penat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:05 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:05 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:05 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 1980.912105] FAT-fs (loop7): bogus number of reserved sectors
[ 1980.912543] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 1980.913073] loop5: detected capacity change from 0 to 40
[ 1980.935307] syz-executor.6: attempt to access beyond end of device
[ 1980.935307] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 1980.936209] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 1980.962391] FAT-fs (loop5): bogus number of reserved sectors
[ 1980.963354] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 1980.981751] FAT-fs (loop3): bogus number of reserved sectors
[ 1980.982184] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1980.983026] loop2: detected capacity change from 0 to 40
[ 1980.985154] loop0: detected capacity change from 0 to 40
[ 1980.986854] loop4: detected capacity change from 0 to 40
[ 1980.990321] FAT-fs (loop2): bogus number of reserved sectors
[ 1980.990837] FAT-fs (loop2): Can't find a valid FAT filesystem
15:35:05 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 1981.043750] loop6: detected capacity change from 0 to 40
15:35:05 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 1981.140659] syz-executor.6: attempt to access beyond end of device
[ 1981.140659] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 1981.141613] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 1981.193240] loop4: detected capacity change from 0 to 40
15:35:05 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 1981.208757] FAT-fs (loop4): invalid media value (0x00)
[ 1981.209295] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1981.316264] loop6: detected capacity change from 0 to 40
[ 1981.365341] syz-executor.6: attempt to access beyond end of device
[ 1981.365341] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 1981.366278] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:35:05 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 1981.464247] loop6: detected capacity change from 0 to 40
15:35:06 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:06 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 1981.868200] loop7: detected capacity change from 0 to 40
15:35:06 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:06 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 1981.893971] FAT-fs (loop7): bogus number of reserved sectors
[ 1981.894866] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 1981.900437] loop5: detected capacity change from 0 to 40
[ 1981.928987] FAT-fs (loop5): bogus number of reserved sectors
[ 1981.930144] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 1982.040508] loop2: detected capacity change from 0 to 40
[ 1982.069281] loop0: detected capacity change from 0 to 40
[ 1982.073721] FAT-fs (loop2): bogus number of reserved sectors
[ 1982.074903] FAT-fs (loop2): Can't find a valid FAT filesystem
15:35:06 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 1982.320961] loop1: detected capacity change from 0 to 40
[ 1982.340531] FAT-fs (loop1): bogus number of reserved sectors
[ 1982.341413] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 1995.069939] loop5: detected capacity change from 0 to 40
[ 1995.070017] loop2: detected capacity change from 0 to 40
15:35:19 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r3}}, './file2\x00'})
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:35:19 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:19 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:19 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:19 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:19 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:19 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:19 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 1995.074083] FAT-fs (loop2): bogus number of reserved sectors
[ 1995.074503] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 1995.082591] loop1: detected capacity change from 0 to 40
[ 1995.087521] FAT-fs (loop1): invalid media value (0x00)
[ 1995.087973] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 1995.097620] loop3: detected capacity change from 0 to 40
[ 1995.105680] FAT-fs (loop5): bogus number of reserved sectors
[ 1995.106122] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 1995.113467] loop0: detected capacity change from 0 to 40
[ 1995.130012] loop6: detected capacity change from 0 to 40
[ 1995.132439] loop7: detected capacity change from 0 to 40
[ 1995.141733] loop4: detected capacity change from 0 to 40
[ 1995.150382] FAT-fs (loop7): bogus number of reserved sectors
[ 1995.151002] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 1995.163355] FAT-fs (loop4): invalid media value (0x00)
[ 1995.164283] FAT-fs (loop4): Can't find a valid FAT filesystem
15:35:19 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 1995.351162] loop0: detected capacity change from 0 to 40
15:35:19 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 1995.508363] loop0: detected capacity change from 0 to 40
15:35:20 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 1995.720564] loop0: detected capacity change from 0 to 40
15:35:20 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 1995.982117] loop0: detected capacity change from 0 to 40
15:35:33 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:33 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r3}}, './file2\x00'})
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:35:33 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:33 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:33 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:33 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0}], 0x410, &(0x7f0000000140)=ANY=[])
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:33 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2008.700680] loop7: detected capacity change from 0 to 40
[ 2008.703078] loop1: detected capacity change from 0 to 40
[ 2008.710773] loop2: detected capacity change from 0 to 40
[ 2008.713836] FAT-fs (loop7): bogus number of reserved sectors
[ 2008.714224] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 2008.714695] FAT-fs (loop2): bogus number of reserved sectors
[ 2008.715108] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 2008.721377] loop4: detected capacity change from 0 to 40
[ 2008.724322] loop6: detected capacity change from 0 to 40
15:35:33 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2008.749901] FAT-fs (loop4): invalid media value (0x00)
[ 2008.750596] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 2008.756195] FAT-fs (loop3): bogus number of reserved sectors
[ 2008.756571] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 2008.769019] loop5: detected capacity change from 0 to 40
[ 2008.771140] loop0: detected capacity change from 0 to 40
[ 2008.775312] FAT-fs (loop5): bogus number of reserved sectors
[ 2008.775791] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 2008.816889] syz-executor.1: attempt to access beyond end of device
[ 2008.816889] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2008.818191] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:35:33 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:33 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2008.978210] loop0: detected capacity change from 0 to 40
[ 2009.073216] loop1: detected capacity change from 0 to 40
15:35:33 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2009.174478] loop0: detected capacity change from 0 to 40
[ 2009.307074] syz-executor.1: attempt to access beyond end of device
[ 2009.307074] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2009.309058] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:35:48 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:48 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:48 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:48 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:48 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:48 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:48 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:48 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r3}}, './file2\x00'})
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2023.920096] loop6: detected capacity change from 0 to 40
[ 2023.951372] loop7: detected capacity change from 0 to 40
[ 2023.953573] loop0: detected capacity change from 0 to 40
[ 2023.957439] FAT-fs (loop7): bogus number of reserved sectors
[ 2023.957863] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 2023.960064] loop3: detected capacity change from 0 to 40
[ 2023.972700] FAT-fs (loop3): bogus number of FAT sectors
[ 2023.973392] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 2023.974363] loop1: detected capacity change from 0 to 40
[ 2023.975308] loop5: detected capacity change from 0 to 40
[ 2023.980940] FAT-fs (loop1): bogus number of reserved sectors
[ 2023.981393] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 2023.981621] loop4: detected capacity change from 0 to 40
[ 2023.981854] FAT-fs (loop5): bogus number of reserved sectors
[ 2023.982921] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 2024.001488] loop2: detected capacity change from 0 to 40
[ 2024.012936] FAT-fs (loop2): bogus number of reserved sectors
[ 2024.013925] FAT-fs (loop2): Can't find a valid FAT filesystem
15:35:48 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2024.130976] loop0: detected capacity change from 0 to 40
15:35:48 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2024.269708] loop0: detected capacity change from 0 to 40
15:35:48 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2024.425535] loop0: detected capacity change from 0 to 40
15:35:49 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2024.665111] loop0: detected capacity change from 0 to 40
15:35:49 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:49 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:49 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2024.860796] loop6: detected capacity change from 0 to 40
[ 2024.873428] loop0: detected capacity change from 0 to 40
[ 2024.909030] loop2: detected capacity change from 0 to 40
[ 2024.924495] FAT-fs (loop2): bogus number of reserved sectors
[ 2024.925173] FAT-fs (loop2): Can't find a valid FAT filesystem
15:35:49 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:49 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:49 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2025.026207] loop7: detected capacity change from 0 to 40
[ 2025.058336] FAT-fs (loop7): bogus number of reserved sectors
[ 2025.059150] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 2025.065429] loop3: detected capacity change from 0 to 40
[ 2025.081855] loop5: detected capacity change from 0 to 40
[ 2025.087407] FAT-fs (loop5): bogus number of reserved sectors
[ 2025.087872] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 2025.109037] FAT-fs (loop3): bogus number of FAT sectors
[ 2025.109777] FAT-fs (loop3): Can't find a valid FAT filesystem
15:35:49 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:49 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2025.235996] loop0: detected capacity change from 0 to 40
15:35:49 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2025.268860] loop4: detected capacity change from 0 to 40
[ 2025.275267] FAT-fs (loop4): bogus number of reserved sectors
[ 2025.275951] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 2025.313320] loop1: detected capacity change from 0 to 40
15:35:49 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2025.398028] loop0: detected capacity change from 0 to 40
15:35:49 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2025.575270] loop0: detected capacity change from 0 to 40
15:35:50 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:50 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:50 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2025.838470] loop0: detected capacity change from 0 to 40
15:35:50 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:35:50 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

[ 2025.932038] loop2: detected capacity change from 0 to 40
[ 2025.949588] loop6: detected capacity change from 0 to 40
[ 2025.980685] loop7: detected capacity change from 0 to 40
[ 2025.985046] FAT-fs (loop2): invalid media value (0x00)
[ 2025.985776] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 2025.986817] loop0: detected capacity change from 0 to 40
[ 2026.001823] FAT-fs (loop7): bogus number of reserved sectors
[ 2026.002266] FAT-fs (loop7): Can't find a valid FAT filesystem
15:36:04 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:04 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:04 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:04 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:04 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

[ 2039.950997] loop6: detected capacity change from 0 to 40
[ 2039.951297] loop2: detected capacity change from 0 to 40
15:36:04 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:04 executing program 4:
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:04 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2039.960033] loop7: detected capacity change from 0 to 40
[ 2039.970469] FAT-fs (loop7): bogus number of reserved sectors
[ 2039.970904] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 2039.988827] FAT-fs (loop2): invalid media value (0x00)
[ 2039.989248] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 2040.008787] loop5: detected capacity change from 0 to 40
[ 2040.010991] loop0: detected capacity change from 0 to 40
15:36:04 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2040.031346] loop3: detected capacity change from 0 to 40
[ 2040.032177] FAT-fs (loop5): bogus number of reserved sectors
[ 2040.033097] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 2040.035519] loop4: detected capacity change from 0 to 40
[ 2040.045953] loop1: detected capacity change from 0 to 40
[ 2040.057976] FAT-fs (loop3): bogus number of FAT sectors
[ 2040.058375] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 2040.089969] loop6: detected capacity change from 0 to 40
15:36:04 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

15:36:04 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2040.288288] loop0: detected capacity change from 0 to 40
[ 2040.310873] loop6: detected capacity change from 0 to 40
15:36:04 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

15:36:04 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2040.624128] loop6: detected capacity change from 0 to 40
[ 2040.636554] loop0: detected capacity change from 0 to 40
15:36:05 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

15:36:05 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:05 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:05 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2041.003736] loop0: detected capacity change from 0 to 40
[ 2041.038124] loop7: detected capacity change from 0 to 40
[ 2041.047191] FAT-fs (loop7): invalid media value (0x00)
[ 2041.048030] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 2041.065152] loop6: detected capacity change from 0 to 40
[ 2041.075471] loop5: detected capacity change from 0 to 40
[ 2041.090964] FAT-fs (loop5): bogus number of reserved sectors
[ 2041.091622] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 2041.131053] loop2: detected capacity change from 0 to 40
15:36:05 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2041.153587] FAT-fs (loop2): invalid media value (0x00)
[ 2041.154198] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 2041.237954] loop4: detected capacity change from 0 to 40
[ 2041.252468] FAT-fs (loop4): invalid media value (0x00)
[ 2041.253243] FAT-fs (loop4): Can't find a valid FAT filesystem
15:36:20 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:20 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2056.395421] loop3: detected capacity change from 0 to 40
15:36:20 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:20 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

15:36:20 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:20 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:20 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:20 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2056.405192] loop0: detected capacity change from 0 to 40
[ 2056.409730] loop1: detected capacity change from 0 to 40
[ 2056.412929] loop7: detected capacity change from 0 to 40
[ 2056.416183] loop5: detected capacity change from 0 to 40
[ 2056.419733] FAT-fs (loop3): invalid media value (0x00)
[ 2056.420431] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 2056.421054] FAT-fs (loop7): invalid media value (0x00)
[ 2056.421781] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 2056.422235] FAT-fs (loop5): invalid media value (0x00)
[ 2056.422612] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 2056.432421] loop6: detected capacity change from 0 to 40
[ 2056.448464] loop4: detected capacity change from 0 to 40
[ 2056.460216] loop2: detected capacity change from 0 to 40
[ 2056.476566] FAT-fs (loop2): invalid media value (0x00)
[ 2056.477290] FAT-fs (loop2): Can't find a valid FAT filesystem
15:36:21 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

[ 2056.484738] FAT-fs (loop4): invalid media value (0x00)
[ 2056.485569] FAT-fs (loop4): Can't find a valid FAT filesystem
15:36:21 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2056.639586] loop0: detected capacity change from 0 to 40
[ 2056.645436] loop6: detected capacity change from 0 to 40
15:36:21 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

[ 2056.816942] loop0: detected capacity change from 0 to 40
15:36:21 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:21 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

[ 2056.993973] loop6: detected capacity change from 0 to 40
[ 2057.107956] loop0: detected capacity change from 0 to 40
15:36:21 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2057.303104] loop6: detected capacity change from 0 to 40
15:36:21 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:21 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2057.440067] loop7: detected capacity change from 0 to 40
[ 2057.447788] FAT-fs (loop7): invalid media value (0x00)
[ 2057.448491] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 2057.450942] loop5: detected capacity change from 0 to 40
[ 2057.464352] FAT-fs (loop5): invalid media value (0x00)
[ 2057.465170] FAT-fs (loop5): Can't find a valid FAT filesystem
15:36:36 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:36 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:36 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:36 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:36 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:36 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:36 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:36 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2071.851011] loop7: detected capacity change from 0 to 40
[ 2071.854865] loop6: detected capacity change from 0 to 40
[ 2071.859043] loop2: detected capacity change from 0 to 40
[ 2071.860314] loop4: detected capacity change from 0 to 40
[ 2071.862059] loop3: detected capacity change from 0 to 40
[ 2071.867742] FAT-fs (loop7): invalid media value (0x00)
[ 2071.868295] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 2071.872751] FAT-fs (loop4): invalid media value (0x00)
[ 2071.873270] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 2071.878038] FAT-fs (loop2): invalid media value (0x00)
[ 2071.878393] FAT-fs (loop3): invalid media value (0x00)
[ 2071.878819] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 2071.879307] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 2071.887350] loop5: detected capacity change from 0 to 40
[ 2071.889554] loop0: detected capacity change from 0 to 40
[ 2071.890580] loop1: detected capacity change from 0 to 40
[ 2071.909581] FAT-fs (loop5): invalid media value (0x00)
[ 2071.910480] FAT-fs (loop5): Can't find a valid FAT filesystem
15:36:36 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2072.085132] loop6: detected capacity change from 0 to 40
15:36:36 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2072.288394] syz-executor.0: attempt to access beyond end of device
[ 2072.288394] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2072.289918] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2072.311225] loop6: detected capacity change from 0 to 40
15:36:36 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:36 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2072.509019] loop6: detected capacity change from 0 to 40
[ 2072.550999] loop0: detected capacity change from 0 to 40
15:36:37 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2072.775098] loop6: detected capacity change from 0 to 40
[ 2072.865471] syz-executor.0: attempt to access beyond end of device
[ 2072.865471] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2072.867287] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:36:49 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:49 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2085.455515] loop0: detected capacity change from 0 to 40
15:36:49 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:49 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:49 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:49 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:49 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:36:49 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2085.457198] loop6: detected capacity change from 0 to 40
[ 2085.460024] FAT-fs (loop0): bogus number of reserved sectors
[ 2085.460431] FAT-fs (loop0): Can't find a valid FAT filesystem
[ 2085.467960] loop1: detected capacity change from 0 to 40
[ 2085.469445] FAT-fs (loop1): invalid media value (0x00)
[ 2085.469850] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 2085.486543] loop3: detected capacity change from 0 to 40
[ 2085.488305] FAT-fs (loop3): invalid media value (0x00)
[ 2085.488772] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 2085.498017] loop4: detected capacity change from 0 to 40
[ 2085.505943] FAT-fs (loop4): invalid media value (0x00)
[ 2085.506925] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 2085.518711] loop7: detected capacity change from 0 to 40
[ 2085.519074] loop5: detected capacity change from 0 to 40
[ 2085.528415] FAT-fs (loop7): invalid media value (0x00)
[ 2085.528473] loop2: detected capacity change from 0 to 40
[ 2085.529278] FAT-fs (loop7): Can't find a valid FAT filesystem
15:36:50 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2085.544381] FAT-fs (loop2): invalid media value (0x00)
[ 2085.545145] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 2085.546030] FAT-fs (loop5): invalid media value (0x00)
[ 2085.546733] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 2085.627950] loop6: detected capacity change from 0 to 40
15:36:50 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2085.860820] loop6: detected capacity change from 0 to 40
15:36:50 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2086.286633] loop6: detected capacity change from 0 to 40
15:36:50 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2086.455940] loop7: detected capacity change from 0 to 40
[ 2086.460575] FAT-fs (loop7): invalid media value (0x00)
[ 2086.461365] FAT-fs (loop7): Can't find a valid FAT filesystem
15:36:51 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2086.649744] loop5: detected capacity change from 0 to 40
[ 2086.663587] FAT-fs (loop5): invalid media value (0x00)
[ 2086.664560] FAT-fs (loop5): Can't find a valid FAT filesystem
15:37:07 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:07 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000", 0x15}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:07 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:07 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:07 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r3}}, './file2\x00'})
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:37:07 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:07 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2102.791181] loop4: detected capacity change from 0 to 40
15:37:07 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2102.806692] FAT-fs (loop4): bogus number of reserved sectors
[ 2102.807500] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 2102.812241] loop0: detected capacity change from 0 to 40
[ 2102.812610] loop6: detected capacity change from 0 to 40
[ 2102.813266] loop3: detected capacity change from 0 to 40
[ 2102.816138] loop7: detected capacity change from 0 to 40
[ 2102.819071] FAT-fs (loop0): bogus number of reserved sectors
[ 2102.819485] FAT-fs (loop0): Can't find a valid FAT filesystem
15:37:07 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2102.843011] FAT-fs (loop7): bogus number of FAT sectors
[ 2102.844346] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 2102.848965] loop1: detected capacity change from 0 to 40
[ 2102.856568] loop5: detected capacity change from 0 to 40
[ 2102.858381] FAT-fs (loop5): invalid media value (0x00)
[ 2102.858773] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 2102.863723] loop2: detected capacity change from 0 to 40
[ 2102.880167] FAT-fs (loop1): bogus number of reserved sectors
[ 2102.880608] FAT-fs (loop2): bogus number of FAT sectors
[ 2102.880726] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 2102.881601] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 2102.887943] syz-executor.6: attempt to access beyond end of device
[ 2102.887943] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2102.888864] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:37:07 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

[ 2103.041012] FAT-fs (loop3): bogus number of reserved sectors
[ 2103.041704] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 2103.128422] loop6: detected capacity change from 0 to 40
15:37:07 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

[ 2103.414526] loop6: detected capacity change from 0 to 40
15:37:08 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

[ 2103.681178] loop6: detected capacity change from 0 to 40
15:37:08 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:08 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:08 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2103.809769] loop5: detected capacity change from 0 to 40
[ 2103.826126] FAT-fs (loop5): bogus number of FAT sectors
[ 2103.827002] FAT-fs (loop5): Can't find a valid FAT filesystem
15:37:08 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2103.880247] loop7: detected capacity change from 0 to 40
15:37:08 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

