595.520973] RIP: 0033:0x7f9fb3b18b19 [ 1595.521464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1595.523931] RSP: 002b:00007f9fb108e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1595.524973] RAX: ffffffffffffffda RBX: 00007f9fb3c2bf60 RCX: 00007f9fb3b18b19 [ 1595.525907] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000640 [ 1595.526899] RBP: 00007f9fb108e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1595.527873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1595.528822] R13: 00007fff221089af R14: 00007f9fb108e300 R15: 0000000000022000 [ 1595.529848] 17:23:43 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x2020000000000, 0x0, 0x0}, 0x58) 17:23:43 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000), 0x0, 0x7a00) [ 1598.954680] oom_reaper: reaped process 32957 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1599.009628] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1599.010833] CPU: 1 PID: 32957 Comm: syz-executor.4 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1599.011527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1599.012447] Call Trace: [ 1599.012676] [ 1599.012894] dump_stack_lvl+0x8b/0xb3 [ 1599.013278] dump_header+0x106/0x60f [ 1599.013612] oom_kill_process.cold+0x10/0x15 [ 1599.014001] out_of_memory+0x11e7/0x14b0 [ 1599.014370] ? oom_killer_disable+0x270/0x270 [ 1599.014769] __alloc_pages_slowpath.constprop.0+0x1972/0x1f10 [ 1599.015294] ? warn_alloc+0x180/0x180 [ 1599.015629] ? lock_is_held_type+0xd7/0x130 [ 1599.016016] ? prepare_alloc_pages+0x371/0x500 [ 1599.016389] ? lock_is_held_type+0xd7/0x130 [ 1599.016790] __alloc_pages+0x403/0x4e0 [ 1599.017189] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1599.017695] ? mark_held_locks+0x9e/0xe0 [ 1599.018064] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1599.018549] alloc_pages+0x1a0/0x2f0 [ 1599.018896] relay_open_buf.part.0+0x2a4/0xc00 [ 1599.019305] relay_open+0x4ec/0x970 [ 1599.019633] do_blk_trace_setup+0x4c3/0xc80 [ 1599.020012] ? _copy_from_user+0x139/0x170 [ 1599.020393] __blk_trace_setup+0xca/0x180 [ 1599.020765] ? do_blk_trace_setup+0xc80/0xc80 [ 1599.021205] ? blk_trace_ioctl+0xb7/0x270 [ 1599.021578] blk_trace_ioctl+0x13b/0x270 [ 1599.021936] ? blk_add_trace_rq_insert+0x50/0x50 [ 1599.022355] ? selinux_inode_getsecctx+0x90/0x90 [ 1599.022789] blkdev_ioctl+0x18d/0x7f0 [ 1599.023131] ? blkdev_common_ioctl+0x16b0/0x16b0 [ 1599.023542] ? __x64_sys_ioctl+0x97/0x210 [ 1599.023906] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1599.024380] ? blkdev_common_ioctl+0x16b0/0x16b0 [ 1599.024825] __x64_sys_ioctl+0x196/0x210 [ 1599.025235] do_syscall_64+0x3b/0x90 [ 1599.025575] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1599.026026] RIP: 0033:0x7f544adecb19 [ 1599.026360] Code: Unable to access opcode bytes at RIP 0x7f544adecaef. [ 1599.026890] RSP: 002b:00007f5448362188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1599.027519] RAX: ffffffffffffffda RBX: 00007f544aefff60 RCX: 00007f544adecb19 [ 1599.028106] RDX: 0000000020000000 RSI: 00000000c0481273 RDI: 0000000000000004 [ 1599.028696] RBP: 00007f544ae46f6d R08: 0000000000000000 R09: 0000000000000000 [ 1599.029372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1599.029975] R13: 