[ 2103.899674] FAT-fs (loop7): bogus number of FAT sectors
[ 2103.900208] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 2103.923997] loop2: detected capacity change from 0 to 40
[ 2103.942706] FAT-fs (loop2): bogus number of FAT sectors
[ 2103.943135] loop6: detected capacity change from 0 to 40
[ 2103.943222] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 2103.982290] loop4: detected capacity change from 0 to 40
[ 2103.995129] FAT-fs (loop4): bogus number of reserved sectors
[ 2103.995881] FAT-fs (loop4): Can't find a valid FAT filesystem
15:37:22 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:22 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2118.054075] loop0: detected capacity change from 0 to 40
15:37:22 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

15:37:22 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:22 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:22 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:22 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2118.065935] loop2: detected capacity change from 0 to 40
[ 2118.068080] loop4: detected capacity change from 0 to 40
[ 2118.070583] loop6: detected capacity change from 0 to 40
[ 2118.076251] loop1: detected capacity change from 0 to 40
[ 2118.077691] FAT-fs (loop0): bogus number of reserved sectors
[ 2118.078098] FAT-fs (loop0): Can't find a valid FAT filesystem
15:37:22 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2118.080033] FAT-fs (loop1): invalid media value (0x00)
[ 2118.080891] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 2118.081176] loop5: detected capacity change from 0 to 40
[ 2118.081341] FAT-fs (loop3): bogus number of reserved sectors
[ 2118.082334] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 2118.089312] FAT-fs (loop2): bogus number of FAT sectors
[ 2118.090135] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 2118.092176] FAT-fs (loop5): bogus number of FAT sectors
[ 2118.092974] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 2118.123992] loop7: detected capacity change from 0 to 40
[ 2118.145447] FAT-fs (loop7): bogus number of FAT sectors
[ 2118.146233] FAT-fs (loop7): Can't find a valid FAT filesystem
15:37:22 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

[ 2118.261014] loop6: detected capacity change from 0 to 40
15:37:22 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

[ 2118.698277] loop6: detected capacity change from 0 to 40
15:37:23 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

15:37:36 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:36 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f8", 0x16}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2131.648412] loop1: detected capacity change from 0 to 40
15:37:36 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:36 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:36 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2131.670142] loop7: detected capacity change from 0 to 40
15:37:36 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

15:37:36 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:36 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2131.679323] loop2: detected capacity change from 0 to 40
[ 2131.690443] loop0: detected capacity change from 0 to 40
[ 2131.692545] loop6: detected capacity change from 0 to 40
[ 2131.699140] syz-executor.2: attempt to access beyond end of device
[ 2131.699140] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2131.700051] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2131.701502] loop3: detected capacity change from 0 to 40
[ 2131.702876] FAT-fs (loop1): bogus number of reserved sectors
[ 2131.703598] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 2131.713780] FAT-fs (loop0): bogus number of reserved sectors
[ 2131.714557] FAT-fs (loop0): Can't find a valid FAT filesystem
[ 2131.722229] loop5: detected capacity change from 0 to 40
[ 2131.725185] FAT-fs (loop5): bogus number of FAT sectors
[ 2131.725555] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 2131.728313] loop4: detected capacity change from 0 to 40
[ 2131.730000] FAT-fs (loop4): bogus number of reserved sectors
[ 2131.730407] FAT-fs (loop4): Can't find a valid FAT filesystem
15:37:36 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2131.785396] loop2: detected capacity change from 0 to 40
[ 2131.795429] syz-executor.7: attempt to access beyond end of device
[ 2131.795429] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2131.796462] Buffer I/O error on dev loop7, logical block 10, lost async page write
15:37:36 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2131.860580] syz-executor.2: attempt to access beyond end of device
[ 2131.860580] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2131.862400] Buffer I/O error on dev loop2, logical block 10, lost async page write
15:37:36 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:36 executing program 6:
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2132.010390] loop2: detected capacity change from 0 to 40
[ 2132.053077] loop7: detected capacity change from 0 to 40
[ 2132.056370] syz-executor.2: attempt to access beyond end of device
[ 2132.056370] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2132.057685] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2132.183298] syz-executor.7: attempt to access beyond end of device
[ 2132.183298] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2132.185222] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2145.903453] loop5: detected capacity change from 0 to 40
[ 2145.909765] FAT-fs (loop0): bogus number of reserved sectors
[ 2145.910730] FAT-fs (loop0): Can't find a valid FAT filesystem
15:37:50 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r3}}, './file2\x00'})
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:37:50 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:50 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:50 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:50 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:50 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:50 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:50 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00", 0xc}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2145.915561] loop7: detected capacity change from 0 to 40
[ 2145.941052] loop1: detected capacity change from 0 to 40
[ 2145.949283] loop2: detected capacity change from 0 to 40
[ 2145.952980] loop4: detected capacity change from 0 to 40
[ 2145.955196] loop3: detected capacity change from 0 to 40
[ 2145.963771] FAT-fs (loop1): bogus number of reserved sectors
[ 2145.964711] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 2145.967816] FAT-fs (loop6): bogus number of reserved sectors
[ 2145.968726] FAT-fs (loop6): Can't find a valid FAT filesystem
[ 2145.968749] FAT-fs (loop3): bogus number of reserved sectors
[ 2145.970347] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 2145.971376] FAT-fs (loop4): bogus number of reserved sectors
[ 2145.972315] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 2145.995855] syz-executor.7: attempt to access beyond end of device
[ 2145.995855] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2145.997591] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2146.002087] syz-executor.5: attempt to access beyond end of device
[ 2146.002087] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2146.003574] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:37:50 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:50 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2146.253471] loop5: detected capacity change from 0 to 40
[ 2146.292186] loop7: detected capacity change from 0 to 40
[ 2146.371109] syz-executor.5: attempt to access beyond end of device
[ 2146.371109] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2146.372903] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:37:50 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2146.469848] loop5: detected capacity change from 0 to 40
[ 2146.507302] syz-executor.5: attempt to access beyond end of device
[ 2146.507302] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2146.508823] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:37:51 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2146.734787] loop5: detected capacity change from 0 to 40
15:37:51 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2146.969084] loop2: detected capacity change from 0 to 40
15:37:51 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:51 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

15:37:51 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:37:51 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2147.138169] loop1: detected capacity change from 0 to 40
[ 2147.143493] FAT-fs (loop1): bogus number of reserved sectors
[ 2147.144093] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 2147.160245] loop4: detected capacity change from 0 to 40
[ 2147.162339] loop0: detected capacity change from 0 to 40
15:37:51 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2147.216797] loop3: detected capacity change from 0 to 40
[ 2147.335623] FAT-fs (loop6): bogus number of reserved sectors
[ 2147.336142] FAT-fs (loop6): Can't find a valid FAT filesystem
[ 2147.460404] syz-executor.4: attempt to access beyond end of device
[ 2147.460404] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2147.461657] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2147.473390] syz-executor.3: attempt to access beyond end of device
[ 2147.473390] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2147.474275] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:38:05 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:05 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:05 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:05 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:05 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:05 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:05 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2160.974348] loop6: detected capacity change from 0 to 40
[ 2160.984899] loop7: detected capacity change from 0 to 40
[ 2160.997254] loop3: detected capacity change from 0 to 40
[ 2161.001230] loop4: detected capacity change from 0 to 40
[ 2161.002562] FAT-fs (loop3): bogus number of reserved sectors
[ 2161.003127] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 2161.007339] loop1: detected capacity change from 0 to 40
[ 2161.008871] FAT-fs (loop1): bogus number of reserved sectors
[ 2161.009290] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 2161.016248] loop0: detected capacity change from 0 to 40
[ 2161.022543] loop2: detected capacity change from 0 to 40
[ 2161.033303] loop5: detected capacity change from 0 to 40
[ 2161.038390] FAT-fs (loop0): bogus number of reserved sectors
[ 2161.038847] FAT-fs (loop0): Can't find a valid FAT filesystem
15:38:05 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2161.184060] syz-executor.6: attempt to access beyond end of device
[ 2161.184060] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2161.185295] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2161.258534] loop4: detected capacity change from 0 to 40
15:38:05 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2161.364346] loop6: detected capacity change from 0 to 40
[ 2161.388205] syz-executor.4: attempt to access beyond end of device
[ 2161.388205] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2161.389731] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2161.488816] syz-executor.6: attempt to access beyond end of device
[ 2161.488816] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2161.490127] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:38:06 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
close(0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:06 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2161.673586] loop4: detected capacity change from 0 to 40
[ 2161.696315] loop6: detected capacity change from 0 to 40
[ 2161.713519] FAT-fs (loop6): bogus number of reserved sectors
[ 2161.714355] FAT-fs (loop6): Can't find a valid FAT filesystem
15:38:06 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:06 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2161.948963] loop5: detected capacity change from 0 to 40
15:38:06 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2161.981933] loop2: detected capacity change from 0 to 40
15:38:06 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2161.988038] loop7: detected capacity change from 0 to 40
[ 2162.103156] loop1: detected capacity change from 0 to 40
[ 2162.118293] FAT-fs (loop1): bogus number of reserved sectors
[ 2162.119062] FAT-fs (loop1): Can't find a valid FAT filesystem
15:38:06 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:06 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2162.258504] loop0: detected capacity change from 0 to 40
[ 2162.266923] loop3: detected capacity change from 0 to 40
[ 2162.455164] syz-executor.0: attempt to access beyond end of device
[ 2162.455164] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2162.456995] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2162.466847] syz-executor.3: attempt to access beyond end of device
[ 2162.466847] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2162.468497] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:38:07 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:07 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r3}}, './file2\x00'})
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:38:07 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:07 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

[ 2162.881713] loop3: detected capacity change from 0 to 40
[ 2162.961586] loop4: detected capacity change from 0 to 40
[ 2162.994021] loop0: detected capacity change from 0 to 40
[ 2163.022093] syz-executor.3: attempt to access beyond end of device
[ 2163.022093] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2163.023766] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2163.029178] loop6: detected capacity change from 0 to 40
[ 2163.217832] syz-executor.4: attempt to access beyond end of device
[ 2163.217832] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2163.220023] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:38:23 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2178.875844] loop2: detected capacity change from 0 to 40
15:38:23 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:23 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:23 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:23 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:23 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:23 executing program 6:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:23 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2178.897414] loop1: detected capacity change from 0 to 40
[ 2178.897602] loop7: detected capacity change from 0 to 40
[ 2178.919236] FAT-fs (loop1): bogus number of reserved sectors
[ 2178.920107] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 2178.937196] loop4: detected capacity change from 0 to 40
[ 2178.938151] loop0: detected capacity change from 0 to 40
[ 2178.946346] loop5: detected capacity change from 0 to 40
[ 2179.208516] syz-executor.0: attempt to access beyond end of device
[ 2179.208516] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2179.210472] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2179.219396] syz-executor.4: attempt to access beyond end of device
[ 2179.219396] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2179.221462] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:38:23 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:24 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = openat$incfs(r1, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0}, './file2\x00'})
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2179.639404] loop4: detected capacity change from 0 to 40
[ 2179.670777] loop0: detected capacity change from 0 to 40
15:38:24 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:24 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2179.811405] syz-executor.4: attempt to access beyond end of device
[ 2179.811405] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2179.813522] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:38:24 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2179.878185] syz-executor.0: attempt to access beyond end of device
[ 2179.878185] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2179.879134] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:38:24 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2179.913622] loop7: detected capacity change from 0 to 40
[ 2179.915619] loop2: detected capacity change from 0 to 40
15:38:24 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
openat$incfs(r0, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2179.966295] loop5: detected capacity change from 0 to 40
[ 2179.981120] loop1: detected capacity change from 0 to 40
[ 2180.062013] syz-executor.1: attempt to access beyond end of device
[ 2180.062013] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2180.063201] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:38:38 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)

15:38:38 executing program 6:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @remote, @broadcast}}}], 0x20}, 0x0)

15:38:38 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = openat$incfs(r1, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
r4 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r4}}, './file2\x00'})
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:38:38 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:38 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
openat$incfs(r0, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:38 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:38 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:38 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @remote, @broadcast}}}], 0x20}, 0x0)

[ 2193.582421] loop4: detected capacity change from 0 to 40
[ 2193.620733] loop2: detected capacity change from 0 to 40
[ 2193.628588] loop1: detected capacity change from 0 to 40
[ 2193.653338] FAT-fs (loop0): bogus number of reserved sectors
[ 2193.653795] FAT-fs (loop0): Can't find a valid FAT filesystem
[ 2193.667264] syz-executor.4: attempt to access beyond end of device
[ 2193.667264] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2193.668302] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2193.675968] loop7: detected capacity change from 0 to 40
[ 2193.680544] loop5: detected capacity change from 0 to 40
[ 2193.709931] syz-executor.1: attempt to access beyond end of device
[ 2193.709931] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2193.711046] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:38:38 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:38 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @remote, @broadcast}}}], 0x20}, 0x0)

15:38:38 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
openat$incfs(r0, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:38 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2193.837195] loop1: detected capacity change from 0 to 40
15:38:38 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2193.885867] loop0: detected capacity change from 0 to 40
[ 2193.887090] loop2: detected capacity change from 0 to 40
[ 2193.930364] loop6: detected capacity change from 0 to 40
[ 2194.077553] syz-executor.1: attempt to access beyond end of device
[ 2194.077553] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2194.079328] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2194.252137] syz-executor.6: attempt to access beyond end of device
[ 2194.252137] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2194.254006] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2194.261155] syz-executor.0: attempt to access beyond end of device
[ 2194.261155] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2194.262979] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:38:51 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:51 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = openat$incfs(r1, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
r4 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r4}}, './file2\x00'})
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:38:51 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:51 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:51 executing program 1:
modify_ldt$write2(0x11, &(0x7f0000000040)={0x81, 0x1000, 0x400, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x10)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @remote, @broadcast}}}], 0x20}, 0x0)

15:38:51 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = openat$incfs(r1, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
r4 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r4}}, './file2\x00'})
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r4, 0x6628)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:38:51 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
openat$incfs(r0, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:51 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
openat$incfs(r0, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2207.297749] loop5: detected capacity change from 0 to 40
[ 2207.301443] loop6: detected capacity change from 0 to 40
[ 2207.302850] loop0: detected capacity change from 0 to 40
[ 2207.304239] loop7: detected capacity change from 0 to 40
[ 2207.309997] loop4: detected capacity change from 0 to 40
[ 2207.351999] loop3: detected capacity change from 0 to 40
[ 2207.357834] loop2: detected capacity change from 0 to 40
15:38:51 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:51 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2207.405602] syz-executor.0: attempt to access beyond end of device
[ 2207.405602] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2207.407224] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2207.414498] syz-executor.4: attempt to access beyond end of device
[ 2207.414498] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2207.415694] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2207.430250] syz-executor.6: attempt to access beyond end of device
[ 2207.430250] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2207.431300] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2207.432937] loop5: detected capacity change from 0 to 40
[ 2207.437620] loop7: detected capacity change from 0 to 40
15:38:52 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = openat$incfs(r1, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
r4 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r4}}, './file2\x00'})
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r4, 0x6628)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:38:52 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = openat$incfs(r1, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
r4 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r4}}, './file2\x00'})
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r4, 0x6628)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:38:52 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:52 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = openat$incfs(r1, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
r4 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r5=>r0, {r4}}, './file2\x00'})
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r4, 0x6628)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x1, 0xff, 0x54, 0x0, 0x0, 0x3f, 0x100, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000440), 0x1}, 0x84, 0x400, 0x2, 0x7, 0x4, 0x8, 0xff, 0x0, 0x2ab, 0x0, 0x88}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0x8)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
dup(r5)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:38:52 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:38:52 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2207.562901] loop4: detected capacity change from 0 to 40
[ 2207.566745] loop5: detected capacity change from 0 to 40
[ 2207.567296] loop2: detected capacity change from 0 to 40
[ 2207.570001] loop6: detected capacity change from 0 to 40
[ 2207.608112] syz-executor.3: attempt to access beyond end of device
[ 2207.608112] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2207.610161] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2207.613833] loop0: detected capacity change from 0 to 40
15:38:52 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2207.676002] syz-executor.6: attempt to access beyond end of device
[ 2207.676002] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2207.677171] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2207.682472] syz-executor.4: attempt to access beyond end of device
[ 2207.682472] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2207.683430] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2207.701252] loop5: detected capacity change from 0 to 40
[ 2207.701379] loop7: detected capacity change from 0 to 40
[ 2207.787314] syz-executor.0: attempt to access beyond end of device
[ 2207.787314] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2207.788359] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:39:05 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = openat$incfs(r1, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
r4 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r4}}, './file2\x00'})
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r4, 0x6628)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x1, 0xff, 0x54, 0x0, 0x0, 0x3f, 0x100, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000440), 0x1}, 0x84, 0x400, 0x2, 0x7, 0x4, 0x8, 0xff, 0x0, 0x2ab, 0x0, 0x88}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0x8)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:39:05 executing program 4:
modify_ldt$write2(0x11, &(0x7f0000000040)={0x81, 0x1000, 0x400, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x10)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
socket$inet6(0xa, 0x1, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendmmsg$inet6(r4, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="b0c49c9b17cfdd970d614a27ce631174f0a2981b3789b7b0df325b97b284718de410fdedb559ec1884b39c019587a2719e163fdbb3f31b0530f9e46cacfe65b05b90b72f9a3c80ff1d77c5f817fb46cae88b12e588237749cc4010c50d14cd0d14657e746d7f190001948495a5194fc84041756ec941d1e7cb50eea9fa8b17a881839bb0bfa14fca6dcb", 0x8a}, {&(0x7f0000000280)="6423a603c319bd03e69cd1f39d71cc00de2474182f0fd5d497ca9299842c87870f68307668a327", 0x27}, {&(0x7f0000000340)="38162c6761505f844711fd9149a4d5b6cb73c2b1d64260acb864e5c56f5be4037c2377053055c7a2583299ed9f7709c55c0e34e9b7b869860f499ab1b077b17883075f9cc79569d74c2f7c", 0x4b}], 0x3, &(0x7f0000000580)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xc92}}, @pktinfo={{0x24, 0x29, 0x32, {@private1, r3}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x2c}}}}, @flowinfo={{0x14, 0x29, 0xb, 0x7fffffff}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback, r3}}}], 0xa8}}, {{&(0x7f0000000640)={0xa, 0x4e24, 0x4, @mcast1, 0x7fffffff}, 0x1c, &(0x7f0000000980)=[{&(0x7f0000000680)="08e8e03286344a369d4fe5ce63d0b751cc15decd0a326222fa5d31f5766ba901dad14578f6b49a8309edef38", 0x2c}, {&(0x7f00000006c0)}, {&(0x7f00000007c0)="f6cd76fd7f33d1ac4584bba1d8fd9481641f33e4d9e7fc42cdfc4c46fb806918d78a27e1fcbe08a64f9cd23359ef7589cca8445a06480d878b0dff1a3162c68f3e052e9269abc6a2869c71baeabd8da46b661af48a01eb5a083958f8da01d20c8533246d5beefd3e8f0fc2f813ae783f38a6e0faffe7611642628a294c56f2986ab1bb43db587d93bef4a8030d5411a0f69b32b39737df71a0e7c1358d65a0c90f851b35d833bd8ba3b4f5be9a4d9167a14cb8bbbbf65caf873e009e84bee45e6999e4c9a2532b673c85bb369cc01523ff549f1b10f5a70109a06b04c24c54d74cf1a777d6e352d4d89d7e", 0xeb}, {&(0x7f0000000740)="e87f994f5aee426010b0b71e0dfa1f45037058", 0x13}, {&(0x7f00000008c0)="cad95ebce10a3db0dee52b1fe95c7ed18d36626ce9c583d9189df5ac7caaea1c70eccc8465444619870b45762ca5983b467b327525699cd4c7dd841aa31b71859c7cb7d7c85cf4ca6b200cc11a56aeb016045c8544d567df85c407b5098e0d1db7a3bfee40a50b4b964cced2eaaaa83c9c6bc3d2d559a15b7c4035ff4ea0d65763a20fdae28e9aa155b4b743f7eff9cc406da22169", 0x95}], 0x5, &(0x7f0000000a00)=[@flowinfo={{0x14, 0x29, 0xb, 0x4a}}, @tclass={{0x14, 0x29, 0x43, 0x7beff7ab}}, @hopopts={{0x40, 0x29, 0x36, {0xc, 0x4, '\x00', [@calipso={0x7, 0x20, {0x0, 0x6, 0x20, 0x5, [0x80000001, 0xffffffffffffffff, 0x5f]}}, @enc_lim={0x4, 0x1, 0x7f}]}}}, @dstopts={{0x30, 0x29, 0x37, {0x21, 0x2, '\x00', [@hao={0xc9, 0x10, @remote}, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0xffff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x10001}}, @flowinfo={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffff7}}], 0x100}}], 0x2, 0x40)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000400)={0x0, 0x29, '\x00', [@jumbo={0xc2, 0x4, 0x8}, @hao={0xc9, 0x10, @loopback}, @hao={0xc9, 0x10, @empty}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x40, 0xe5, "af6e9116031b84b216bba4cf883916947e2fdf08a6961cc147f4c5e4f5a0e2dba16fde052e2b0f482db3bc293d5dbe745c9ddafa3f13192ebf29ba775a7821d01066962e6660b149f41ad227ca3d91d44b261175dbce5384d97ad4db61ff32de174b5023120edfd6069b5546136c8aaf11275939ca6a91998c0fb8d120090bf1cd8fdd080ef88bb24fcb6f6deb297d2d45de40df0aaac2806f3118c7c332efa42071d216a98a33cf119b536e14ca9eb8a24a2c1cf129f7b2cfe6858f668912f101dec2bec5ac838cbf9ca3c95d2af12dd84211fda4abaecf8194cf9d686511b312aa0516b5"}, @jumbo={0xc2, 0x4, 0x3}, @padn={0x1, 0x1, [0x0]}, @generic={0x3, 0x24, "6b59eb573718538995a7948a1ae0dc84227fc694b549dea8c6491315d2f580a6e4ff73bb"}]}, 0x158)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @remote, @broadcast}}}], 0x20}, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000180)={@private1, 0x70, r3})