00007ffda7a4458f R14: 00007f5448362300 R15: 0000000000022000 [ 1599.030592] [ 1599.031065] Mem-Info: [ 1599.031295] active_anon:7950 inactive_anon:39014 isolated_anon:0 [ 1599.031295] active_file:53 inactive_file:0 isolated_file:1 [ 1599.031295] unevictable:0 dirty:0 writeback:0 [ 1599.031295] slab_reclaimable:9292 slab_unreclaimable:64421 [ 1599.031295] mapped:69634 shmem:129 pagetables:6113 bounce:0 [ 1599.031295] kernel_misc_reclaimable:0 [ 1599.031295] free:2711 free_pcp:88 free_cma:0 [ 1599.034148] Node 0 active_anon:31800kB inactive_anon:156056kB active_file:212kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):4kB mapped:278536kB dirty:0kB writeback:0kB shmem:516kB writeback_tmp:0kB kernel_stack:9600kB pagetables:24452kB all_unreclaimable? yes [ 1599.036153] Node 0 DMA free:6488kB boost:0kB min:44kB low:56kB high:68kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1599.038423] lowmem_reserve[]: 0 1617 1617 1617 [ 1599.038845] Node 0 DMA32 free:4356kB boost:6144kB min:11264kB low:12920kB high:14576kB reserved_highatomic:0KB active_anon:31800kB inactive_anon:156056kB active_file:212kB inactive_file:0kB unevictable:0kB writepending:0kB present:2080640kB managed:1660796kB mlocked:0kB bounce:0kB free_pcp:352kB local_pcp:352kB free_cma:0kB [ 1599.041138] lowmem_reserve[]: 0 0 0 0 [ 1599.041492] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 0*32kB 1*64kB (U) 0*128kB 1*256kB (U) 0*512kB 0*1024kB 1*2048kB (M) 1*4096kB (M) = 6488kB [ 1599.042744] Node 0 DMA32: 667*4kB (UME) 135*8kB (UME) 38*16kB (UM) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4356kB [ 1599.043937] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1599.044635] 172 total pagecache pages [ 1599.044998] 0 pages in swap cache [ 1599.045293] Swap cache stats: add 0, delete 0, find 0/0 [ 1599.045728] Free swap = 0kB [ 1599.046016] Total swap = 0kB [ 1599.046263] 524158 pages RAM [ 1599.046505] 0 pages HighMem/MovableOnly [ 1599.046809] 105119 pages reserved [ 1599.047115] Unreclaimable slab info: [ 1599.048033] Name Used Total [ 1599.048512] pid_3 7KB 7KB [ 1599.049081] pid_2 177KB 210KB [ 1599.049541] IEEE-802.15.4-MAC 31KB 31KB [ 1599.050012] p9_req_t 8KB 8KB [ 1599.050453] fib6_nodes 28KB 28KB [ 1599.050877] ip6_dst_cache 30KB 30KB [ 1599.051307] PINGv6 63KB 63KB [ 1599.051699] RAWv6 189KB 189KB [ 1599.052118] UDPLITEv6 62KB 62KB [ 1599.052545] UDPv6 62KB 62KB [ 1599.053135] TCPv6 62KB 62KB [ 1599.053585] scsi_sense_cache 8KB 8KB [ 1599.054056] sd_ext_cdb 3KB 3KB [ 1599.054496] virtio_scsi_cmd 16KB 16KB [ 1599.054960] bio-96 11KB 11KB [ 1599.055411] sgpool-128 127KB 297KB [ 1599.055848] sgpool-64 63KB 63KB [ 1599.056316] sgpool-32 47KB 47KB [ 1599.056763] sgpool-16 105KB 105KB [ 1599.057322] sgpool-8 37KB 37KB [ 1599.057764] bio-224 3KB 3KB [ 1599.058239] mqueue_inode_cache 60KB 60KB [ 1599.058682] nfs_commit_data 15KB 15KB [ 1599.059150] nfs_write_data 47KB 47KB [ 1599.059591] jbd2_inode 7KB 7KB [ 1599.060060] ext4_system_zone 7KB 7KB [ 1599.060613] ext4_io_end_vec 11KB 11KB [ 1599.061158] ext4_bio_post_read_ctx 15KB 15KB [ 1599.061639] io_kiocb 15KB 15KB [ 1599.062126] kioctx 31KB 31KB [ 1599.062571] aio_kiocb 7KB 7KB [ 1599.063048] dio 15KB 15KB [ 1599.063499] fasync_cache 