[ 2220.583229] loop0: detected capacity change from 0 to 40
15:39:05 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:05 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = openat$incfs(r1, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
r4 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r4}}, './file2\x00'})
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r4, 0x6628)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x1, 0xff, 0x54, 0x0, 0x0, 0x3f, 0x100, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000440), 0x1}, 0x84, 0x400, 0x2, 0x7, 0x4, 0x8, 0xff, 0x0, 0x2ab, 0x0, 0x88}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:39:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:05 executing program 3:
modify_ldt$write2(0x11, &(0x7f0000000040)={0x81, 0x1000, 0x400, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x10)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
socket$inet6(0xa, 0x1, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendmmsg$inet6(r4, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="b0c49c9b17cfdd970d614a27ce631174f0a2981b3789b7b0df325b97b284718de410fdedb559ec1884b39c019587a2719e163fdbb3f31b0530f9e46cacfe65b05b90b72f9a3c80ff1d77c5f817fb46cae88b12e588237749cc4010c50d14cd0d14657e746d7f190001948495a5194fc84041756ec941d1e7cb50eea9fa8b17a881839bb0bfa14fca6dcb", 0x8a}, {&(0x7f0000000280)="6423a603c319bd03e69cd1f39d71cc00de2474182f0fd5d497ca9299842c87870f68307668a327", 0x27}, {&(0x7f0000000340)="38162c6761505f844711fd9149a4d5b6cb73c2b1d64260acb864e5c56f5be4037c2377053055c7a2583299ed9f7709c55c0e34e9b7b869860f499ab1b077b17883075f9cc79569d74c2f7c", 0x4b}], 0x3, &(0x7f0000000580)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xc92}}, @pktinfo={{0x24, 0x29, 0x32, {@private1, r3}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x2c}}}}, @flowinfo={{0x14, 0x29, 0xb, 0x7fffffff}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback, r3}}}], 0xa8}}, {{&(0x7f0000000640)={0xa, 0x4e24, 0x4, @mcast1, 0x7fffffff}, 0x1c, &(0x7f0000000980)=[{&(0x7f0000000680)="08e8e03286344a369d4fe5ce63d0b751cc15decd0a326222fa5d31f5766ba901dad14578f6b49a8309edef38", 0x2c}, {&(0x7f00000006c0)}, {&(0x7f00000007c0)="f6cd76fd7f33d1ac4584bba1d8fd9481641f33e4d9e7fc42cdfc4c46fb806918d78a27e1fcbe08a64f9cd23359ef7589cca8445a06480d878b0dff1a3162c68f3e052e9269abc6a2869c71baeabd8da46b661af48a01eb5a083958f8da01d20c8533246d5beefd3e8f0fc2f813ae783f38a6e0faffe7611642628a294c56f2986ab1bb43db587d93bef4a8030d5411a0f69b32b39737df71a0e7c1358d65a0c90f851b35d833bd8ba3b4f5be9a4d9167a14cb8bbbbf65caf873e009e84bee45e6999e4c9a2532b673c85bb369cc01523ff549f1b10f5a70109a06b04c24c54d74cf1a777d6e352d4d89d7e", 0xeb}, {&(0x7f0000000740)="e87f994f5aee426010b0b71e0dfa1f45037058", 0x13}, {&(0x7f00000008c0)="cad95ebce10a3db0dee52b1fe95c7ed18d36626ce9c583d9189df5ac7caaea1c70eccc8465444619870b45762ca5983b467b327525699cd4c7dd841aa31b71859c7cb7d7c85cf4ca6b200cc11a56aeb016045c8544d567df85c407b5098e0d1db7a3bfee40a50b4b964cced2eaaaa83c9c6bc3d2d559a15b7c4035ff4ea0d65763a20fdae28e9aa155b4b743f7eff9cc406da22169", 0x95}], 0x5, &(0x7f0000000a00)=[@flowinfo={{0x14, 0x29, 0xb, 0x4a}}, @tclass={{0x14, 0x29, 0x43, 0x7beff7ab}}, @hopopts={{0x40, 0x29, 0x36, {0xc, 0x4, '\x00', [@calipso={0x7, 0x20, {0x0, 0x6, 0x20, 0x5, [0x80000001, 0xffffffffffffffff, 0x5f]}}, @enc_lim={0x4, 0x1, 0x7f}]}}}, @dstopts={{0x30, 0x29, 0x37, {0x21, 0x2, '\x00', [@hao={0xc9, 0x10, @remote}, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0xffff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x10001}}, @flowinfo={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffff7}}], 0x100}}], 0x2, 0x40)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @remote, @broadcast}}}], 0x20}, 0x0)

15:39:05 executing program 6:
clone3(&(0x7f0000004c00)={0xf8002180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

15:39:05 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2220.604996] loop5: detected capacity change from 0 to 40
[ 2220.611187] loop1: detected capacity change from 0 to 40
[ 2220.621513] loop2: detected capacity change from 0 to 40
[ 2220.631944] loop7: detected capacity change from 0 to 40
15:39:05 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:05 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2220.832699] loop2: detected capacity change from 0 to 40
[ 2220.835065] syz-executor.0: attempt to access beyond end of device
[ 2220.835065] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2220.836916] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2220.864269] loop5: detected capacity change from 0 to 40
[ 2220.865010] loop7: detected capacity change from 0 to 40
[ 2220.912340] syz-executor.1: attempt to access beyond end of device
[ 2220.912340] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2220.914207] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:39:05 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = openat$incfs(r1, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
r4 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r5=>r0, {r4}}, './file2\x00'})
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r4, 0x6628)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x1, 0xff, 0x54, 0x0, 0x0, 0x3f, 0x100, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000440), 0x1}, 0x84, 0x400, 0x2, 0x7, 0x4, 0x8, 0xff, 0x0, 0x2ab, 0x0, 0x88}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0x8)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
dup(r5)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x2, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xabe5}, 0x40094, 0x7}, 0x0, 0x4, 0xffffffffffffffff, 0x1)

[ 2221.049383] loop3: detected capacity change from 0 to 40
15:39:18 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:18 executing program 3:
modify_ldt$write2(0x11, &(0x7f0000000040)={0x81, 0x1000, 0x400, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x10)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r4=>0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendmmsg$inet6(r5, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="b0c49c9b17cfdd970d614a27ce631174f0a2981b3789b7b0df325b97b284718de410fdedb559ec1884b39c019587a2719e163fdbb3f31b0530f9e46cacfe65b05b90b72f9a3c80ff1d77c5f817fb46cae88b12e588237749cc4010c50d14cd0d14657e746d7f190001948495a5194fc84041756ec941d1e7cb50eea9fa8b17a881839bb0bfa14fca6dcb", 0x8a}, {&(0x7f0000000280)="6423a603c319bd03e69cd1f39d71cc00de2474182f0fd5d497ca9299842c87870f68307668a327", 0x27}, {&(0x7f0000000340)="38162c6761505f844711fd9149a4d5b6cb73c2b1d64260acb864e5c56f5be4037c2377053055c7a2583299ed9f7709c55c0e34e9b7b869860f499ab1b077b17883075f9cc79569d74c2f7c", 0x4b}], 0x3, &(0x7f0000000580)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xc92}}, @pktinfo={{0x24, 0x29, 0x32, {@private1, r4}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x2c}}}}, @flowinfo={{0x14, 0x29, 0xb, 0x7fffffff}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback, r4}}}], 0xa8}}, {{&(0x7f0000000640)={0xa, 0x4e24, 0x4, @mcast1, 0x7fffffff}, 0x1c, &(0x7f0000000980)=[{&(0x7f0000000680)="08e8e03286344a369d4fe5ce63d0b751cc15decd0a326222fa5d31f5766ba901dad14578f6b49a8309edef38", 0x2c}, {&(0x7f00000006c0)}, {&(0x7f00000007c0)="f6cd76fd7f33d1ac4584bba1d8fd9481641f33e4d9e7fc42cdfc4c46fb806918d78a27e1fcbe08a64f9cd23359ef7589cca8445a06480d878b0dff1a3162c68f3e052e9269abc6a2869c71baeabd8da46b661af48a01eb5a083958f8da01d20c8533246d5beefd3e8f0fc2f813ae783f38a6e0faffe7611642628a294c56f2986ab1bb43db587d93bef4a8030d5411a0f69b32b39737df71a0e7c1358d65a0c90f851b35d833bd8ba3b4f5be9a4d9167a14cb8bbbbf65caf873e009e84bee45e6999e4c9a2532b673c85bb369cc01523ff549f1b10f5a70109a06b04c24c54d74cf1a777d6e352d4d89d7e", 0xeb}, {&(0x7f0000000740)="e87f994f5aee426010b0b71e0dfa1f45037058", 0x13}, {&(0x7f00000008c0)="cad95ebce10a3db0dee52b1fe95c7ed18d36626ce9c583d9189df5ac7caaea1c70eccc8465444619870b45762ca5983b467b327525699cd4c7dd841aa31b71859c7cb7d7c85cf4ca6b200cc11a56aeb016045c8544d567df85c407b5098e0d1db7a3bfee40a50b4b964cced2eaaaa83c9c6bc3d2d559a15b7c4035ff4ea0d65763a20fdae28e9aa155b4b743f7eff9cc406da22169", 0x95}], 0x5, &(0x7f0000000a00)=[@flowinfo={{0x14, 0x29, 0xb, 0x4a}}, @tclass={{0x14, 0x29, 0x43, 0x7beff7ab}}, @hopopts={{0x40, 0x29, 0x36, {0xc, 0x4, '\x00', [@calipso={0x7, 0x20, {0x0, 0x6, 0x20, 0x5, [0x80000001, 0xffffffffffffffff, 0x5f]}}, @enc_lim={0x4, 0x1, 0x7f}]}}}, @dstopts={{0x30, 0x29, 0x37, {0x21, 0x2, '\x00', [@hao={0xc9, 0x10, @remote}, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0xffff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x10001}}, @flowinfo={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffff7}}], 0x100}}], 0x2, 0x40)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000400)={0x0, 0x29, '\x00', [@jumbo={0xc2, 0x4, 0x8}, @hao={0xc9, 0x10, @loopback}, @hao={0xc9, 0x10, @empty}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x40, 0xe5, "af6e9116031b84b216bba4cf883916947e2fdf08a6961cc147f4c5e4f5a0e2dba16fde052e2b0f482db3bc293d5dbe745c9ddafa3f13192ebf29ba775a7821d01066962e6660b149f41ad227ca3d91d44b261175dbce5384d97ad4db61ff32de174b5023120edfd6069b5546136c8aaf11275939ca6a91998c0fb8d120090bf1cd8fdd080ef88bb24fcb6f6deb297d2d45de40df0aaac2806f3118c7c332efa42071d216a98a33cf119b536e14ca9eb8a24a2c1cf129f7b2cfe6858f668912f101dec2bec5ac838cbf9ca3c95d2af12dd84211fda4abaecf8194cf9d686511b312aa0516b5"}, @jumbo={0xc2, 0x4, 0x3}, @padn={0x1, 0x1, [0x0]}, @generic={0x3, 0x24, "6b59eb573718538995a7948a1ae0dc84227fc694b549dea8c6491315d2f580a6e4ff73bb"}]}, 0x158)
sendmsg$inet(r2, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @remote, @broadcast}}}], 0x20}, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000180)={@private1, 0x70, r4})
setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)

15:39:18 executing program 1:
modify_ldt$write2(0x11, &(0x7f0000000040)={0x81, 0x1000, 0x400, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x10)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
socket$inet6(0xa, 0x1, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendmmsg$inet6(r4, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="b0c49c9b17cfdd970d614a27ce631174f0a2981b3789b7b0df325b97b284718de410fdedb559ec1884b39c019587a2719e163fdbb3f31b0530f9e46cacfe65b05b90b72f9a3c80ff1d77c5f817fb46cae88b12e588237749cc4010c50d14cd0d14657e746d7f190001948495a5194fc84041756ec941d1e7cb50eea9fa8b17a881839bb0bfa14fca6dcb", 0x8a}, {&(0x7f0000000280)="6423a603c319bd03e69cd1f39d71cc00de2474182f0fd5d497ca9299842c87870f68307668a327", 0x27}, {&(0x7f0000000340)="38162c6761505f844711fd9149a4d5b6cb73c2b1d64260acb864e5c56f5be4037c2377053055c7a2583299ed9f7709c55c0e34e9b7b869860f499ab1b077b17883075f9cc79569d74c2f7c", 0x4b}], 0x3, &(0x7f0000000580)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xc92}}, @pktinfo={{0x24, 0x29, 0x32, {@private1, r3}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x2c}}}}, @flowinfo={{0x14, 0x29, 0xb, 0x7fffffff}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback, r3}}}], 0xa8}}, {{&(0x7f0000000640)={0xa, 0x4e24, 0x4, @mcast1, 0x7fffffff}, 0x1c, &(0x7f0000000980)=[{&(0x7f0000000680)="08e8e03286344a369d4fe5ce63d0b751cc15decd0a326222fa5d31f5766ba901dad14578f6b49a8309edef38", 0x2c}, {&(0x7f00000006c0)}, {&(0x7f00000007c0)="f6cd76fd7f33d1ac4584bba1d8fd9481641f33e4d9e7fc42cdfc4c46fb806918d78a27e1fcbe08a64f9cd23359ef7589cca8445a06480d878b0dff1a3162c68f3e052e9269abc6a2869c71baeabd8da46b661af48a01eb5a083958f8da01d20c8533246d5beefd3e8f0fc2f813ae783f38a6e0faffe7611642628a294c56f2986ab1bb43db587d93bef4a8030d5411a0f69b32b39737df71a0e7c1358d65a0c90f851b35d833bd8ba3b4f5be9a4d9167a14cb8bbbbf65caf873e009e84bee45e6999e4c9a2532b673c85bb369cc01523ff549f1b10f5a70109a06b04c24c54d74cf1a777d6e352d4d89d7e", 0xeb}, {&(0x7f0000000740)="e87f994f5aee426010b0b71e0dfa1f45037058", 0x13}, {&(0x7f00000008c0)="cad95ebce10a3db0dee52b1fe95c7ed18d36626ce9c583d9189df5ac7caaea1c70eccc8465444619870b45762ca5983b467b327525699cd4c7dd841aa31b71859c7cb7d7c85cf4ca6b200cc11a56aeb016045c8544d567df85c407b5098e0d1db7a3bfee40a50b4b964cced2eaaaa83c9c6bc3d2d559a15b7c4035ff4ea0d65763a20fdae28e9aa155b4b743f7eff9cc406da22169", 0x95}], 0x5, &(0x7f0000000a00)=[@flowinfo={{0x14, 0x29, 0xb, 0x4a}}, @tclass={{0x14, 0x29, 0x43, 0x7beff7ab}}, @hopopts={{0x40, 0x29, 0x36, {0xc, 0x4, '\x00', [@calipso={0x7, 0x20, {0x0, 0x6, 0x20, 0x5, [0x80000001, 0xffffffffffffffff, 0x5f]}}, @enc_lim={0x4, 0x1, 0x7f}]}}}, @dstopts={{0x30, 0x29, 0x37, {0x21, 0x2, '\x00', [@hao={0xc9, 0x10, @remote}, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0xffff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x10001}}, @flowinfo={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffff7}}], 0x100}}], 0x2, 0x40)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000400)={0x0, 0x29, '\x00', [@jumbo={0xc2, 0x4, 0x8}, @hao={0xc9, 0x10, @loopback}, @hao={0xc9, 0x10, @empty}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x40, 0xe5, "af6e9116031b84b216bba4cf883916947e2fdf08a6961cc147f4c5e4f5a0e2dba16fde052e2b0f482db3bc293d5dbe745c9ddafa3f13192ebf29ba775a7821d01066962e6660b149f41ad227ca3d91d44b261175dbce5384d97ad4db61ff32de174b5023120edfd6069b5546136c8aaf11275939ca6a91998c0fb8d120090bf1cd8fdd080ef88bb24fcb6f6deb297d2d45de40df0aaac2806f3118c7c332efa42071d216a98a33cf119b536e14ca9eb8a24a2c1cf129f7b2cfe6858f668912f101dec2bec5ac838cbf9ca3c95d2af12dd84211fda4abaecf8194cf9d686511b312aa0516b5"}, @jumbo={0xc2, 0x4, 0x3}, @padn={0x1, 0x1, [0x0]}, @generic={0x3, 0x24, "6b59eb573718538995a7948a1ae0dc84227fc694b549dea8c6491315d2f580a6e4ff73bb"}]}, 0x158)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @remote, @broadcast}}}], 0x20}, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000180)={@private1, 0x70, r3})