3KB 3KB [ 1599.063981] pid_namespace 7KB 7KB [ 1599.064429] posix_timers_cache 7KB 7KB [ 1599.065144] rpc_buffers 31KB 31KB [ 1599.066075] rpc_tasks 3KB 3KB [ 1599.067043] UNIX-STREAM 172KB 310KB [ 1599.068064] UNIX 176KB 279KB [ 1599.068989] UDP-Lite 31KB 31KB [ 1599.069442] tcp_bind_bucket 8KB 8KB [ 1599.069891] ip_fib_trie 8KB 8KB [ 1599.070376] ip_fib_alias 11KB 11KB [ 1599.070821] ip_dst_cache 8KB 8KB [ 1599.071295] RAW 125KB 125KB [ 1599.071737] UDP 220KB 220KB [ 1599.072209] request_sock_TCP 15KB 15KB [ 1599.072656] TCP 58KB 58KB [ 1599.073855] hugetlbfs_inode_cache 31KB 31KB [ 1599.075279] bio-216 11KB 11KB [ 1599.076364] ep_head 8KB 8KB [ 1599.077551] eventpoll_pwq 27KB 27KB [ 1599.078620] eventpoll_epi 47KB 47KB [ 1599.079653] inotify_inode_mark 46KB 46KB [ 1599.080904] request_queue 62KB 62KB [ 1599.082178] blkdev_ioc 4KB 4KB [ 1599.083461] bio-160 40KB 40KB [ 1599.084793] biovec-max 535KB 535KB [ 1599.086091] biovec-64 94KB 157KB [ 1599.087411] biovec-16 26KB 26KB [ 1599.088719] user_namespace 30KB 30KB [ 1599.090043] uid_cache 7KB 7KB [ 1599.091442] dmaengine-unmap-2 4KB 4KB [ 1599.092835] audit_buffer 7KB 7KB [ 1599.094214] skbuff_fclone_cache 82KB 82KB [ 1599.095586] skbuff_head_cache 406KB 615KB [ 1599.096964] file_lock_cache 55KB 55KB [ 1599.098330] file_lock_ctx 7KB 7KB [ 1599.099694] fsnotify_mark_connector 24KB 24KB [ 1599.101205] net_namespace 93KB 93KB [ 1599.102558] taskstats 30KB 30KB [ 1599.103941] proc_dir_entry 362KB 386KB [ 1599.105315] pde_opener 11KB 27KB [ 1599.105780] seq_file 48KB 48KB [ 1599.106269] sigqueue 19KB 39KB [ 1599.106735] shmem_inode_cache 1456KB 1623KB [ 1599.107229] kernfs_iattrs_cache 243KB 243KB [ 1599.107704] kernfs_node_cache 5526KB 5526KB [ 1599.108195] mnt_cache 173KB 181KB [ 1599.108662] filp 1540KB 1755KB [ 1599.109181] names_cache 10701KB 11186KB [ 1599.109634] hashtab_node 274KB 274KB [ 1599.110116] ebitmap_node 1149KB 1149KB [ 1599.110566] avtab_node 4976KB 4976KB [ 1599.111049] avc_node 35KB 35KB [ 1599.111503] lsm_inode_cache 3355KB 3391KB [ 1599.111983] lsm_file_cache 80KB 148KB [ 1599.112433] key_jar 31KB 31KB [ 1599.112905] uts_namespace 15KB 15KB [ 1599.113395] nsproxy 15KB 15KB [ 1599.113855] vm_area_struct 2441KB 2588KB [ 1599.114346] mm_struct 453KB 504KB [ 1599.114796] fs_cache 66KB 68KB [ 1599.115273] files_cache 246KB 286KB [ 1599.115723] signal_cache 531KB 607KB [ 1599.116201] sighand_cache 700KB 721KB [ 1599.116647] task_struct 3390KB 3691KB [ 1599.117168] cred_jar 161KB 212KB [ 1599.117621] anon_vma_chain 673KB 728KB [ 1599.118097] anon_vma 888KB 888KB [ 1599.118553] pid 58KB 75KB [ 1599.119036] Acpi-Operand 72KB 130KB [ 1599.119475] Acpi-ParseExt 31KB 31KB [ 1599.119956] Acpi-Parse 35KB 51KB [ 1599.120404] Acpi-State 47KB 63KB [ 1599.120868] Acpi-Namespace 28KB 28KB [ 1599.121361] numa_policy 3KB 3KB [ 1599.121811] perf_event 62KB 62KB [ 1599.123102] trace_event_file 175KB 175KB [ 1599.124430] ftrace_event_field 296KB 296KB [ 1599.125806] pool_workqueue 32KB 32KB [ 1599.127128] task_group 16KB 16KB [ 1599.128400] vmap_area 47KB 66KB [ 1599.129728] page->ptl 605KB 653KB [ 1599.131051] kmemleak_scan_area 30KB 47KB [ 1599.132974] kmemleak_object 150101KB 159468KB [ 1599.134345] kmalloc-cg-8k 256KB 256KB [ 1599.135646] kmalloc-cg-4k 600KB 704KB [ 1599.136973] kmalloc-cg-2k 1768KB 1920KB [ 1599.138312] kmalloc-cg-1k 240KB 288KB [ 1599.139662] kmalloc-cg-512 247KB 272KB [ 1599.141015] kmalloc-cg-256 16KB 16KB [ 1599.142358] kmalloc-cg-192 28KB 28KB [ 1599.143681] kmalloc-cg-128 16KB 16KB [ 1599.145030] kmalloc-cg-96 42KB 44KB [ 1599.146088] kmalloc-cg-64 40KB 40KB [ 1599.147147] kmalloc-cg-32 51KB 72KB [ 1599.148192] kmalloc-cg-16 8KB 8KB [ 1599.148735] kmalloc-cg-8 15KB 15KB [ 1599.149257] kmalloc-8k 4864KB 5024KB [ 1599.149714] kmalloc-4k 6104KB 6272KB [ 1599.150208] kmalloc-2k 4320KB 4416KB [ 1599.150659] kmalloc-1k 4010KB 4448KB [ 1599.151173] kmalloc-512 3025KB 5728KB [ 1599.151630] kmalloc-256 966KB 1088KB [ 1599.152119] kmalloc-192 531KB 604KB [ 1599.152577] kmalloc-128 571KB 600KB [ 1599.153130] kmalloc-96 340KB 572KB [ 1599.153604] kmalloc-64 1063KB 1496KB [ 1599.154092] kmalloc-32 703KB 748KB [ 1599.154542] kmalloc-16 323KB 340KB [ 1599.155024] kmalloc-8 275KB 282KB [ 1599.155474] kmem_cache_node 51KB 51KB [ 1599.155953] kmem_cache 82KB 82KB [ 1599.156402] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz4,mems_allowed=0,global_oom,task_memcg=/syz4,task=syz-executor.4,pid=32957,uid=0 [ 1599.158184] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:577 [ 1599.159174] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 32957, name: syz-executor.4 [ 1599.159876] preempt_count: 1, expected: 0 [ 1599.160259] RCU nest depth: 0, expected: 0 [ 1599.160787] 4 locks held by syz-executor.4/32957: [ 1599.161232] #0: ffff88800bce82d0 (&q->debugfs_mutex){+.+.}-{3:3}, at: blk_trace_ioctl+0xa9/0x270 [ 1599.162054] #1: ffffffff85246ae8 (relay_channels_mutex){+.+.}-{3:3}, at: relay_open+0x39c/0x970 [ 1599.162817] #2: ffffffff852793e8 (oom_lock){+.+.}-{3:3}, at: __alloc_pages_slowpath.constprop.0+0xcc9/0x1f10 [ 1599.163683] #3: ffff88804497a360 (&p->alloc_lock){+.+.}-{2:2}, at: find_lock_task_mm+0xe3/0x2b0 [ 1599.164469] Preemption disabled at: [ 1599.164478] [<0000000000000000>] 0x0 [ 1599.165152] CPU: 1 PID: 32957 Comm: syz-executor.4 Not tainted 5.17.0-rc1-next-20220124 #1 [ 1599.165829] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1599.166727] Call Trace: [ 1599.166951] [ 1599.167152] dump_stack_lvl+0x8b/0xb3 [ 1599.167497] __might_resched.cold+0x222/0x26b [ 1599.167883] __mutex_lock+0x9e/0x1480 [ 1599.168220] ? _raw_spin_unlock_irqrestore+0x33/0x50 [ 1599.168650] ? futex_exit_release+0x2d/0x220 [ 1599.169045] ? mutex_lock_io_nested+0x12c0/0x12c0 [ 1599.169454] ? find_held_lock+0x2c/0x110 [ 1599.169799] ? lock_release+0x3b2/0x6f0 [ 1599.170143] ? __oom_kill_process+0x33f/0xf90 [ 1599.170544] ? lock_downgrade+0x6d0/0x6d0 [ 1599.170910] ? mark_held_locks+0x9e/0xe0 [ 1599.171267] futex_exit_release+0x2d/0x220 [ 1599.171612] __oom_kill_process+0x373/0xf90 [ 1599.171972] ? mem_cgroup_get_oom_group+0x12f/0x420 [ 1599.172386] oom_kill_process+0xd7/0x5c0 [ 1599.172731] out_of_memory+0x11e7/0x14b0 [ 1599.173116] ? oom_killer_disable+0x270/0x270 [ 1599.173498] __alloc_pages_slowpath.constprop.0+0x1972/0x1f10 [ 1599.174003] ? warn_alloc+0x180/0x180 [ 1599.174332] ? lock_is_held_type+0xd7/0x130 [ 1599.174711] ? prepare_alloc_pages+0x371/0x500 [ 