15:39:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:18 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:18 executing program 0:
modify_ldt$write2(0x11, &(0x7f0000000040)={0x81, 0x1000, 0x400, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x10)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
socket$inet6(0xa, 0x1, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendmmsg$inet6(r4, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="b0c49c9b17cfdd970d614a27ce631174f0a2981b3789b7b0df325b97b284718de410fdedb559ec1884b39c019587a2719e163fdbb3f31b0530f9e46cacfe65b05b90b72f9a3c80ff1d77c5f817fb46cae88b12e588237749cc4010c50d14cd0d14657e746d7f190001948495a5194fc84041756ec941d1e7cb50eea9fa8b17a881839bb0bfa14fca6dcb", 0x8a}, {&(0x7f0000000280)="6423a603c319bd03e69cd1f39d71cc00de2474182f0fd5d497ca9299842c87870f68307668a327", 0x27}, {&(0x7f0000000340)="38162c6761505f844711fd9149a4d5b6cb73c2b1d64260acb864e5c56f5be4037c2377053055c7a2583299ed9f7709c55c0e34e9b7b869860f499ab1b077b17883075f9cc79569d74c2f7c", 0x4b}], 0x3, &(0x7f0000000580)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xc92}}, @pktinfo={{0x24, 0x29, 0x32, {@private1, r3}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x2c}}}}, @flowinfo={{0x14, 0x29, 0xb, 0x7fffffff}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback, r3}}}], 0xa8}}, {{&(0x7f0000000640)={0xa, 0x4e24, 0x4, @mcast1, 0x7fffffff}, 0x1c, &(0x7f0000000980)=[{&(0x7f0000000680)="08e8e03286344a369d4fe5ce63d0b751cc15decd0a326222fa5d31f5766ba901dad14578f6b49a8309edef38", 0x2c}, {&(0x7f00000006c0)}, {&(0x7f00000007c0)="f6cd76fd7f33d1ac4584bba1d8fd9481641f33e4d9e7fc42cdfc4c46fb806918d78a27e1fcbe08a64f9cd23359ef7589cca8445a06480d878b0dff1a3162c68f3e052e9269abc6a2869c71baeabd8da46b661af48a01eb5a083958f8da01d20c8533246d5beefd3e8f0fc2f813ae783f38a6e0faffe7611642628a294c56f2986ab1bb43db587d93bef4a8030d5411a0f69b32b39737df71a0e7c1358d65a0c90f851b35d833bd8ba3b4f5be9a4d9167a14cb8bbbbf65caf873e009e84bee45e6999e4c9a2532b673c85bb369cc01523ff549f1b10f5a70109a06b04c24c54d74cf1a777d6e352d4d89d7e", 0xeb}, {&(0x7f0000000740)="e87f994f5aee426010b0b71e0dfa1f45037058", 0x13}, {&(0x7f00000008c0)="cad95ebce10a3db0dee52b1fe95c7ed18d36626ce9c583d9189df5ac7caaea1c70eccc8465444619870b45762ca5983b467b327525699cd4c7dd841aa31b71859c7cb7d7c85cf4ca6b200cc11a56aeb016045c8544d567df85c407b5098e0d1db7a3bfee40a50b4b964cced2eaaaa83c9c6bc3d2d559a15b7c4035ff4ea0d65763a20fdae28e9aa155b4b743f7eff9cc406da22169", 0x95}], 0x5, &(0x7f0000000a00)=[@flowinfo={{0x14, 0x29, 0xb, 0x4a}}, @tclass={{0x14, 0x29, 0x43, 0x7beff7ab}}, @hopopts={{0x40, 0x29, 0x36, {0xc, 0x4, '\x00', [@calipso={0x7, 0x20, {0x0, 0x6, 0x20, 0x5, [0x80000001, 0xffffffffffffffff, 0x5f]}}, @enc_lim={0x4, 0x1, 0x7f}]}}}, @dstopts={{0x30, 0x29, 0x37, {0x21, 0x2, '\x00', [@hao={0xc9, 0x10, @remote}, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0xffff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x10001}}, @flowinfo={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffff7}}], 0x100}}], 0x2, 0x40)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000400)={0x0, 0x29, '\x00', [@jumbo={0xc2, 0x4, 0x8}, @hao={0xc9, 0x10, @loopback}, @hao={0xc9, 0x10, @empty}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x40, 0xe5, "af6e9116031b84b216bba4cf883916947e2fdf08a6961cc147f4c5e4f5a0e2dba16fde052e2b0f482db3bc293d5dbe745c9ddafa3f13192ebf29ba775a7821d01066962e6660b149f41ad227ca3d91d44b261175dbce5384d97ad4db61ff32de174b5023120edfd6069b5546136c8aaf11275939ca6a91998c0fb8d120090bf1cd8fdd080ef88bb24fcb6f6deb297d2d45de40df0aaac2806f3118c7c332efa42071d216a98a33cf119b536e14ca9eb8a24a2c1cf129f7b2cfe6858f668912f101dec2bec5ac838cbf9ca3c95d2af12dd84211fda4abaecf8194cf9d686511b312aa0516b5"}, @jumbo={0xc2, 0x4, 0x3}, @padn={0x1, 0x1, [0x0]}, @generic={0x3, 0x24, "6b59eb573718538995a7948a1ae0dc84227fc694b549dea8c6491315d2f580a6e4ff73bb"}]}, 0x158)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @remote, @broadcast}}}], 0x20}, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000180)={@private1, 0x70, r3})

15:39:18 executing program 4:
modify_ldt$write2(0x11, &(0x7f0000000040)={0x81, 0x1000, 0x400, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x10)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r4=>0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendmmsg$inet6(r5, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="b0c49c9b17cfdd970d614a27ce631174f0a2981b3789b7b0df325b97b284718de410fdedb559ec1884b39c019587a2719e163fdbb3f31b0530f9e46cacfe65b05b90b72f9a3c80ff1d77c5f817fb46cae88b12e588237749cc4010c50d14cd0d14657e746d7f190001948495a5194fc84041756ec941d1e7cb50eea9fa8b17a881839bb0bfa14fca6dcb", 0x8a}, {&(0x7f0000000280)="6423a603c319bd03e69cd1f39d71cc00de2474182f0fd5d497ca9299842c87870f68307668a327", 0x27}, {&(0x7f0000000340)="38162c6761505f844711fd9149a4d5b6cb73c2b1d64260acb864e5c56f5be4037c2377053055c7a2583299ed9f7709c55c0e34e9b7b869860f499ab1b077b17883075f9cc79569d74c2f7c", 0x4b}], 0x3, &(0x7f0000000580)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xc92}}, @pktinfo={{0x24, 0x29, 0x32, {@private1, r4}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x2c}}}}, @flowinfo={{0x14, 0x29, 0xb, 0x7fffffff}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback, r4}}}], 0xa8}}, {{&(0x7f0000000640)={0xa, 0x4e24, 0x4, @mcast1, 0x7fffffff}, 0x1c, &(0x7f0000000980)=[{&(0x7f0000000680)="08e8e03286344a369d4fe5ce63d0b751cc15decd0a326222fa5d31f5766ba901dad14578f6b49a8309edef38", 0x2c}, {&(0x7f00000006c0)}, {&(0x7f00000007c0)="f6cd76fd7f33d1ac4584bba1d8fd9481641f33e4d9e7fc42cdfc4c46fb806918d78a27e1fcbe08a64f9cd23359ef7589cca8445a06480d878b0dff1a3162c68f3e052e9269abc6a2869c71baeabd8da46b661af48a01eb5a083958f8da01d20c8533246d5beefd3e8f0fc2f813ae783f38a6e0faffe7611642628a294c56f2986ab1bb43db587d93bef4a8030d5411a0f69b32b39737df71a0e7c1358d65a0c90f851b35d833bd8ba3b4f5be9a4d9167a14cb8bbbbf65caf873e009e84bee45e6999e4c9a2532b673c85bb369cc01523ff549f1b10f5a70109a06b04c24c54d74cf1a777d6e352d4d89d7e", 0xeb}, {&(0x7f0000000740)="e87f994f5aee426010b0b71e0dfa1f45037058", 0x13}, {&(0x7f00000008c0)="cad95ebce10a3db0dee52b1fe95c7ed18d36626ce9c583d9189df5ac7caaea1c70eccc8465444619870b45762ca5983b467b327525699cd4c7dd841aa31b71859c7cb7d7c85cf4ca6b200cc11a56aeb016045c8544d567df85c407b5098e0d1db7a3bfee40a50b4b964cced2eaaaa83c9c6bc3d2d559a15b7c4035ff4ea0d65763a20fdae28e9aa155b4b743f7eff9cc406da22169", 0x95}], 0x5, &(0x7f0000000a00)=[@flowinfo={{0x14, 0x29, 0xb, 0x4a}}, @tclass={{0x14, 0x29, 0x43, 0x7beff7ab}}, @hopopts={{0x40, 0x29, 0x36, {0xc, 0x4, '\x00', [@calipso={0x7, 0x20, {0x0, 0x6, 0x20, 0x5, [0x80000001, 0xffffffffffffffff, 0x5f]}}, @enc_lim={0x4, 0x1, 0x7f}]}}}, @dstopts={{0x30, 0x29, 0x37, {0x21, 0x2, '\x00', [@hao={0xc9, 0x10, @remote}, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0xffff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x10001}}, @flowinfo={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffff7}}], 0x100}}], 0x2, 0x40)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000400)={0x0, 0x29, '\x00', [@jumbo={0xc2, 0x4, 0x8}, @hao={0xc9, 0x10, @loopback}, @hao={0xc9, 0x10, @empty}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x40, 0xe5, "af6e9116031b84b216bba4cf883916947e2fdf08a6961cc147f4c5e4f5a0e2dba16fde052e2b0f482db3bc293d5dbe745c9ddafa3f13192ebf29ba775a7821d01066962e6660b149f41ad227ca3d91d44b261175dbce5384d97ad4db61ff32de174b5023120edfd6069b5546136c8aaf11275939ca6a91998c0fb8d120090bf1cd8fdd080ef88bb24fcb6f6deb297d2d45de40df0aaac2806f3118c7c332efa42071d216a98a33cf119b536e14ca9eb8a24a2c1cf129f7b2cfe6858f668912f101dec2bec5ac838cbf9ca3c95d2af12dd84211fda4abaecf8194cf9d686511b312aa0516b5"}, @jumbo={0xc2, 0x4, 0x3}, @padn={0x1, 0x1, [0x0]}, @generic={0x3, 0x24, "6b59eb573718538995a7948a1ae0dc84227fc694b549dea8c6491315d2f580a6e4ff73bb"}]}, 0x158)
sendmsg$inet(r2, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @remote, @broadcast}}}], 0x20}, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000180)={@private1, 0x70, r4})
setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
fork()

15:39:18 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
close(0xffffffffffffffff)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = openat$incfs(r1, &(0x7f0000000300)='.log\x00', 0x80, 0x4)
r4 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x20000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r5=>r0, {r4}}, './file2\x00'})
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r4, 0x6628)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x1, 0xff, 0x54, 0x0, 0x0, 0x3f, 0x100, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000440), 0x1}, 0x84, 0x400, 0x2, 0x7, 0x4, 0x8, 0xff, 0x0, 0x2ab, 0x0, 0x88}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0x8)
mount$bind(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00', &(0x7f0000000240), 0x2004, 0x0)
dup(r5)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xc2, 0x2, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xabe5}, 0x40094, 0x7}, 0x0, 0x4, 0xffffffffffffffff, 0x1)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2233.628351] loop6: detected capacity change from 0 to 40
[ 2233.637226] loop7: detected capacity change from 0 to 40
[ 2233.663989] loop5: detected capacity change from 0 to 40
[ 2233.673384] syz-executor.6: attempt to access beyond end of device
[ 2233.673384] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2233.674235] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2233.688554] loop2: detected capacity change from 0 to 40
15:39:18 executing program 1:
modify_ldt$write2(0x11, &(0x7f0000000040)={0x81, 0x1000, 0x400, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x10)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r4=>0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendmmsg$inet6(r5, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="b0c49c9b17cfdd970d614a27ce631174f0a2981b3789b7b0df325b97b284718de410fdedb559ec1884b39c019587a2719e163fdbb3f31b0530f9e46cacfe65b05b90b72f9a3c80ff1d77c5f817fb46cae88b12e588237749cc4010c50d14cd0d14657e746d7f190001948495a5194fc84041756ec941d1e7cb50eea9fa8b17a881839bb0bfa14fca6dcb", 0x8a}, {&(0x7f0000000280)="6423a603c319bd03e69cd1f39d71cc00de2474182f0fd5d497ca9299842c87870f68307668a327", 0x27}, {&(0x7f0000000340)="38162c6761505f844711fd9149a4d5b6cb73c2b1d64260acb864e5c56f5be4037c2377053055c7a2583299ed9f7709c55c0e34e9b7b869860f499ab1b077b17883075f9cc79569d74c2f7c", 0x4b}], 0x3, &(0x7f0000000580)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xc92}}, @pktinfo={{0x24, 0x29, 0x32, {@private1, r4}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x2c}}}}, @flowinfo={{0x14, 0x29, 0xb, 0x7fffffff}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback, r4}}}], 0xa8}}, {{&(0x7f0000000640)={0xa, 0x4e24, 0x4, @mcast1, 0x7fffffff}, 0x1c, &(0x7f0000000980)=[{&(0x7f0000000680)="08e8e03286344a369d4fe5ce63d0b751cc15decd0a326222fa5d31f5766ba901dad14578f6b49a8309edef38", 0x2c}, {&(0x7f00000006c0)}, {&(0x7f00000007c0)="f6cd76fd7f33d1ac4584bba1d8fd9481641f33e4d9e7fc42cdfc4c46fb806918d78a27e1fcbe08a64f9cd23359ef7589cca8445a06480d878b0dff1a3162c68f3e052e9269abc6a2869c71baeabd8da46b661af48a01eb5a083958f8da01d20c8533246d5beefd3e8f0fc2f813ae783f38a6e0faffe7611642628a294c56f2986ab1bb43db587d93bef4a8030d5411a0f69b32b39737df71a0e7c1358d65a0c90f851b35d833bd8ba3b4f5be9a4d9167a14cb8bbbbf65caf873e009e84bee45e6999e4c9a2532b673c85bb369cc01523ff549f1b10f5a70109a06b04c24c54d74cf1a777d6e352d4d89d7e", 0xeb}, {&(0x7f0000000740)="e87f994f5aee426010b0b71e0dfa1f45037058", 0x13}, {&(0x7f00000008c0)="cad95ebce10a3db0dee52b1fe95c7ed18d36626ce9c583d9189df5ac7caaea1c70eccc8465444619870b45762ca5983b467b327525699cd4c7dd841aa31b71859c7cb7d7c85cf4ca6b200cc11a56aeb016045c8544d567df85c407b5098e0d1db7a3bfee40a50b4b964cced2eaaaa83c9c6bc3d2d559a15b7c4035ff4ea0d65763a20fdae28e9aa155b4b743f7eff9cc406da22169", 0x95}], 0x5, &(0x7f0000000a00)=[@flowinfo={{0x14, 0x29, 0xb, 0x4a}}, @tclass={{0x14, 0x29, 0x43, 0x7beff7ab}}, @hopopts={{0x40, 0x29, 0x36, {0xc, 0x4, '\x00', [@calipso={0x7, 0x20, {0x0, 0x6, 0x20, 0x5, [0x80000001, 0xffffffffffffffff, 0x5f]}}, @enc_lim={0x4, 0x1, 0x7f}]}}}, @dstopts={{0x30, 0x29, 0x37, {0x21, 0x2, '\x00', [@hao={0xc9, 0x10, @remote}, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0xffff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x10001}}, @flowinfo={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffff7}}], 0x100}}], 0x2, 0x40)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000400)={0x0, 0x29, '\x00', [@jumbo={0xc2, 0x4, 0x8}, @hao={0xc9, 0x10, @loopback}, @hao={0xc9, 0x10, @empty}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x40, 0xe5, "af6e9116031b84b216bba4cf883916947e2fdf08a6961cc147f4c5e4f5a0e2dba16fde052e2b0f482db3bc293d5dbe745c9ddafa3f13192ebf29ba775a7821d01066962e6660b149f41ad227ca3d91d44b261175dbce5384d97ad4db61ff32de174b5023120edfd6069b5546136c8aaf11275939ca6a91998c0fb8d120090bf1cd8fdd080ef88bb24fcb6f6deb297d2d45de40df0aaac2806f3118c7c332efa42071d216a98a33cf119b536e14ca9eb8a24a2c1cf129f7b2cfe6858f668912f101dec2bec5ac838cbf9ca3c95d2af12dd84211fda4abaecf8194cf9d686511b312aa0516b5"}, @jumbo={0xc2, 0x4, 0x3}, @padn={0x1, 0x1, [0x0]}, @generic={0x3, 0x24, "6b59eb573718538995a7948a1ae0dc84227fc694b549dea8c6491315d2f580a6e4ff73bb"}]}, 0x158)
sendmsg$inet(r2, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @remote, @broadcast}}}], 0x20}, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000180)={@private1, 0x70, r4})
setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
fork()

15:39:18 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:18 executing program 6:
modify_ldt$write2(0x11, &(0x7f0000000040)={0x81, 0x1000, 0x400, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x10)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r4=>0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendmmsg$inet6(r5, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="b0c49c9b17cfdd970d614a27ce631174f0a2981b3789b7b0df325b97b284718de410fdedb559ec1884b39c019587a2719e163fdbb3f31b0530f9e46cacfe65b05b90b72f9a3c80ff1d77c5f817fb46cae88b12e588237749cc4010c50d14cd0d14657e746d7f190001948495a5194fc84041756ec941d1e7cb50eea9fa8b17a881839bb0bfa14fca6dcb", 0x8a}, {&(0x7f0000000280)="6423a603c319bd03e69cd1f39d71cc00de2474182f0fd5d497ca9299842c87870f68307668a327", 0x27}, {&(0x7f0000000340)="38162c6761505f844711fd9149a4d5b6cb73c2b1d64260acb864e5c56f5be4037c2377053055c7a2583299ed9f7709c55c0e34e9b7b869860f499ab1b077b17883075f9cc79569d74c2f7c", 0x4b}], 0x3, &(0x7f0000000580)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xc92}}, @pktinfo={{0x24, 0x29, 0x32, {@private1, r4}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x2c}}}}, @flowinfo={{0x14, 0x29, 0xb, 0x7fffffff}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback, r4}}}], 0xa8}}, {{&(0x7f0000000640)={0xa, 0x4e24, 0x4, @mcast1, 0x7fffffff}, 0x1c, &(0x7f0000000980)=[{&(0x7f0000000680)="08e8e03286344a369d4fe5ce63d0b751cc15decd0a326222fa5d31f5766ba901dad14578f6b49a8309edef38", 0x2c}, {&(0x7f00000006c0)}, {&(0x7f00000007c0)="f6cd76fd7f33d1ac4584bba1d8fd9481641f33e4d9e7fc42cdfc4c46fb806918d78a27e1fcbe08a64f9cd23359ef7589cca8445a06480d878b0dff1a3162c68f3e052e9269abc6a2869c71baeabd8da46b661af48a01eb5a083958f8da01d20c8533246d5beefd3e8f0fc2f813ae783f38a6e0faffe7611642628a294c56f2986ab1bb43db587d93bef4a8030d5411a0f69b32b39737df71a0e7c1358d65a0c90f851b35d833bd8ba3b4f5be9a4d9167a14cb8bbbbf65caf873e009e84bee45e6999e4c9a2532b673c85bb369cc01523ff549f1b10f5a70109a06b04c24c54d74cf1a777d6e352d4d89d7e", 0xeb}, {&(0x7f0000000740)="e87f994f5aee426010b0b71e0dfa1f45037058", 0x13}, {&(0x7f00000008c0)="cad95ebce10a3db0dee52b1fe95c7ed18d36626ce9c583d9189df5ac7caaea1c70eccc8465444619870b45762ca5983b467b327525699cd4c7dd841aa31b71859c7cb7d7c85cf4ca6b200cc11a56aeb016045c8544d567df85c407b5098e0d1db7a3bfee40a50b4b964cced2eaaaa83c9c6bc3d2d559a15b7c4035ff4ea0d65763a20fdae28e9aa155b4b743f7eff9cc406da22169", 0x95}], 0x5, &(0x7f0000000a00)=[@flowinfo={{0x14, 0x29, 0xb, 0x4a}}, @tclass={{0x14, 0x29, 0x43, 0x7beff7ab}}, @hopopts={{0x40, 0x29, 0x36, {0xc, 0x4, '\x00', [@calipso={0x7, 0x20, {0x0, 0x6, 0x20, 0x5, [0x80000001, 0xffffffffffffffff, 0x5f]}}, @enc_lim={0x4, 0x1, 0x7f}]}}}, @dstopts={{0x30, 0x29, 0x37, {0x21, 0x2, '\x00', [@hao={0xc9, 0x10, @remote}, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0xffff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x10001}}, @flowinfo={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffff7}}], 0x100}}], 0x2, 0x40)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000400)={0x0, 0x29, '\x00', [@jumbo={0xc2, 0x4, 0x8}, @hao={0xc9, 0x10, @loopback}, @hao={0xc9, 0x10, @empty}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x40, 0xe5, "af6e9116031b84b216bba4cf883916947e2fdf08a6961cc147f4c5e4f5a0e2dba16fde052e2b0f482db3bc293d5dbe745c9ddafa3f13192ebf29ba775a7821d01066962e6660b149f41ad227ca3d91d44b261175dbce5384d97ad4db61ff32de174b5023120edfd6069b5546136c8aaf11275939ca6a91998c0fb8d120090bf1cd8fdd080ef88bb24fcb6f6deb297d2d45de40df0aaac2806f3118c7c332efa42071d216a98a33cf119b536e14ca9eb8a24a2c1cf129f7b2cfe6858f668912f101dec2bec5ac838cbf9ca3c95d2af12dd84211fda4abaecf8194cf9d686511b312aa0516b5"}, @jumbo={0xc2, 0x4, 0x3}, @padn={0x1, 0x1, [0x0]}, @generic={0x3, 0x24, "6b59eb573718538995a7948a1ae0dc84227fc694b549dea8c6491315d2f580a6e4ff73bb"}]}, 0x158)
sendmsg$inet(r2, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @remote, @broadcast}}}], 0x20}, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000180)={@private1, 0x70, r4})
setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r6 = fork()
ptrace$setopts(0x4200, r6, 0x0, 0x0)

15:39:18 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2233.842581] loop5: detected capacity change from 0 to 40
[ 2233.868505] loop7: detected capacity change from 0 to 40
15:39:18 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:18 executing program 0:
modify_ldt$write2(0x11, &(0x7f0000000040)={0x81, 0x1000, 0x400, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x10)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r4=>0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendmmsg$inet6(r5, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="b0c49c9b17cfdd970d614a27ce631174f0a2981b3789b7b0df325b97b284718de410fdedb559ec1884b39c019587a2719e163fdbb3f31b0530f9e46cacfe65b05b90b72f9a3c80ff1d77c5f817fb46cae88b12e588237749cc4010c50d14cd0d14657e746d7f190001948495a5194fc84041756ec941d1e7cb50eea9fa8b17a881839bb0bfa14fca6dcb", 0x8a}, {&(0x7f0000000280)="6423a603c319bd03e69cd1f39d71cc00de2474182f0fd5d497ca9299842c87870f68307668a327", 0x27}, {&(0x7f0000000340)="38162c6761505f844711fd9149a4d5b6cb73c2b1d64260acb864e5c56f5be4037c2377053055c7a2583299ed9f7709c55c0e34e9b7b869860f499ab1b077b17883075f9cc79569d74c2f7c", 0x4b}], 0x3, &(0x7f0000000580)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xc92}}, @pktinfo={{0x24, 0x29, 0x32, {@private1, r4}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x2c}}}}, @flowinfo={{0x14, 0x29, 0xb, 0x7fffffff}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback, r4}}}], 0xa8}}, {{&(0x7f0000000640)={0xa, 0x4e24, 0x4, @mcast1, 0x7fffffff}, 0x1c, &(0x7f0000000980)=[{&(0x7f0000000680)="08e8e03286344a369d4fe5ce63d0b751cc15decd0a326222fa5d31f5766ba901dad14578f6b49a8309edef38", 0x2c}, {&(0x7f00000006c0)}, {&(0x7f00000007c0)="f6cd76fd7f33d1ac4584bba1d8fd9481641f33e4d9e7fc42cdfc4c46fb806918d78a27e1fcbe08a64f9cd23359ef7589cca8445a06480d878b0dff1a3162c68f3e052e9269abc6a2869c71baeabd8da46b661af48a01eb5a083958f8da01d20c8533246d5beefd3e8f0fc2f813ae783f38a6e0faffe7611642628a294c56f2986ab1bb43db587d93bef4a8030d5411a0f69b32b39737df71a0e7c1358d65a0c90f851b35d833bd8ba3b4f5be9a4d9167a14cb8bbbbf65caf873e009e84bee45e6999e4c9a2532b673c85bb369cc01523ff549f1b10f5a70109a06b04c24c54d74cf1a777d6e352d4d89d7e", 0xeb}, {&(0x7f0000000740)="e87f994f5aee426010b0b71e0dfa1f45037058", 0x13}, {&(0x7f00000008c0)="cad95ebce10a3db0dee52b1fe95c7ed18d36626ce9c583d9189df5ac7caaea1c70eccc8465444619870b45762ca5983b467b327525699cd4c7dd841aa31b71859c7cb7d7c85cf4ca6b200cc11a56aeb016045c8544d567df85c407b5098e0d1db7a3bfee40a50b4b964cced2eaaaa83c9c6bc3d2d559a15b7c4035ff4ea0d65763a20fdae28e9aa155b4b743f7eff9cc406da22169", 0x95}], 0x5, &(0x7f0000000a00)=[@flowinfo={{0x14, 0x29, 0xb, 0x4a}}, @tclass={{0x14, 0x29, 0x43, 0x7beff7ab}}, @hopopts={{0x40, 0x29, 0x36, {0xc, 0x4, '\x00', [@calipso={0x7, 0x20, {0x0, 0x6, 0x20, 0x5, [0x80000001, 0xffffffffffffffff, 0x5f]}}, @enc_lim={0x4, 0x1, 0x7f}]}}}, @dstopts={{0x30, 0x29, 0x37, {0x21, 0x2, '\x00', [@hao={0xc9, 0x10, @remote}, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0xffff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x10001}}, @flowinfo={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffff7}}], 0x100}}], 0x2, 0x40)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000400)={0x0, 0x29, '\x00', [@jumbo={0xc2, 0x4, 0x8}, @hao={0xc9, 0x10, @loopback}, @hao={0xc9, 0x10, @empty}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x40, 0xe5, "af6e9116031b84b216bba4cf883916947e2fdf08a6961cc147f4c5e4f5a0e2dba16fde052e2b0f482db3bc293d5dbe745c9ddafa3f13192ebf29ba775a7821d01066962e6660b149f41ad227ca3d91d44b261175dbce5384d97ad4db61ff32de174b5023120edfd6069b5546136c8aaf11275939ca6a91998c0fb8d120090bf1cd8fdd080ef88bb24fcb6f6deb297d2d45de40df0aaac2806f3118c7c332efa42071d216a98a33cf119b536e14ca9eb8a24a2c1cf129f7b2cfe6858f668912f101dec2bec5ac838cbf9ca3c95d2af12dd84211fda4abaecf8194cf9d686511b312aa0516b5"}, @jumbo={0xc2, 0x4, 0x3}, @padn={0x1, 0x1, [0x0]}, @generic={0x3, 0x24, "6b59eb573718538995a7948a1ae0dc84227fc694b549dea8c6491315d2f580a6e4ff73bb"}]}, 0x158)
sendmsg$inet(r2, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @remote, @broadcast}}}], 0x20}, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000180)={@private1, 0x70, r4})
setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r6 = fork()
ptrace$setopts(0x4200, r6, 0x0, 0x0)
ptrace(0x10, r6)

15:39:18 executing program 1:
modify_ldt$write2(0x11, &(0x7f0000000040)={0x81, 0x1000, 0x400, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x10)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r4=>0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendmmsg$inet6(r5, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="b0c49c9b17cfdd970d614a27ce631174f0a2981b3789b7b0df325b97b284718de410fdedb559ec1884b39c019587a2719e163fdbb3f31b0530f9e46cacfe65b05b90b72f9a3c80ff1d77c5f817fb46cae88b12e588237749cc4010c50d14cd0d14657e746d7f190001948495a5194fc84041756ec941d1e7cb50eea9fa8b17a881839bb0bfa14fca6dcb", 0x8a}, {&(0x7f0000000280)="6423a603c319bd03e69cd1f39d71cc00de2474182f0fd5d497ca9299842c87870f68307668a327", 0x27}, {&(0x7f0000000340)="38162c6761505f844711fd9149a4d5b6cb73c2b1d64260acb864e5c56f5be4037c2377053055c7a2583299ed9f7709c55c0e34e9b7b869860f499ab1b077b17883075f9cc79569d74c2f7c", 0x4b}], 0x3, &(0x7f0000000580)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xc92}}, @pktinfo={{0x24, 0x29, 0x32, {@private1, r4}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x2c}}}}, @flowinfo={{0x14, 0x29, 0xb, 0x7fffffff}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback, r4}}}], 0xa8}}, {{&(0x7f0000000640)={0xa, 0x4e24, 0x4, @mcast1, 0x7fffffff}, 0x1c, &(0x7f0000000980)=[{&(0x7f0000000680)="08e8e03286344a369d4fe5ce63d0b751cc15decd0a326222fa5d31f5766ba901dad14578f6b49a8309edef38", 0x2c}, {&(0x7f00000006c0)}, {&(0x7f00000007c0)="f6cd76fd7f33d1ac4584bba1d8fd9481641f33e4d9e7fc42cdfc4c46fb806918d78a27e1fcbe08a64f9cd23359ef7589cca8445a06480d878b0dff1a3162c68f3e052e9269abc6a2869c71baeabd8da46b661af48a01eb5a083958f8da01d20c8533246d5beefd3e8f0fc2f813ae783f38a6e0faffe7611642628a294c56f2986ab1bb43db587d93bef4a8030d5411a0f69b32b39737df71a0e7c1358d65a0c90f851b35d833bd8ba3b4f5be9a4d9167a14cb8bbbbf65caf873e009e84bee45e6999e4c9a2532b673c85bb369cc01523ff549f1b10f5a70109a06b04c24c54d74cf1a777d6e352d4d89d7e", 0xeb}, {&(0x7f0000000740)="e87f994f5aee426010b0b71e0dfa1f45037058", 0x13}, {&(0x7f00000008c0)="cad95ebce10a3db0dee52b1fe95c7ed18d36626ce9c583d9189df5ac7caaea1c70eccc8465444619870b45762ca5983b467b327525699cd4c7dd841aa31b71859c7cb7d7c85cf4ca6b200cc11a56aeb016045c8544d567df85c407b5098e0d1db7a3bfee40a50b4b964cced2eaaaa83c9c6bc3d2d559a15b7c4035ff4ea0d65763a20fdae28e9aa155b4b743f7eff9cc406da22169", 0x95}], 0x5, &(0x7f0000000a00)=[@flowinfo={{0x14, 0x29, 0xb, 0x4a}}, @tclass={{0x14, 0x29, 0x43, 0x7beff7ab}}, @hopopts={{0x40, 0x29, 0x36, {0xc, 0x4, '\x00', [@calipso={0x7, 0x20, {0x0, 0x6, 0x20, 0x5, [0x80000001, 0xffffffffffffffff, 0x5f]}}, @enc_lim={0x4, 0x1, 0x7f}]}}}, @dstopts={{0x30, 0x29, 0x37, {0x21, 0x2, '\x00', [@hao={0xc9, 0x10, @remote}, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0xffff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x10001}}, @flowinfo={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffff7}}], 0x100}}], 0x2, 0x40)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000400)={0x0, 0x29, '\x00', [@jumbo={0xc2, 0x4, 0x8}, @hao={0xc9, 0x10, @loopback}, @hao={0xc9, 0x10, @empty}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x40, 0xe5, "af6e9116031b84b216bba4cf883916947e2fdf08a6961cc147f4c5e4f5a0e2dba16fde052e2b0f482db3bc293d5dbe745c9ddafa3f13192ebf29ba775a7821d01066962e6660b149f41ad227ca3d91d44b261175dbce5384d97ad4db61ff32de174b5023120edfd6069b5546136c8aaf11275939ca6a91998c0fb8d120090bf1cd8fdd080ef88bb24fcb6f6deb297d2d45de40df0aaac2806f3118c7c332efa42071d216a98a33cf119b536e14ca9eb8a24a2c1cf129f7b2cfe6858f668912f101dec2bec5ac838cbf9ca3c95d2af12dd84211fda4abaecf8194cf9d686511b312aa0516b5"}, @jumbo={0xc2, 0x4, 0x3}, @padn={0x1, 0x1, [0x0]}, @generic={0x3, 0x24, "6b59eb573718538995a7948a1ae0dc84227fc694b549dea8c6491315d2f580a6e4ff73bb"}]}, 0x158)
sendmsg$inet(r2, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @remote, @broadcast}}}], 0x20}, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000180)={@private1, 0x70, r4})
setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
r6 = fork()
ptrace$setopts(0x4200, r6, 0x0, 0x0)
ptrace(0x10, r6)

[ 2233.940735] loop2: detected capacity change from 0 to 40
15:39:18 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
mknod$loop(0x0, 0x6000, 0x0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1})

15:39:18 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 1)

15:39:18 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:18 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 1)

15:39:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2234.021553] loop5: detected capacity change from 0 to 40
15:39:18 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 1)

[ 2234.043073] loop6: detected capacity change from 0 to 40
[ 2234.069349] FAULT_INJECTION: forcing a failure.
[ 2234.069349] name failslab, interval 1, probability 0, space 0, times 1
[ 2234.070232] CPU: 1 PID: 9964 Comm: syz-executor.6 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2234.070764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2234.071294] Call Trace:
[ 2234.071472]  <TASK>
[ 2234.071630]  dump_stack_lvl+0xc1/0xf0
[ 2234.071912]  should_fail_ex+0x4b4/0x5b0
[ 2234.072194]  should_failslab+0x9/0x20
[ 2234.072462]  __kmem_cache_alloc_node+0x5b/0x310
[ 2234.072783]  ? alloc_pipe_info+0x10e/0x590
[ 2234.073079]  kmalloc_trace+0x26/0xc0
[ 2234.073342]  alloc_pipe_info+0x10e/0x590
[ 2234.073624]  splice_direct_to_actor+0x6e6/0x8c0
[ 2234.073960]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2234.074295]  ? inode_security+0x105/0x140
[ 2234.074607]  ? selinux_file_permission+0x96/0x510
[ 2234.074947]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2234.075301]  ? security_file_permission+0xb5/0xe0
[ 2234.075632]  do_splice_direct+0x1bc/0x290
[ 2234.075920]  ? __pfx_do_splice_direct+0x10/0x10
[ 2234.076248]  ? lock_is_held_type+0x9f/0x120
[ 2234.076550]  do_sendfile+0xb1d/0x12b0
[ 2234.076819]  ? __pfx_do_sendfile+0x10/0x10
[ 2234.077116]  __x64_sys_sendfile64+0x1d5/0x210
[ 2234.077431]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2234.077827]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2234.078210]  do_syscall_64+0x3f/0x90
[ 2234.078486]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2234.078863] RIP: 0033:0x7f746e5b1b19
[ 2234.079135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2234.080403] RSP: 002b:00007f746bb27188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2234.080944] RAX: ffffffffffffffda RBX: 00007f746e6c4f60 RCX: 00007f746e5b1b19
[ 2234.081457] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2234.081975] RBP: 00007f746bb271d0 R08: 0000000000000000 R09: 0000000000000000
[ 2234.082484] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2234.082986] R13: 00007ffcd6c9647f R14: 00007f746bb27300 R15: 0000000000022000
[ 2234.083519]  </TASK>
[ 2234.086513] loop2: detected capacity change from 0 to 40
[ 2234.097001] loop7: detected capacity change from 0 to 40
15:39:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2234.124687] loop4: detected capacity change from 0 to 40
[ 2234.127527] loop3: detected capacity change from 0 to 40
[ 2234.152079] FAULT_INJECTION: forcing a failure.
[ 2234.152079] name failslab, interval 1, probability 0, space 0, times 0
[ 2234.152873] CPU: 1 PID: 9972 Comm: syz-executor.4 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2234.153398] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2234.153971] Call Trace:
[ 2234.154167]  <TASK>
[ 2234.154334]  dump_stack_lvl+0xc1/0xf0
[ 2234.154627]  should_fail_ex+0x4b4/0x5b0
[ 2234.154923]  should_failslab+0x9/0x20
[ 2234.155191]  __kmem_cache_alloc_node+0x5b/0x310
[ 2234.155507]  ? alloc_pipe_info+0x10e/0x590
[ 2234.155805]  kmalloc_trace+0x26/0xc0
[ 2234.156065]  alloc_pipe_info+0x10e/0x590
[ 2234.156349]  splice_direct_to_actor+0x6e6/0x8c0
[ 2234.156682]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2234.157022]  ? inode_security+0x105/0x140
[ 2234.157335]  ? selinux_file_permission+0x96/0x510
[ 2234.157674]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2234.158064]  ? security_file_permission+0xb5/0xe0
[ 2234.158397]  do_splice_direct+0x1bc/0x290
[ 2234.158686]  ? __pfx_do_splice_direct+0x10/0x10
[ 2234.159014]  ? lock_is_held_type+0x9f/0x120
[ 2234.159320]  do_sendfile+0xb1d/0x12b0
[ 2234.159592]  ? __pfx_do_sendfile+0x10/0x10
[ 2234.159890]  __x64_sys_sendfile64+0x1d5/0x210
[ 2234.160230]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2234.160577]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2234.160968]  do_syscall_64+0x3f/0x90
[ 2234.161250]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2234.161620] RIP: 0033:0x7f9525e17b19
[ 2234.161903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2234.163190] RSP: 002b:00007f952338d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2234.163724] RAX: ffffffffffffffda RBX: 00007f9525f2af60 RCX: 00007f9525e17b19
[ 2234.164232] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2234.164738] RBP: 00007f952338d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2234.165240] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2234.165753] R13: 00007ffe60cd11cf R14: 00007f952338d300 R15: 0000000000022000
[ 2234.166300]  </TASK>
[ 2234.180990] FAULT_INJECTION: forcing a failure.
[ 2234.180990] name failslab, interval 1, probability 0, space 0, times 0
[ 2234.182536] CPU: 0 PID: 9973 Comm: syz-executor.3 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2234.183564] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2234.184600] Call Trace:
[ 2234.184937]  <TASK>
[ 2234.185239]  dump_stack_lvl+0xc1/0xf0
[ 2234.185767]  should_fail_ex+0x4b4/0x5b0
[ 2234.186327]  should_failslab+0x9/0x20
[ 2234.186841]  __kmem_cache_alloc_node+0x5b/0x310
[ 2234.187461]  ? alloc_pipe_info+0x10e/0x590
[ 2234.188033]  kmalloc_trace+0x26/0xc0
[ 2234.188245] loop2: detected capacity change from 0 to 40
[ 2234.188534]  alloc_pipe_info+0x10e/0x590
[ 2234.189448]  splice_direct_to_actor+0x6e6/0x8c0
[ 2234.190103]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2234.190752]  ? inode_security+0x105/0x140
[ 2234.191315]  ? selinux_file_permission+0x96/0x510
[ 2234.191968]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2234.192654]  ? security_file_permission+0xb5/0xe0
[ 2234.193286]  do_splice_direct+0x1bc/0x290
[ 2234.193856]  ? __pfx_do_splice_direct+0x10/0x10
[ 2234.194491]  ? lock_is_held_type+0x9f/0x120
[ 2234.195075]  do_sendfile+0xb1d/0x12b0
[ 2234.195591]  ? __pfx_do_sendfile+0x10/0x10
[ 2234.196157]  __x64_sys_sendfile64+0x1d5/0x210
[ 2234.196770]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2234.197430]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2234.198129]  do_syscall_64+0x3f/0x90
[ 2234.198622]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2234.199289] RIP: 0033:0x7fe051d4ab19
[ 2234.199771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2234.202008] RSP: 002b:00007fe04f2c0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2234.202966] RAX: ffffffffffffffda RBX: 00007fe051e5df60 RCX: 00007fe051d4ab19
[ 2234.203857] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2234.204749] RBP: 00007fe04f2c01d0 R08: 0000000000000000 R09: 0000000000000000
[ 2234.205639] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2234.206552] R13: 00007ffe399a466f R14: 00007fe04f2c0300 R15: 0000000000022000
[ 2234.207466]  </TASK>
15:39:32 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 1)