1599.175094] ? lock_is_held_type+0xd7/0x130 [ 1599.175469] __alloc_pages+0x403/0x4e0 [ 1599.175805] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1599.176303] ? mark_held_locks+0x9e/0xe0 [ 1599.176666] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1599.177158] alloc_pages+0x1a0/0x2f0 [ 1599.177494] relay_open_buf.part.0+0x2a4/0xc00 [ 1599.177897] relay_open+0x4ec/0x970 [ 1599.178217] do_blk_trace_setup+0x4c3/0xc80 [ 1599.178593] ? _copy_from_user+0x139/0x170 [ 1599.178954] __blk_trace_setup+0xca/0x180 [ 1599.179303] ? do_blk_trace_setup+0xc80/0xc80 [ 1599.179695] ? blk_trace_ioctl+0xb7/0x270 [ 1599.180051] blk_trace_ioctl+0x13b/0x270 [ 1599.180391] ? blk_add_trace_rq_insert+0x50/0x50 [ 1599.180795] ? selinux_inode_getsecctx+0x90/0x90 [ 1599.185721] blkdev_ioctl+0x18d/0x7f0 [ 1599.186057] ? blkdev_common_ioctl+0x16b0/0x16b0 [ 1599.186458] ? __x64_sys_ioctl+0x97/0x210 [ 1599.186808] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1599.187271] ? blkdev_common_ioctl+0x16b0/0x16b0 [ 1599.187684] __x64_sys_ioctl+0x196/0x210 [ 1599.188032] do_syscall_64+0x3b/0x90 [ 1599.188363] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1599.188836] RIP: 0033:0x7f544adecb19 [ 1599.189166] Code: Unable to access opcode bytes at RIP 0x7f544adecaef. [ 1599.191023] RSP: 002b:00007f5448362188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1599.191643] RAX: ffffffffffffffda RBX: 00007f544aefff60 RCX: 00007f544adecb19 [ 1599.192219] RDX: 0000000020000000 RSI: 00000000c0481273 RDI: 0000000000000004 [ 1599.194444] RBP: 00007f544ae46f6d R08: 0000000000000000 R09: 0000000000000000 [ 1599.195033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1599.195598] R13: 00007ffda7a4458f R14: 00007f5448362300 R15: 0000000000022000 [ 1599.196193] [ 1599.196495] [ 1599.196651] ============================= [ 1599.197044] [ BUG: Invalid wait context ] [ 1599.197377] 5.17.0-rc1-next-20220124 #1 Tainted: G W [ 1599.197879] ----------------------------- [ 1599.198209] syz-executor.4/32957 is trying to lock: [ 1599.198611] ffff88804497ad70 (&tsk->futex_exit_mutex){+.+.}-{3:3}, at: futex_exit_release+0x2d/0x220 [ 1599.199369] other info that might help us debug this: [ 1599.199780] context-{4:4} [ 1599.200013] 4 locks held by syz-executor.4/32957: [ 1599.200403] #0: ffff88800bce82d0 (&q->debugfs_mutex){+.+.}-{3:3}, at: blk_trace_ioctl+0xa9/0x270 [ 1599.201286] #1: ffffffff85246ae8 (relay_channels_mutex){+.+.}-{3:3}, at: relay_open+0x39c/0x970 [ 1599.202019] #2: ffffffff852793e8 (oom_lock){+.+.}-{3:3}, at: __alloc_pages_slowpath.constprop.0+0xcc9/0x1f10 [ 1599.202844] #3: ffff88804497a360 (&p->alloc_lock){+.+.}-{2:2}, at: find_lock_task_mm+0xe3/0x2b0 [ 1599.203583] stack backtrace: [ 1599.203838] CPU: 1 PID: 32957 Comm: syz-executor.4 Tainted: G W 5.17.0-rc1-next-20220124 #1 [ 1599.204603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1599.209807] Call Trace: [ 1599.210037] [ 1599.210232] dump_stack_lvl+0x8b/0xb3 [ 1599.210563] __lock_acquire.cold+0xc8/0x3b4 [ 1599.210924] ? swsusp_read.cold+0x2b/0x4a [ 1599.211267] ? lock_chain_count+0x20/0x20 [ 1599.211619] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1599.212058] lock_acquire+0x1a2/0x4d0 [ 1599.212385] ? futex_exit_release+0x2d/0x220 [ 