15:39:32 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:32 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 1)

15:39:32 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:32 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 2)

15:39:32 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:32 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 2)

15:39:32 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 2)

[ 2248.397960] loop6: detected capacity change from 0 to 40
[ 2248.398685] loop4: detected capacity change from 0 to 40
[ 2248.401668] loop1: detected capacity change from 0 to 40
[ 2248.403232] loop7: detected capacity change from 0 to 40
[ 2248.409449] loop0: detected capacity change from 0 to 40
[ 2248.411468] loop2: detected capacity change from 0 to 40
[ 2248.414468] loop3: detected capacity change from 0 to 40
[ 2248.416331] loop5: detected capacity change from 0 to 40
[ 2248.423770] FAULT_INJECTION: forcing a failure.
[ 2248.423770] name failslab, interval 1, probability 0, space 0, times 0
[ 2248.424541] CPU: 0 PID: 10001 Comm: syz-executor.1 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2248.425108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2248.425669] Call Trace:
[ 2248.425853]  <TASK>
[ 2248.426030]  dump_stack_lvl+0xc1/0xf0
[ 2248.426321]  should_fail_ex+0x4b4/0x5b0
[ 2248.426612]  should_failslab+0x9/0x20
[ 2248.426884]  __kmem_cache_alloc_node+0x5b/0x310
[ 2248.427222]  ? alloc_pipe_info+0x10e/0x590
[ 2248.427528]  kmalloc_trace+0x26/0xc0
[ 2248.427803]  alloc_pipe_info+0x10e/0x590
[ 2248.428093]  splice_direct_to_actor+0x6e6/0x8c0
[ 2248.428438]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2248.428791]  ? inode_security+0x105/0x140
[ 2248.429087]  ? selinux_file_permission+0x96/0x510
[ 2248.429436]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2248.429812]  ? security_file_permission+0xb5/0xe0
[ 2248.430167]  do_splice_direct+0x1bc/0x290
[ 2248.430468]  ? __pfx_do_splice_direct+0x10/0x10
[ 2248.430807]  ? lock_is_held_type+0x9f/0x120
[ 2248.431115]  do_sendfile+0xb1d/0x12b0
[ 2248.431395]  ? __pfx_do_sendfile+0x10/0x10
[ 2248.431703]  __x64_sys_sendfile64+0x1d5/0x210
[ 2248.432025]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2248.432384]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2248.432758]  do_syscall_64+0x3f/0x90
[ 2248.433017]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2248.433380] RIP: 0033:0x7f2e3b857b19
[ 2248.433632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2248.434860] RSP: 002b:00007f2e38dcd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2248.435383] RAX: ffffffffffffffda RBX: 00007f2e3b96af60 RCX: 00007f2e3b857b19
[ 2248.435884] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2248.436385] RBP: 00007f2e38dcd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2248.436893] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2248.437398] R13: 00007ffe89ecc33f R14: 00007f2e38dcd300 R15: 0000000000022000
[ 2248.437916]  </TASK>
15:39:33 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2248.490264] FAULT_INJECTION: forcing a failure.
[ 2248.490264] name failslab, interval 1, probability 0, space 0, times 0
[ 2248.491854] CPU: 1 PID: 10002 Comm: syz-executor.0 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2248.492915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2248.493970] Call Trace:
[ 2248.494344]  <TASK>
[ 2248.494655]  dump_stack_lvl+0xc1/0xf0
[ 2248.495196]  should_fail_ex+0x4b4/0x5b0
[ 2248.495756]  should_failslab+0x9/0x20
[ 2248.496289]  __kmem_cache_alloc_node+0x5b/0x310
[ 2248.496973]  ? alloc_pipe_info+0x10e/0x590
[ 2248.497559]  kmalloc_trace+0x26/0xc0
[ 2248.498085]  alloc_pipe_info+0x10e/0x590
[ 2248.498645]  splice_direct_to_actor+0x6e6/0x8c0
[ 2248.499288]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2248.499970]  ? inode_security+0x105/0x140
[ 2248.500542]  ? selinux_file_permission+0x96/0x510
[ 2248.501229]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2248.501956]  ? security_file_permission+0xb5/0xe0
[ 2248.502670]  do_splice_direct+0x1bc/0x290
[ 2248.503269]  ? __pfx_do_splice_direct+0x10/0x10
[ 2248.503946]  ? lock_is_held_type+0x9f/0x120
[ 2248.504227] loop7: detected capacity change from 0 to 40
[ 2248.504566]  do_sendfile+0xb1d/0x12b0
[ 2248.505498]  ? __pfx_do_sendfile+0x10/0x10
[ 2248.506128]  __x64_sys_sendfile64+0x1d5/0x210
[ 2248.506779]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2248.507492]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2248.508238]  do_syscall_64+0x3f/0x90
[ 2248.508769]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2248.509492] RIP: 0033:0x7fb41b187b19
[ 2248.510023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2248.512447] RSP: 002b:00007fb4186fd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2248.513430] RAX: ffffffffffffffda RBX: 00007fb41b29af60 RCX: 00007fb41b187b19
[ 2248.514415] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2248.515390] RBP: 00007fb4186fd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2248.516355] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2248.517314] R13: 00007ffcd9ca88ff R14: 00007fb4186fd300 R15: 0000000000022000
[ 2248.518312]  </TASK>
15:39:33 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 2)

[ 2248.539297] syz-executor.6: attempt to access beyond end of device
[ 2248.539297] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2248.540915] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2248.548356] syz-executor.4: attempt to access beyond end of device
[ 2248.548356] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2248.549202] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:39:33 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:33 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2248.586302] loop1: detected capacity change from 0 to 40
15:39:33 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:33 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 3)

15:39:33 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 3)

[ 2248.635371] syz-executor.3: attempt to access beyond end of device
[ 2248.635371] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2248.636346] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2248.643735] loop7: detected capacity change from 0 to 40
[ 2248.655293] syz-executor.1: attempt to access beyond end of device
[ 2248.655293] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2248.656247] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2248.659712] loop5: detected capacity change from 0 to 40
[ 2248.678722] loop4: detected capacity change from 0 to 40
[ 2248.696402] loop2: detected capacity change from 0 to 40
[ 2248.699449] FAULT_INJECTION: forcing a failure.
[ 2248.699449] name failslab, interval 1, probability 0, space 0, times 0
[ 2248.700297] CPU: 0 PID: 10016 Comm: syz-executor.4 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2248.700845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2248.701392] Call Trace:
[ 2248.701571]  <TASK>
[ 2248.701736]  dump_stack_lvl+0xc1/0xf0
[ 2248.702036]  should_fail_ex+0x4b4/0x5b0
[ 2248.702332]  should_failslab+0x9/0x20
[ 2248.702609]  __kmem_cache_alloc_node+0x5b/0x310
[ 2248.702938]  ? alloc_pipe_info+0x1e9/0x590
[ 2248.703237]  ? alloc_pipe_info+0x10e/0x590
[ 2248.703534]  ? alloc_pipe_info+0x1e9/0x590
[ 2248.703834]  __kmalloc+0x4a/0x160
[ 2248.704088]  alloc_pipe_info+0x1e9/0x590
[ 2248.704377]  splice_direct_to_actor+0x6e6/0x8c0
[ 2248.704728]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2248.705077]  ? inode_security+0x105/0x140
[ 2248.705374]  ? selinux_file_permission+0x96/0x510
[ 2248.705716]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2248.706109]  ? security_file_permission+0xb5/0xe0
[ 2248.706455]  do_splice_direct+0x1bc/0x290
[ 2248.706752]  ? __pfx_do_splice_direct+0x10/0x10
[ 2248.707089]  ? lock_is_held_type+0x9f/0x120
[ 2248.707402]  do_sendfile+0xb1d/0x12b0
[ 2248.707681]  ? __pfx_do_sendfile+0x10/0x10
[ 2248.707995]  __x64_sys_sendfile64+0x1d5/0x210
[ 2248.708324]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2248.708672]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2248.709039]  do_syscall_64+0x3f/0x90
[ 2248.709304]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2248.709660] RIP: 0033:0x7f9525e17b19
[ 2248.709919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2248.711110] RSP: 002b:00007f952338d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2248.711616] RAX: ffffffffffffffda RBX: 00007f9525f2af60 RCX: 00007f9525e17b19
[ 2248.712096] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2248.712568] RBP: 00007f952338d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2248.713047] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2248.713518] R13: 00007ffe60cd11cf R14: 00007f952338d300 R15: 0000000000022000
[ 2248.714023]  </TASK>
[ 2248.715525] loop6: detected capacity change from 0 to 40
[ 2248.739555] FAULT_INJECTION: forcing a failure.
[ 2248.739555] name failslab, interval 1, probability 0, space 0, times 0
[ 2248.740337] CPU: 0 PID: 10019 Comm: syz-executor.6 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2248.740885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2248.741429] Call Trace:
[ 2248.741621]  <TASK>
[ 2248.741787]  dump_stack_lvl+0xc1/0xf0
[ 2248.742075]  should_fail_ex+0x4b4/0x5b0
[ 2248.742365]  should_failslab+0x9/0x20
[ 2248.742634]  __kmem_cache_alloc_node+0x5b/0x310
[ 2248.742963]  ? alloc_pipe_info+0x1e9/0x590
[ 2248.743267]  ? alloc_pipe_info+0x10e/0x590
[ 2248.743563]  ? alloc_pipe_info+0x1e9/0x590
[ 2248.743859]  __kmalloc+0x4a/0x160
[ 2248.744114]  alloc_pipe_info+0x1e9/0x590
[ 2248.744405]  splice_direct_to_actor+0x6e6/0x8c0
[ 2248.744736]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2248.745081]  ? inode_security+0x105/0x140
[ 2248.745377]  ? selinux_file_permission+0x96/0x510
[ 2248.745722]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2248.746106]  ? security_file_permission+0xb5/0xe0
[ 2248.746453]  do_splice_direct+0x1bc/0x290
[ 2248.746756]  ? __pfx_do_splice_direct+0x10/0x10
[ 2248.747098]  ? lock_is_held_type+0x9f/0x120
[ 2248.747418]  do_sendfile+0xb1d/0x12b0
[ 2248.747701]  ? __pfx_do_sendfile+0x10/0x10
[ 2248.748005]  __x64_sys_sendfile64+0x1d5/0x210
[ 2248.748323]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2248.748681]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2248.749048]  do_syscall_64+0x3f/0x90
[ 2248.749309]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2248.749666] RIP: 0033:0x7f746e5b1b19
[ 2248.749926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2248.751138] RSP: 002b:00007f746bb27188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2248.751650] RAX: ffffffffffffffda RBX: 00007f746e6c4f60 RCX: 00007f746e5b1b19
[ 2248.752123] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2248.752599] RBP: 00007f746bb271d0 R08: 0000000000000000 R09: 0000000000000000
[ 2248.753075] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2248.753555] R13: 00007ffcd6c9647f R14: 00007f746bb27300 R15: 0000000000022000
[ 2248.754061]  </TASK>
15:39:45 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 3)

15:39:45 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 4)

15:39:45 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 3)

15:39:45 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 4)

15:39:45 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 2)

15:39:45 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:45 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:45 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2261.073471] loop4: detected capacity change from 0 to 40
[ 2261.078379] loop1: detected capacity change from 0 to 40
[ 2261.079981] loop7: detected capacity change from 0 to 40
[ 2261.083454] loop5: detected capacity change from 0 to 40
[ 2261.090523] loop0: detected capacity change from 0 to 40
[ 2261.137157] loop6: detected capacity change from 0 to 40
[ 2261.146788] loop2: detected capacity change from 0 to 40
[ 2261.148511] loop3: detected capacity change from 0 to 40
15:39:45 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2261.163932] syz-executor.0: attempt to access beyond end of device
[ 2261.163932] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2261.164862] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2261.186916] FAULT_INJECTION: forcing a failure.
[ 2261.186916] name failslab, interval 1, probability 0, space 0, times 0
[ 2261.187970] CPU: 0 PID: 10044 Comm: syz-executor.1 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2261.188547] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2261.189123] Call Trace:
[ 2261.189309]  <TASK>
[ 2261.189482]  dump_stack_lvl+0xc1/0xf0
[ 2261.189779]  should_fail_ex+0x4b4/0x5b0
[ 2261.190087]  should_failslab+0x9/0x20
[ 2261.190378]  __kmem_cache_alloc_node+0x5b/0x310
[ 2261.190734]  ? alloc_pipe_info+0x1e9/0x590
[ 2261.191046]  ? alloc_pipe_info+0x10e/0x590
[ 2261.191356]  ? alloc_pipe_info+0x1e9/0x590
[ 2261.191664]  __kmalloc+0x4a/0x160
[ 2261.191925]  alloc_pipe_info+0x1e9/0x590
[ 2261.192228]  splice_direct_to_actor+0x6e6/0x8c0
[ 2261.192576]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2261.192937]  ? inode_security+0x105/0x140
[ 2261.193254]  ? selinux_file_permission+0x96/0x510
[ 2261.193609]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2261.193988]  ? security_file_permission+0xb5/0xe0
[ 2261.194358]  do_splice_direct+0x1bc/0x290
[ 2261.194669]  ? __pfx_do_splice_direct+0x10/0x10
[ 2261.194803] FAULT_INJECTION: forcing a failure.
[ 2261.194803] name failslab, interval 1, probability 0, space 0, times 0
[ 2261.195017]  ? lock_is_held_type+0x9f/0x120
[ 2261.196713]  do_sendfile+0xb1d/0x12b0
[ 2261.197001]  ? __pfx_do_sendfile+0x10/0x10
[ 2261.197324]  __x64_sys_sendfile64+0x1d5/0x210
[ 2261.197663]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2261.198032]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2261.198420]  do_syscall_64+0x3f/0x90
[ 2261.198690]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2261.199068] RIP: 0033:0x7f2e3b857b19
[ 2261.199337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2261.200587] RSP: 002b:00007f2e38dac188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2261.201121] RAX: ffffffffffffffda RBX: 00007f2e3b96b020 RCX: 00007f2e3b857b19
[ 2261.201624] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006
[ 2261.202121] RBP: 00007f2e38dac1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2261.202629] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2261.203130] R13: 00007ffe89ecc33f R14: 00007f2e38dac300 R15: 0000000000022000
[ 2261.203646]  </TASK>
[ 2261.203823] CPU: 1 PID: 10042 Comm: syz-executor.3 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2261.204903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2261.205958] Call Trace:
[ 2261.206341]  <TASK>
[ 2261.206652]  dump_stack_lvl+0xc1/0xf0
[ 2261.207205]  should_fail_ex+0x4b4/0x5b0
[ 2261.207764]  should_failslab+0x9/0x20
[ 2261.208289]  __kmem_cache_alloc_node+0x5b/0x310
[ 2261.208916]  ? alloc_pipe_info+0x1e9/0x590
[ 2261.209484]  ? alloc_pipe_info+0x10e/0x590
[ 2261.210069]  ? alloc_pipe_info+0x1e9/0x590
[ 2261.210652]  __kmalloc+0x4a/0x160
[ 2261.211137]  alloc_pipe_info+0x1e9/0x590
[ 2261.211700]  splice_direct_to_actor+0x6e6/0x8c0
[ 2261.212332] loop7: detected capacity change from 0 to 40
[ 2261.212337]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2261.213376]  ? inode_security+0x105/0x140
[ 2261.213945]  ? selinux_file_permission+0x96/0x510
[ 2261.214608]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2261.215305]  ? security_file_permission+0xb5/0xe0
[ 2261.215954]  do_splice_direct+0x1bc/0x290
[ 2261.216521]  ? __pfx_do_splice_direct+0x10/0x10
[ 2261.217160]  ? lock_is_held_type+0x9f/0x120
[ 2261.217757]  do_sendfile+0xb1d/0x12b0
[ 2261.218307]  ? __pfx_do_sendfile+0x10/0x10
[ 2261.218883]  __x64_sys_sendfile64+0x1d5/0x210
[ 2261.219499]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2261.220167]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2261.220865]  do_syscall_64+0x3f/0x90
[ 2261.221477]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2261.222355] RIP: 0033:0x7fe051d4ab19
[ 2261.222967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2261.225302] RSP: 002b:00007fe04f2c0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2261.226315] RAX: ffffffffffffffda RBX: 00007fe051e5df60 RCX: 00007fe051d4ab19
[ 2261.227239] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2261.228138] RBP: 00007fe04f2c01d0 R08: 0000000000000000 R09: 0000000000000000
[ 2261.229043] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2261.229943] R13: 00007ffe399a466f R14: 00007fe04f2c0300 R15: 0000000000022000
[ 2261.230884]  </TASK>
15:39:45 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 3)

[ 2261.258430] syz-executor.4: attempt to access beyond end of device
[ 2261.258430] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2261.259425] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2261.266326] syz-executor.6: attempt to access beyond end of device
[ 2261.266326] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2261.267866] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2261.301102] loop0: detected capacity change from 0 to 40
[ 2261.326606] FAULT_INJECTION: forcing a failure.
[ 2261.326606] name failslab, interval 1, probability 0, space 0, times 0
[ 2261.327360] CPU: 0 PID: 10050 Comm: syz-executor.0 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2261.327903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2261.328442] Call Trace:
[ 2261.328620]  <TASK>
[ 2261.328781]  dump_stack_lvl+0xc1/0xf0
[ 2261.329065]  should_fail_ex+0x4b4/0x5b0
[ 2261.329352]  should_failslab+0x9/0x20
[ 2261.329622]  __kmem_cache_alloc_node+0x5b/0x310
[ 2261.329951]  ? alloc_pipe_info+0x1e9/0x590
[ 2261.330258]  ? alloc_pipe_info+0x10e/0x590
[ 2261.330551]  ? alloc_pipe_info+0x1e9/0x590
[ 2261.330840]  __kmalloc+0x4a/0x160
[ 2261.331099]  alloc_pipe_info+0x1e9/0x590
[ 2261.331382]  splice_direct_to_actor+0x6e6/0x8c0
[ 2261.331718]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2261.332066]  ? inode_security+0x105/0x140
[ 2261.332358]  ? selinux_file_permission+0x96/0x510
[ 2261.332693]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2261.333053]  ? security_file_permission+0xb5/0xe0
[ 2261.333384]  do_splice_direct+0x1bc/0x290
[ 2261.333674]  ? __pfx_do_splice_direct+0x10/0x10
[ 2261.334011]  ? lock_is_held_type+0x9f/0x120
[ 2261.334328]  do_sendfile+0xb1d/0x12b0
[ 2261.334599]  ? __pfx_do_sendfile+0x10/0x10
[ 2261.334903]  __x64_sys_sendfile64+0x1d5/0x210
[ 2261.335218]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2261.335562]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2261.335921]  do_syscall_64+0x3f/0x90
[ 2261.336181]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2261.336539] RIP: 0033:0x7fb41b187b19
[ 2261.336810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2261.338006] RSP: 002b:00007fb4186fd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2261.338511] RAX: ffffffffffffffda RBX: 00007fb41b29af60 RCX: 00007fb41b187b19
[ 2261.338993] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2261.339460] RBP: 00007fb4186fd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2261.339939] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2261.340413] R13: 00007ffcd9ca88ff R14: 00007fb4186fd300 R15: 0000000000022000
[ 2261.340905]  </TASK>
15:39:59 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 4)

15:39:59 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:59 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 4)

[ 2274.493402] loop4: detected capacity change from 0 to 40
15:39:59 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 5)

15:39:59 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2274.500941] loop5: detected capacity change from 0 to 40
15:39:59 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2274.510595] loop3: detected capacity change from 0 to 40
[ 2274.511029] loop7: detected capacity change from 0 to 40
15:39:59 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 5)

15:39:59 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 4)

[ 2274.530809] loop6: detected capacity change from 0 to 40
[ 2274.533948] loop1: detected capacity change from 0 to 40
[ 2274.546259] loop0: detected capacity change from 0 to 40
[ 2274.551543] FAULT_INJECTION: forcing a failure.
[ 2274.551543] name failslab, interval 1, probability 0, space 0, times 0
[ 2274.552339] CPU: 0 PID: 10070 Comm: syz-executor.6 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2274.552886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2274.553433] Call Trace:
[ 2274.553615]  <TASK>
[ 2274.553779]  dump_stack_lvl+0xc1/0xf0
[ 2274.554068]  should_fail_ex+0x4b4/0x5b0
[ 2274.554373]  should_failslab+0x9/0x20
[ 2274.554650]  __kmem_cache_alloc_node+0x5b/0x310
[ 2274.554990]  ? iter_file_splice_write+0x169/0xcb0
[ 2274.555340]  ? iter_file_splice_write+0x169/0xcb0
[ 2274.555681]  __kmalloc+0x4a/0x160
[ 2274.555945]  iter_file_splice_write+0x169/0xcb0
[ 2274.556307]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2274.556696]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2274.557095]  ? inode_security+0x105/0x140
[ 2274.557397]  ? security_file_permission+0xb5/0xe0
[ 2274.557753]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2274.558149]  direct_splice_actor+0x113/0x180
[ 2274.558506]  splice_direct_to_actor+0x33a/0x8c0
[ 2274.558858]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2274.559229]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2274.559605]  ? security_file_permission+0xb5/0xe0
[ 2274.559960]  do_splice_direct+0x1bc/0x290
[ 2274.560276]  ? __pfx_do_splice_direct+0x10/0x10
[ 2274.560630]  ? lock_is_held_type+0x9f/0x120
[ 2274.560963]  do_sendfile+0xb1d/0x12b0
[ 2274.561267]  ? __pfx_do_sendfile+0x10/0x10
[ 2274.561596]  __x64_sys_sendfile64+0x1d5/0x210
[ 2274.561942]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2274.562289]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2274.562663]  do_syscall_64+0x3f/0x90
[ 2274.562920]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2274.563283] RIP: 0033:0x7f746e5b1b19
[ 2274.563542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2274.564744] RSP: 002b:00007f746bb27188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2274.565254] RAX: ffffffffffffffda RBX: 00007f746e6c4f60 RCX: 00007f746e5b1b19
[ 2274.565730] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2274.566240] RBP: 00007f746bb271d0 R08: 0000000000000000 R09: 0000000000000000
[ 2274.566768] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2274.567271] R13: 00007ffcd6c9647f R14: 00007f746bb27300 R15: 0000000000022000
[ 2274.567788]  </TASK>
[ 2274.568706] loop2: detected capacity change from 0 to 40
[ 2274.571800] FAULT_INJECTION: forcing a failure.
[ 2274.571800] name failslab, interval 1, probability 0, space 0, times 0
[ 2274.573204] CPU: 1 PID: 10060 Comm: syz-executor.4 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2274.574109] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2274.575032] Call Trace:
[ 2274.575343]  <TASK>
[ 2274.575614]  dump_stack_lvl+0xc1/0xf0
[ 2274.576103]  should_fail_ex+0x4b4/0x5b0
[ 2274.576585]  should_failslab+0x9/0x20
[ 2274.577042]  __kmem_cache_alloc_node+0x5b/0x310
[ 2274.577594]  ? iter_file_splice_write+0x169/0xcb0
[ 2274.578167]  ? iter_file_splice_write+0x169/0xcb0
[ 2274.578719]  __kmalloc+0x4a/0x160
[ 2274.579134]  iter_file_splice_write+0x169/0xcb0
[ 2274.579699]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2274.580288]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2274.580896]  ? inode_security+0x105/0x140
[ 2274.581384]  ? security_file_permission+0xb5/0xe0
[ 2274.581939]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2274.582516]  direct_splice_actor+0x113/0x180
[ 2274.583028]  splice_direct_to_actor+0x33a/0x8c0
[ 2274.583543]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2274.584076]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2274.584639]  ? security_file_permission+0xb5/0xe0
[ 2274.585160]  do_splice_direct+0x1bc/0x290
[ 2274.585626]  ? __pfx_do_splice_direct+0x10/0x10
[ 2274.586146]  ? lock_is_held_type+0x9f/0x120
[ 2274.586655]  do_sendfile+0xb1d/0x12b0
[ 2274.587085]  ? __pfx_do_sendfile+0x10/0x10
[ 2274.587549]  __x64_sys_sendfile64+0x1d5/0x210
[ 2274.588047]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2274.588586]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2274.589147]  do_syscall_64+0x3f/0x90
[ 2274.589551]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2274.590146] RIP: 0033:0x7f9525e17b19
[ 2274.590564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2274.592394] RSP: 002b:00007f952338d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2274.593190] RAX: ffffffffffffffda RBX: 00007f9525f2af60 RCX: 00007f9525e17b19
[ 2274.593946] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2274.594709] RBP: 00007f952338d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2274.595443] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2274.596175] R13: 00007ffe60cd11cf R14: 00007f952338d300 R15: 0000000000022000
[ 2274.596935]  </TASK>
[ 2274.618103] syz-executor.3: attempt to access beyond end of device
[ 2274.618103] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2274.619480] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2274.624204] syz-executor.1: attempt to access beyond end of device
[ 2274.624204] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2274.625608] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:39:59 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:59 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:59 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 6)

15:39:59 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 5)

15:39:59 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 5)

15:39:59 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2274.705274] loop5: detected capacity change from 0 to 40
[ 2274.707277] loop7: detected capacity change from 0 to 40
[ 2274.711022] syz-executor.0: attempt to access beyond end of device
[ 2274.711022] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2274.712058] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2274.714317] loop6: detected capacity change from 0 to 40
[ 2274.719689] loop3: detected capacity change from 0 to 40
[ 2274.721500] loop1: detected capacity change from 0 to 40
[ 2274.739295] FAULT_INJECTION: forcing a failure.
[ 2274.739295] name failslab, interval 1, probability 0, space 0, times 0
[ 2274.740072] CPU: 0 PID: 10083 Comm: syz-executor.3 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2274.740612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2274.741153] Call Trace:
[ 2274.741331]  <TASK>
[ 2274.741491]  dump_stack_lvl+0xc1/0xf0
[ 2274.741774]  should_fail_ex+0x4b4/0x5b0
[ 2274.742067]  should_failslab+0x9/0x20
[ 2274.742356]  __kmem_cache_alloc_node+0x5b/0x310
[ 2274.742699]  ? iter_file_splice_write+0x169/0xcb0
[ 2274.743054]  ? iter_file_splice_write+0x169/0xcb0
[ 2274.743397]  __kmalloc+0x4a/0x160
[ 2274.743658]  iter_file_splice_write+0x169/0xcb0
[ 2274.744003]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2274.744367]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2274.744741]  ? inode_security+0x105/0x140
[ 2274.745055]  ? security_file_permission+0xb5/0xe0
[ 2274.745395]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2274.745771]  direct_splice_actor+0x113/0x180
[ 2274.746094]  splice_direct_to_actor+0x33a/0x8c0
[ 2274.746429]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2274.746776]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2274.747133]  ? security_file_permission+0xb5/0xe0
[ 2274.747472]  do_splice_direct+0x1bc/0x290
[ 2274.747766]  ? __pfx_do_splice_direct+0x10/0x10
[ 2274.748100]  ? lock_is_held_type+0x9f/0x120
[ 2274.748418]  do_sendfile+0xb1d/0x12b0
[ 2274.748697]  ? __pfx_do_sendfile+0x10/0x10
[ 2274.748998]  __x64_sys_sendfile64+0x1d5/0x210
[ 2274.749335]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2274.749683]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2274.750076]  do_syscall_64+0x3f/0x90
[ 2274.750333]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2274.750730] RIP: 0033:0x7fe051d4ab19
[ 2274.750999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2274.752282] RSP: 002b:00007fe04f2c0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2274.752824] RAX: ffffffffffffffda RBX: 00007fe051e5df60 RCX: 00007fe051d4ab19
[ 2274.753328] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2274.753826] RBP: 00007fe04f2c01d0 R08: 0000000000000000 R09: 0000000000000000
[ 2274.754354] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2274.754872] R13: 00007ffe399a466f R14: 00007fe04f2c0300 R15: 0000000000022000
[ 2274.755394]  </TASK>
15:39:59 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 5)

[ 2274.761206] FAULT_INJECTION: forcing a failure.
[ 2274.761206] name failslab, interval 1, probability 0, space 0, times 0
[ 2274.762321] CPU: 0 PID: 10082 Comm: syz-executor.1 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2274.762910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2274.763490] Call Trace:
[ 2274.763676]  <TASK>
[ 2274.763841]  dump_stack_lvl+0xc1/0xf0
[ 2274.764136]  should_fail_ex+0x4b4/0x5b0
[ 2274.764437]  should_failslab+0x9/0x20
[ 2274.764729]  __kmem_cache_alloc_node+0x5b/0x310
[ 2274.765075]  ? iter_file_splice_write+0x169/0xcb0
[ 2274.765435]  ? iter_file_splice_write+0x169/0xcb0
[ 2274.765789]  __kmalloc+0x4a/0x160
[ 2274.766051]  iter_file_splice_write+0x169/0xcb0
[ 2274.766419]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2274.766809]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2274.767206]  ? inode_security+0x105/0x140
[ 2274.767518]  ? security_file_permission+0xb5/0xe0
[ 2274.767874]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2274.768258]  direct_splice_actor+0x113/0x180
[ 2274.768588]  splice_direct_to_actor+0x33a/0x8c0
[ 2274.768934]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2274.769297]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2274.769674]  ? security_file_permission+0xb5/0xe0
[ 2274.770031]  do_splice_direct+0x1bc/0x290
[ 2274.770334]  ? __pfx_do_splice_direct+0x10/0x10
[ 2274.770683]  ? lock_is_held_type+0x9f/0x120
[ 2274.771004]  do_sendfile+0xb1d/0x12b0
[ 2274.771293]  ? __pfx_do_sendfile+0x10/0x10
[ 2274.771615]  __x64_sys_sendfile64+0x1d5/0x210
[ 2274.771949]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2274.772324]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2274.772706]  do_syscall_64+0x3f/0x90
[ 2274.772979]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2274.773360] RIP: 0033:0x7f2e3b857b19
[ 2274.773630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2274.774824] RSP: 002b:00007f2e38dcd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2274.775367] RAX: ffffffffffffffda RBX: 00007f2e3b96af60 RCX: 00007f2e3b857b19
[ 2274.775874] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2274.776380] RBP: 00007f2e38dcd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2274.776894] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2274.777389] R13: 00007ffe89ecc33f R14: 00007f2e38dcd300 R15: 0000000000022000
[ 2274.777900]  </TASK>
[ 2274.790202] loop2: detected capacity change from 0 to 40
[ 2274.790258] syz-executor.6: attempt to access beyond end of device
[ 2274.790258] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2274.791791] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:39:59 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 6)

15:39:59 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 7)

15:39:59 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 6)

15:39:59 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:59 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:39:59 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 6)

[ 2274.880423] loop0: detected capacity change from 0 to 40
[ 2274.882466] loop6: detected capacity change from 0 to 40
[ 2274.896059] loop3: detected capacity change from 0 to 40
[ 2274.918708] loop5: detected capacity change from 0 to 40
[ 2274.920933] FAULT_INJECTION: forcing a failure.
[ 2274.920933] name failslab, interval 1, probability 0, space 0, times 0
[ 2274.924013] CPU: 1 PID: 10090 Comm: syz-executor.0 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2274.924896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2274.925687] loop1: detected capacity change from 0 to 40
[ 2274.925753] Call Trace:
[ 2274.926424]  <TASK>
[ 2274.926689]  dump_stack_lvl+0xc1/0xf0
[ 2274.927144]  should_fail_ex+0x4b4/0x5b0
[ 2274.927617]  should_failslab+0x9/0x20
[ 2274.928058]  __kmem_cache_alloc_node+0x5b/0x310
[ 2274.928589]  ? iter_file_splice_write+0x169/0xcb0
[ 2274.929149]  ? iter_file_splice_write+0x169/0xcb0
[ 2274.929695]  __kmalloc+0x4a/0x160
[ 2274.930103]  iter_file_splice_write+0x169/0xcb0
[ 2274.930676]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2274.931260]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2274.931905]  ? inode_security+0x105/0x140
[ 2274.932401]  ? security_file_permission+0xb5/0xe0
[ 2274.932940]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2274.933522]  direct_splice_actor+0x113/0x180
[ 2274.934031]  splice_direct_to_actor+0x33a/0x8c0
[ 2274.934612]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2274.935178]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2274.935766]  ? security_file_permission+0xb5/0xe0
[ 2274.936311]  do_splice_direct+0x1bc/0x290
[ 2274.936787]  ? __pfx_do_splice_direct+0x10/0x10
[ 2274.937336]  ? lock_is_held_type+0x9f/0x120
[ 2274.937842]  do_sendfile+0xb1d/0x12b0
[ 2274.938291]  ? __pfx_do_sendfile+0x10/0x10
[ 2274.938813]  ? __pfx___schedule+0x10/0x10
[ 2274.939290]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 2274.939952]  __x64_sys_sendfile64+0x1d5/0x210
[ 2274.940462]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2274.941027]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2274.941610]  do_syscall_64+0x3f/0x90
[ 2274.942026]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2274.942594] RIP: 0033:0x7fb41b187b19
[ 2274.943002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2274.944866] RSP: 002b:00007fb4186fd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2274.945670] RAX: ffffffffffffffda RBX: 00007fb41b29af60 RCX: 00007fb41b187b19
[ 2274.946430] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2274.947179] RBP: 00007fb4186fd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2274.947930] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2274.948678] R13: 00007ffcd9ca88ff R14: 00007fb4186fd300 R15: 0000000000022000
[ 2274.949451]  </TASK>
[ 2274.956199] loop7: detected capacity change from 0 to 40
[ 2274.976479] syz-executor.6: attempt to access beyond end of device
[ 2274.976479] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2274.977492] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2274.997178] syz-executor.3: attempt to access beyond end of device
[ 2274.997178] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2274.998100] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2275.006472] syz-executor.1: attempt to access beyond end of device
[ 2275.006472] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2275.007328] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:40:14 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:40:14 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 7)

15:40:14 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 6)

15:40:14 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:40:14 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2289.488557] loop1: detected capacity change from 0 to 40
15:40:14 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 8)

15:40:14 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 7)

15:40:14 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2289.512359] loop6: detected capacity change from 0 to 40
[ 2289.532588] syz-executor.1: attempt to access beyond end of device
[ 2289.532588] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2289.533716] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2289.545410] loop2: detected capacity change from 0 to 40
[ 2289.556619] loop5: detected capacity change from 0 to 40
[ 2289.557375] syz-executor.6: attempt to access beyond end of device
[ 2289.557375] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2289.558500] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:40:14 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 8)

[ 2289.587410] loop4: detected capacity change from 0 to 40
[ 2289.591864] loop3: detected capacity change from 0 to 40
[ 2289.597586] loop0: detected capacity change from 0 to 40
15:40:14 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 9)

[ 2289.604238] loop7: detected capacity change from 0 to 40
15:40:14 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2289.657297] loop6: detected capacity change from 0 to 40
[ 2289.660141] syz-executor.4: attempt to access beyond end of device
[ 2289.660141] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2289.661108] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2289.666789] syz-executor.3: attempt to access beyond end of device
[ 2289.666789] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2289.669114] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:40:14 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2289.688924] loop1: detected capacity change from 0 to 40
[ 2289.704792] syz-executor.6: attempt to access beyond end of device
[ 2289.704792] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2289.705763] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2289.710249] syz-executor.0: attempt to access beyond end of device
[ 2289.710249] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2289.711831] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:40:14 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 8)

[ 2289.736714] syz-executor.1: attempt to access beyond end of device
[ 2289.736714] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2289.737569] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2289.739737] loop2: detected capacity change from 0 to 40
15:40:14 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:40:14 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 10)

[ 2289.793586] loop5: detected capacity change from 0 to 40
[ 2289.809424] loop6: detected capacity change from 0 to 40
[ 2289.836189] syz-executor.6: attempt to access beyond end of device
[ 2289.836189] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2289.837070] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2289.862016] loop3: detected capacity change from 0 to 40
[ 2289.884200] loop7: detected capacity change from 0 to 40
[ 2289.899892] syz-executor.3: attempt to access beyond end of device
[ 2289.899892] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2289.901370] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2303.044544] loop1: detected capacity change from 0 to 40
15:40:27 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 9)

15:40:27 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 9)