1599.212924] ? lock_release+0x6f0/0x6f0 [ 1599.213277] ? dump_stack_lvl+0xab/0xb3 [ 1599.214707] __mutex_lock+0x136/0x1480 [ 1599.215053] ? futex_exit_release+0x2d/0x220 [ 1599.215415] ? _raw_spin_unlock_irqrestore+0x33/0x50 [ 1599.215841] ? futex_exit_release+0x2d/0x220 [ 1599.216213] ? mutex_lock_io_nested+0x12c0/0x12c0 [ 1599.216616] ? find_held_lock+0x2c/0x110 [ 1599.217150] ? lock_release+0x3b2/0x6f0 [ 1599.217486] ? __oom_kill_process+0x33f/0xf90 [ 1599.218929] ? lock_downgrade+0x6d0/0x6d0 [ 1599.219275] ? mark_held_locks+0x9e/0xe0 [ 1599.219628] futex_exit_release+0x2d/0x220 [ 1599.219986] __oom_kill_process+0x373/0xf90 [ 1599.220355] ? mem_cgroup_get_oom_group+0x12f/0x420 [ 1599.220793] oom_kill_process+0xd7/0x5c0 [ 1599.221249] out_of_memory+0x11e7/0x14b0 [ 1599.221605] ? oom_killer_disable+0x270/0x270 [ 1599.221993] __alloc_pages_slowpath.constprop.0+0x1972/0x1f10 [ 1599.222476] ? warn_alloc+0x180/0x180 [ 1599.222804] ? lock_is_held_type+0xd7/0x130 [ 1599.223176] ? prepare_alloc_pages+0x371/0x500 [ 1599.223566] ? lock_is_held_type+0xd7/0x130 [ 1599.223942] __alloc_pages+0x403/0x4e0 [ 1599.224288] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1599.225860] ? mark_held_locks+0x9e/0xe0 [ 1599.226229] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1599.226696] alloc_pages+0x1a0/0x2f0 [ 1599.227038] relay_open_buf.part.0+0x2a4/0xc00 [ 1599.227423] relay_open+0x4ec/0x970 [ 1599.227735] do_blk_trace_setup+0x4c3/0xc80 [ 1599.228095] ? _copy_from_user+0x139/0x170 [ 1599.228455] __blk_trace_setup+0xca/0x180 [ 1599.228818] ? do_blk_trace_setup+0xc80/0xc80 [ 1599.229201] ? blk_trace_ioctl+0xb7/0x270 [ 1599.229551] blk_trace_ioctl+0x13b/0x270 [ 1599.229893] ? blk_add_trace_rq_insert+0x50/0x50 [ 1599.230287] ? selinux_inode_getsecctx+0x90/0x90 [ 1599.230700] blkdev_ioctl+0x18d/0x7f0 [ 1599.231020] ? blkdev_common_ioctl+0x16b0/0x16b0 [ 1599.231409] ? __x64_sys_ioctl+0x97/0x210 [ 1599.231766] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1599.232228] ? blkdev_common_ioctl+0x16b0/0x16b0 [ 1599.232615] __x64_sys_ioctl+0x196/0x210 [ 1599.234043] do_syscall_64+0x3b/0x90 [ 1599.234363] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1599.234800] RIP: 0033:0x7f544adecb19 [ 1599.235123] Code: Unable to access opcode bytes at RIP 0x7f544adecaef. [ 1599.235646] RSP: 002b:00007f5448362188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1599.236254] RAX: ffffffffffffffda RBX: 00007f544aefff60 RCX: 00007f544adecb19 [ 1599.237903] RDX: 0000000020000000 RSI: 00000000c0481273 RDI: 0000000000000004 [ 1599.238474] RBP: 00007f544ae46f6d R08: 0000000000000000 R09: 0000000000000000 [ 1599.239059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1599.239634] R13: 00007ffda7a4458f R14: 00007f5448362300 R15: 0000000000022000 [ 1599.240228] [ 1599.240532] Out of memory (oom_kill_allocating_task): Killed process 32957 (syz-executor.4) total-vm:93676kB, anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000 [ 1599.242085] syz-executor.4: page allocation failure: order:0, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz4,mems_allowed=0 [ 1599.243054] CPU: 1 PID: 32957 Comm: syz-executor.4 Tainted: G W 5.17.0-rc1-next-20220124 #1 [ 1599.243817] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1599.244720] Call Trace: [ 1599.244974] [ 1599.245167] dump_stack_lvl+0x8b/0xb3 [ 1599.245506] warn_alloc.cold+0x95/0x18a [ 1599.245853] ? zone_watermark_ok_safe+0x240/0x240 [ 1599.246270] ? __mutex_unlock_slowpath+0x15c/0x5e0 [ 1599.246679] ? oom_killer_disable+0x270/0x270 [ 1599.247072] __alloc_pages_slowpath.constprop.0+0x1a21/0x1f10 [ 1599.247570] ? warn_alloc+0x180/0x180 [ 1599.247892] ? lock_is_held_type+0xd7/0x130 [ 1599.248256] ? prepare_alloc_pages+0x371/0x500 [ 1599.248630] ? lock_is_held_type+0xd7/0x130 [ 1599.249029] __alloc_pages+0x403/0x4e0 [ 1599.249354] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1599.249842] ? mark_held_locks+0x9e/0xe0 [ 1599.250191] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1599.250651] alloc_pages+0x1a0/0x2f0 [ 1599.250975] relay_open_buf.part.0+0x2a4/0xc00 [ 1599.251365] relay_open+0x4ec/0x970 [ 1599.251683] do_blk_trace_setup+0x4c3/0xc80 [ 1599.252049] ? _copy_from_user+0x139/0x170 [ 1599.252395] __blk_trace_setup+0xca/0x180 [ 1599.252732] ? do_blk_trace_setup+0xc80/0xc80 [ 1599.253157] ? blk_trace_ioctl+0xb7/0x270 [ 1599.253506] blk_trace_ioctl+0x13b/0x270 [ 1599.253853] ? blk_add_trace_rq_insert+0x50/0x50 [ 1599.254247] ? selinux_inode_getsecctx+0x90/0x90 [ 1599.254656] blkdev_ioctl+0x18d/0x7f0 [ 1599.254984] ? blkdev_common_ioctl+0x16b0/0x16b0 [ 1599.255380] ? __x64_sys_ioctl+0x97/0x210 [ 1599.255725] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1599.256176] ? blkdev_common_ioctl+0x16b0/0x16b0 [ 1599.256570] __x64_sys_ioctl+0x196/0x210 [ 1599.256968] do_syscall_64+0x3b/0x90 [ 1599.257284] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1599.257719] RIP: 0033:0x7f544adecb19 [ 1599.258049] Code: Unable to access opcode bytes at RIP 0x7f544adecaef. [ 1599.258576] RSP: 002b:00007f5448362188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1599.259184] RAX: ffffffffffffffda RBX: 00007f544aefff60 RCX: 00007f544adecb19 [ 1599.259776] RDX: 0000000020000000 RSI: 00000000c0481273 RDI: 0000000000000004 [ 1599.260350] RBP: 00007f544ae46f6d R08: 0000000000000000 R09: 0000000000000000 [ 1599.260961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1599.261534] R13: 00007ffda7a4458f R14: 00007f5448362300 R15: 0000000000022000 [ 1599.262104] [ 1599.262366] Mem-Info: [ 1599.262578] active_anon:7950 inactive_anon:39014 isolated_anon:0 [ 1599.262578] active_file:49 inactive_file:0 isolated_file:1 [ 1599.262578] unevictable:0 dirty:0 writeback:0 [ 1599.262578] slab_reclaimable:9292 slab_unreclaimable:64421 [ 1599.262578] mapped:69634 shmem:129 pagetables:6113 bounce:0 [ 1599.262578] kernel_misc_reclaimable:0 [ 1599.262578] free:2711 free_pcp:88 free_cma:0 [ 1599.265297] Node 0 active_anon:31800kB inactive_anon:156056kB active_file:196kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):4kB mapped:278536kB dirty:0kB writeback:0kB shmem:516kB writeback_tmp:0kB kernel_stack:9600kB pagetables:24452kB all_unreclaimable? yes [ 1599.267258] Node 0 DMA free:6488kB boost:0kB min:44kB low:56kB high:68kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1599.269350] lowmem_reserve[]: 0 1617 1617 1617 [ 1599.269748] Node 0 DMA32 free:4356kB boost:6144kB min:11264kB low:12920kB high:14576kB reserved_highatomic:0KB active_anon:31800kB inactive_anon:156056kB active_file:196kB inactive_file:0kB unevictable:0kB writepending:0kB present:2080640kB managed:1660796kB mlocked:0kB bounce:0kB free_pcp:352kB local_pcp:352kB free_cma:0kB [ 1599.271997] lowmem_reserve[]: 0 0 0 0 [ 1599.272335] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 0*32kB 1*64kB (U) 0*128kB 1*256kB (U) 0*512kB 0*1024kB 1*2048kB (M) 1*4096kB (M) = 6488kB [ 1599.273518] Node 0 DMA32: 667*4kB (UME) 135*8kB (UME) 38*16kB (UM) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4356kB [ 1599.274606] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1599.275297] 172 total pagecache pages [ 1599.275601] 0 pages in swap cache [ 1599.275879] Swap cache stats: add 0, delete 0, find 0/0 [ 1599.276335] Free swap = 0kB [ 1599.276586] Total swap = 0kB [ 1599.276863] 524158 pages RAM [ 1599.277141] 0 pages HighMem/MovableOnly [ 1599.277460] 105119 pages reserved [ 1599.394383] debugfs: File 'dropped' in directory 'loop0' already present! [ 1599.395023] debugfs: File 'msg' in directory 'loop0' already present! VM DIAGNOSIS: 17:23:47 Registers: info registers vcpu 0 RAX=ffffffff8409a950 RBX=ffffffff85032600 RCX=ffffffff8407c931 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffffff85007e40 R8 =0000000000000001 R9 =ffff88806ce38953 R10=ffffed100d9c712a R11=0000000000000001 R12=fffffbfff0a064c0 R13=ffffffff858cb250 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff8409a95b RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f42e1d0a116 CR3=000000001019c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 a4d60245b89e15bf 784104cf9e274374 YMM02=0000000000000000 0000000000000000 6b1e99b806172e3b 00000000000aea20 YMM03=0000000000000000 0000000000000000 ac8bc31478ec8511 00000000000aef98 YMM04=0000000000000000 0000000000000000 49de50a51113b5fb 00000000000b1490 YMM05=0000000000000000 0000000000000000 d3fdd5f48436fbd7 00000000000aeac8 YMM06=0000000000000000 0000000000000000 4b01b46bb08f2ae1 00000000000ae980 YMM07=0000000000000000 0000000000000000 a1fcdcf819d7e1e5 00000000000ae728 YMM08=0000000000000000 0000000000000000 44495f474f4c5359 530069253d595449 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffffffff84e2b62a RCX=ffff888044979ac0 RDX=0000000000000002 RSI=ffff888044979ac0 RDI=0000000000000003 RBP=0000000000000000 RSP=ffff888044ef67c8 R8 =0000000000000001 R9 =0000000000000000 R10=ffffffff813a08a1 R11=0000000000000000 R12=0000000000000001 R13=ffff888044ef6992 R14=00000000000001fe R15=dffffc0000000000 RIP=ffffffff81433bcd RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f5448362700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f544adecaef CR3=000000004895a000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM02=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM03=0000000000000000 0000000000000000 3031323266666637 30303030203a3331 YMM04=0000000000000000 0000000000000000 6620666620666620 6666206362203163 YMM05=0000000000000000 0000000000000000 6666206666203066 203130206433203e YMM06=0000000000000000 0000000000000000 6334206238206334 2038632039382064 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 34383932352e3539 3531205b3e343c00 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000