15:40:27 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:40:27 executing program 4:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x1}], 0x20000, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
io_setup(0x9, &(0x7f0000000000)=<r3=>0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000440)={0x0, 0x2, 0x1f, 0x8})
io_submit(r3, 0x2, &(0x7f0000000240)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0xc1, r0, &(0x7f0000000180)="5a90b18720d5d0e86a9d36528404e3136102504a6712b62a018103641e58e43ad3ec0725b65f8a1374a08d1a0dc35bea907f26148ac0d3899422207011b34c8c86428d6a421021924a90c120fd0c178f8ee9ba75713c57b4934407bb461fbb78d98e", 0x62, 0x5, 0x0, 0x1, r4}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x8, r0, &(0x7f0000000300)="c40746830355ec88c3ba3502105a18b3e7c924a791a2195640dba8649110bff125d2e9ac01599da9159c60bdba4739db5d3c05a67565ab3aab4b749f4563cf3067f8063fd5622f8a25356500f9aabf3a6a77f703b92e1c91157418df1f65f22c864e33c8cb94e73c3a63f1", 0x6b, 0x1f6, 0x0, 0x0, r2}])
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
io_setup(0x7, &(0x7f0000000380))
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
lstat(&(0x7f0000000400)='./file1/file0\x00', &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
ioctl$F2FS_IOC_DEFRAGMENT(r2, 0xc010f508, &(0x7f00000008c0)={0x8, 0x80000000})
rename(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='./file1\x00')
sendmsg$nl_netfilter(r4, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000004c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="5c0200000103010129bd7000fedbdf250a00000808001900", @ANYRES32=0xee00, @ANYRESDEC=r4, @ANYRES32, @ANYBLOB="3f017f8004001f0004002300432b5fb69c6ee742fe5f19fcbce076c37287a8022bdf43d214003000fe8000000000000000000000000000bb13bb9c5a96a06ffe4c6d46a10bc995ca496a9b5090627f5406c5a8c12bf2d303b197b93845e116bafb5845ffe524d5bd0902522f4c193ae5f98088d53f6db50677adabfa25c374766ce2f85f593f186deb0fa75de19cf5cf8a10e80ba455a1c462c5024d7624684ad823f8cce03f90d60585be03659c3579926bf227c42623c8d059eff96255a24cd7b00e376a93d3c065c90b296c968b663714dfe05df3317947143dfcf7d60765e9ac702a22e827fb32126dda9f08000600", @ANYRES32=r5, @ANYBLOB="6e2f3445e50a6c348594a453d11dbc02608976fb4f5df301f1fae9df6d502178a89c98e704a104000000a73820f47c889972bd845f5b592fe8bd06d247a362f28906266161dc24725439000c009600200000000000000010002780060052007d00000004008d009faffda6a2fe80bc35c12955f2899baaed33dec060332fd139ac9fbb5f685d7ed3b1ced8318f4898c5f8334f29e5ea9e517c2e8437f9560ef0c416a7aa8003af0e09f93a47142e1c23da29b93d78d2ca30402e8c057c955bc50b4987f318727f6302351b5b7750dd773a6be1d412529f38ae7025b283763eb90f2fea057b5a960f35df5543223be5c89c68ec22a163b7ab3676670e91c5b785596179862f4f23e23c945f1b5cb2f57b7ccb43f3950cca5ead0a2cc01401c43c31b1fd4e429b5ddf69c8938e032b9b33000000605e7e9c57942f7f796193978a"], 0x25c}, 0x1, 0x0, 0x0, 0x40000}, 0x40000)
sendfile(r2, r1, 0x0, 0xfffffdef)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
openat(r6, &(0x7f00000005c0)='./file1\x00', 0x214040, 0x0)

15:40:27 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 7)

15:40:27 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 11)

[ 2303.057964] loop6: detected capacity change from 0 to 40
[ 2303.061763] loop2: detected capacity change from 0 to 40
15:40:27 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, &(0x7f0000000240), 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:40:27 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, 0x0, 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2303.064440] loop7: detected capacity change from 0 to 40
[ 2303.076508] loop0: detected capacity change from 0 to 40
[ 2303.089823] loop3: detected capacity change from 0 to 40
[ 2303.114118] syz-executor.6: attempt to access beyond end of device
[ 2303.114118] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2303.115010] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2303.117487] loop5: detected capacity change from 0 to 40
[ 2303.122840] syz-executor.0: attempt to access beyond end of device
[ 2303.122840] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2303.123771] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2303.132272] syz-executor.7: attempt to access beyond end of device
[ 2303.132272] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2303.133186] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2303.139336] syz-executor.1: attempt to access beyond end of device
[ 2303.139336] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2303.140552] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:40:27 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

15:40:27 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 8)

15:40:27 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 12)

15:40:27 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 10)

15:40:27 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2004, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2303.202248] loop2: detected capacity change from 0 to 40
[ 2303.230889] loop0: detected capacity change from 0 to 40
[ 2303.253862] syz-executor.3: attempt to access beyond end of device
[ 2303.253862] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2303.255547] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:40:27 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

[ 2303.265413] loop1: detected capacity change from 0 to 40
[ 2303.275660] loop5: detected capacity change from 0 to 40
15:40:27 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

[ 2303.299741] syz-executor.0: attempt to access beyond end of device
[ 2303.299741] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2303.300619] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2303.305423] loop6: detected capacity change from 0 to 40
15:40:27 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 10)

[ 2303.335004] syz-executor.5: attempt to access beyond end of device
[ 2303.335004] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2303.336163] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2303.344602] loop7: detected capacity change from 0 to 40
[ 2303.355871] loop2: detected capacity change from 0 to 40
[ 2303.384910] syz-executor.1: attempt to access beyond end of device
[ 2303.384910] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2303.386906] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2303.410271] syz-executor.6: attempt to access beyond end of device
[ 2303.410271] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2303.412006] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2303.421311] loop3: detected capacity change from 0 to 40
[ 2303.499387] syz-executor.3: attempt to access beyond end of device
[ 2303.499387] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2303.501862] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:40:41 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 9)

15:40:41 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x2)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x301680, 0x2, 0x10}, 0x18)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x4180, 0x89)
mount$bind(0x0, 0x0, 0x0, 0x900801, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = eventfd2(0x2, 0x800)
sendfile(r0, r1, 0x0, 0xfffffdef)

15:40:41 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 11)

15:40:41 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

15:40:41 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:40:41 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 11)

15:40:41 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

15:40:41 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 13)

[ 2317.105886] loop0: detected capacity change from 0 to 40
[ 2317.132405] loop4: detected capacity change from 0 to 40
[ 2317.133864] loop1: detected capacity change from 0 to 40
[ 2317.134948] loop7: detected capacity change from 0 to 40
[ 2317.136101] loop6: detected capacity change from 0 to 40
[ 2317.138833] loop3: detected capacity change from 0 to 40
[ 2317.148035] loop5: detected capacity change from 0 to 40
[ 2317.148592] loop2: detected capacity change from 0 to 40
[ 2317.163603] FAULT_INJECTION: forcing a failure.
[ 2317.163603] name failslab, interval 1, probability 0, space 0, times 0
[ 2317.164410] CPU: 1 PID: 10203 Comm: syz-executor.6 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2317.164956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2317.165533] Call Trace:
[ 2317.165721]  <TASK>
[ 2317.165882]  dump_stack_lvl+0xc1/0xf0
[ 2317.166188]  should_fail_ex+0x4b4/0x5b0
[ 2317.166484]  should_failslab+0x9/0x20
[ 2317.166764]  __kmem_cache_alloc_node+0x5b/0x310
[ 2317.167100]  ? iter_file_splice_write+0x169/0xcb0
[ 2317.167460]  ? iter_file_splice_write+0x169/0xcb0
[ 2317.167801]  __kmalloc+0x4a/0x160
[ 2317.168076]  iter_file_splice_write+0x169/0xcb0
[ 2317.168417]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2317.168798]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2317.169195]  ? inode_security+0x105/0x140
[ 2317.169498]  ? security_file_permission+0xb5/0xe0
[ 2317.169838]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2317.170239]  direct_splice_actor+0x113/0x180
[ 2317.170554]  splice_direct_to_actor+0x33a/0x8c0
[ 2317.170898]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2317.171283]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2317.171648]  ? security_file_permission+0xb5/0xe0
[ 2317.171999]  do_splice_direct+0x1bc/0x290
[ 2317.172319]  ? __pfx_do_splice_direct+0x10/0x10
[ 2317.172661]  ? lock_is_held_type+0x9f/0x120
[ 2317.172995]  do_sendfile+0xb1d/0x12b0
[ 2317.173276]  ? __pfx_do_sendfile+0x10/0x10
[ 2317.173597]  __x64_sys_sendfile64+0x1d5/0x210
[ 2317.173934]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2317.174291]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2317.174687]  do_syscall_64+0x3f/0x90
[ 2317.174968]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2317.175335] RIP: 0033:0x7f746e5b1b19
[ 2317.175597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2317.176823] RSP: 002b:00007f746bb27188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2317.177366] RAX: ffffffffffffffda RBX: 00007f746e6c4f60 RCX: 00007f746e5b1b19
[ 2317.177867] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2317.178377] RBP: 00007f746bb271d0 R08: 0000000000000000 R09: 0000000000000000
[ 2317.178889] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2317.179397] R13: 00007ffcd6c9647f R14: 00007f746bb27300 R15: 0000000000022000
[ 2317.179880]  </TASK>
[ 2317.198062] syz-executor.0: attempt to access beyond end of device
[ 2317.198062] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2317.199682] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2317.202715] syz-executor.1: attempt to access beyond end of device
[ 2317.202715] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2317.203571] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2317.209091] syz-executor.3: attempt to access beyond end of device
[ 2317.209091] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2317.209996] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:40:41 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

15:40:41 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 12)

15:40:41 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 12)

15:40:41 executing program 4:
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)={0x0, <r0=>0x0})
ptrace$setopts(0x4200, r0, 0xc4d, 0x80029)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)=0x2000000)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:40:41 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 14)

[ 2317.287244] loop1: detected capacity change from 0 to 40
[ 2317.290368] loop3: detected capacity change from 0 to 40
[ 2317.298557] syz-executor.5: attempt to access beyond end of device
[ 2317.298557] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2317.300333] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:40:41 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 10)

15:40:41 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

[ 2317.346100] syz-executor.3: attempt to access beyond end of device
[ 2317.346100] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2317.346969] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2317.348486] syz-executor.1: attempt to access beyond end of device
[ 2317.348486] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2317.349328] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2317.363152] loop6: detected capacity change from 0 to 40
[ 2317.384774] loop7: detected capacity change from 0 to 40
[ 2317.403542] loop2: detected capacity change from 0 to 40
[ 2317.407837] loop4: detected capacity change from 0 to 40
[ 2317.413040] syz-executor.6: attempt to access beyond end of device
[ 2317.413040] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2317.413903] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2317.455187] loop0: detected capacity change from 0 to 40
[ 2317.522718] syz-executor.0: attempt to access beyond end of device
[ 2317.522718] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2317.523574] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2317.529599] syz-executor.4: attempt to access beyond end of device
[ 2317.529599] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2317.530443] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2317.541512] syz-executor.4: attempt to access beyond end of device
[ 2317.541512] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2317.543159] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:40:56 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

15:40:56 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
perf_event_open(&(0x7f0000000280)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0xffffffff, 0x100}, 0x48000, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, r2, 0x8)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:40:56 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 11)

15:40:56 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 15)

15:40:56 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

[ 2332.402966] loop5: detected capacity change from 0 to 40
[ 2332.403493] loop4: detected capacity change from 0 to 40
[ 2332.411312] loop6: detected capacity change from 0 to 40
15:40:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

15:40:56 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 13)

15:40:56 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 13)

[ 2332.424766] loop0: detected capacity change from 0 to 40
[ 2332.427718] loop7: detected capacity change from 0 to 40
[ 2332.452558] loop1: detected capacity change from 0 to 40
[ 2332.457919] loop2: detected capacity change from 0 to 40
[ 2332.458998] loop3: detected capacity change from 0 to 40
[ 2332.468975] syz-executor.4: attempt to access beyond end of device
[ 2332.468975] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2332.469870] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2332.479043] syz-executor.0: attempt to access beyond end of device
[ 2332.479043] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2332.480812] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2332.488589] syz-executor.6: attempt to access beyond end of device
[ 2332.488589] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2332.489525] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:40:57 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

15:40:57 executing program 4:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r1 = openat(r0, &(0x7f0000000000)='./file0\x00', 0x20000, 0x34)
r2 = dup3(r0, r1, 0x80000)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x1000}}, './file1/file0\x00'})
chdir(&(0x7f0000000140)='./file0\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r4, &(0x7f0000001180)=ANY=[], 0x220)
r5 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x100000000)
ioctl$int_in(r5, 0x5452, &(0x7f0000000180)=0xaf)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r6 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000000, 0x81}, 0x4412, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r7, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$AUTOFS_DEV_IOCTL_FAIL(r7, 0xc0189377, &(0x7f0000000040)={{0x1, 0x1, 0x18, r6, {0x7fff, 0x6}}, './file0\x00'})
sendfile(r4, r3, 0x0, 0xfffffdef)

15:40:57 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

15:40:57 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 16)

[ 2332.543725] FAULT_INJECTION: forcing a failure.
[ 2332.543725] name failslab, interval 1, probability 0, space 0, times 0
[ 2332.545439] CPU: 1 PID: 10248 Comm: syz-executor.1 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2332.546511] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2332.547590] Call Trace:
[ 2332.547947]  <TASK>
[ 2332.548268]  dump_stack_lvl+0xc1/0xf0
[ 2332.548825]  should_fail_ex+0x4b4/0x5b0
[ 2332.549403]  should_failslab+0x9/0x20
[ 2332.549945]  __kmem_cache_alloc_node+0x5b/0x310
[ 2332.550593]  ? iter_file_splice_write+0x169/0xcb0
[ 2332.551298]  ? iter_file_splice_write+0x169/0xcb0
[ 2332.551989]  __kmalloc+0x4a/0x160
[ 2332.552502]  iter_file_splice_write+0x169/0xcb0
[ 2332.553196]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2332.553926]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2332.554663]  ? inode_security+0x105/0x140
[ 2332.555291]  ? security_file_permission+0xb5/0xe0
[ 2332.555962]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2332.556696]  direct_splice_actor+0x113/0x180
[ 2332.557338]  splice_direct_to_actor+0x33a/0x8c0
[ 2332.558007]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2332.558720]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2332.559473]  ? security_file_permission+0xb5/0xe0
[ 2332.560165]  do_splice_direct+0x1bc/0x290
[ 2332.560760]  ? __pfx_do_splice_direct+0x10/0x10
[ 2332.561442]  ? lock_is_held_type+0x9f/0x120
[ 2332.562069]  do_sendfile+0xb1d/0x12b0
[ 2332.562210] loop5: detected capacity change from 0 to 40
[ 2332.562620]  ? __pfx_do_sendfile+0x10/0x10
[ 2332.563628]  __x64_sys_sendfile64+0x1d5/0x210
[ 2332.564287]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2332.565008]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2332.565752]  do_syscall_64+0x3f/0x90
[ 2332.566286]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2332.567007] RIP: 0033:0x7f2e3b857b19
[ 2332.567532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2332.569241] loop4: detected capacity change from 0 to 40
[ 2332.569954] RSP: 002b:00007f2e38dcd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2332.569991] RAX: ffffffffffffffda RBX: 00007f2e3b96af60 RCX: 00007f2e3b857b19
[ 2332.572345] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2332.573308] RBP: 00007f2e38dcd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2332.574278] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2332.575253] R13: 00007ffe89ecc33f R14: 00007f2e38dcd300 R15: 0000000000022000
[ 2332.576251]  </TASK>
15:40:57 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 12)

[ 2332.612721] syz-executor.4: attempt to access beyond end of device
[ 2332.612721] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2332.613572] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2332.618974] loop7: detected capacity change from 0 to 40
15:40:57 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

[ 2332.636622] syz-executor.3: attempt to access beyond end of device
[ 2332.636622] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2332.638186] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:40:57 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 14)

15:40:57 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

15:40:57 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17, 0x9}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000400)=ANY=[@ANYRESDEC, @ANYRESOCT=0x0, @ANYRES64=r0, @ANYRESDEC, @ANYBLOB="545c0e342e0d161112b686123da9544d972d0fe9d99e4194d18307f4a0b13e18c8f5055f17174b2ab1dd1eae4f3411d821abf23d76b8b58e750c71e348b31274f5b89c2094751b73c476c2b0a981afbd9212836b00fafcb023e0f2e43a2a225e45b5dbf21e7de027619b9c7b299f19d57acf7fdf9563f285afc9948ef1c7554370613a4aa3a5708c3702b857"])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2332.710981] loop6: detected capacity change from 0 to 40
[ 2332.712749] loop0: detected capacity change from 0 to 40
[ 2332.720227] loop5: detected capacity change from 0 to 40
[ 2332.744095] loop2: detected capacity change from 0 to 40
[ 2332.755315] loop4: detected capacity change from 0 to 40
[ 2332.758827] FAT-fs (loop4): Unrecognized mount option "1844674407370955161500000000000000000000000" or missing value
[ 2332.781095] syz-executor.0: attempt to access beyond end of device
[ 2332.781095] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2332.782617] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2332.784869] syz-executor.6: attempt to access beyond end of device
[ 2332.784869] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2332.786337] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2332.807196] loop1: detected capacity change from 0 to 40
[ 2332.856335] syz-executor.1: attempt to access beyond end of device
[ 2332.856335] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2332.857914] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2333.587491] loop4: detected capacity change from 0 to 40
[ 2333.591069] FAT-fs (loop4): Unrecognized mount option "1844674407370955161500000000000000000000000" or missing value
15:41:12 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

15:41:12 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:41:12 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 15)

15:41:12 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

[ 2348.242372] loop7: detected capacity change from 0 to 40
15:41:12 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 14)

15:41:12 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

15:41:12 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 13)

15:41:12 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 17)

[ 2348.261985] loop5: detected capacity change from 0 to 40
[ 2348.288974] loop3: detected capacity change from 0 to 40
[ 2348.289500] loop6: detected capacity change from 0 to 40
15:41:12 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

[ 2348.307555] loop1: detected capacity change from 0 to 40
[ 2348.310139] loop0: detected capacity change from 0 to 40
[ 2348.313417] loop2: detected capacity change from 0 to 40
[ 2348.316259] loop4: detected capacity change from 0 to 40
[ 2348.333147] syz-executor.6: attempt to access beyond end of device
[ 2348.333147] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2348.334023] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2348.336064] syz-executor.3: attempt to access beyond end of device
[ 2348.336064] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2348.336931] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:41:12 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

[ 2348.365508] loop7: detected capacity change from 0 to 40
[ 2348.366999] FAULT_INJECTION: forcing a failure.
[ 2348.366999] name failslab, interval 1, probability 0, space 0, times 0
[ 2348.368651] CPU: 1 PID: 10297 Comm: syz-executor.0 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2348.369721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2348.370768] Call Trace:
[ 2348.371121]  <TASK>
[ 2348.371458]  dump_stack_lvl+0xc1/0xf0
[ 2348.372003]  should_fail_ex+0x4b4/0x5b0
[ 2348.372571]  should_failslab+0x9/0x20
[ 2348.373102]  __kmem_cache_alloc_node+0x5b/0x310
[ 2348.373742]  ? iter_file_splice_write+0x169/0xcb0
[ 2348.374421]  ? iter_file_splice_write+0x169/0xcb0
[ 2348.375084]  __kmalloc+0x4a/0x160
15:41:12 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 18)

15:41:12 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 15)

[ 2348.375617]  iter_file_splice_write+0x169/0xcb0
[ 2348.376417]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2348.377126]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2348.377865]  ? inode_security+0x105/0x140
[ 2348.378468]  ? security_file_permission+0xb5/0xe0
[ 2348.379137]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2348.379872]  direct_splice_actor+0x113/0x180
[ 2348.380509]  splice_direct_to_actor+0x33a/0x8c0
[ 2348.381174]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2348.381865]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2348.382580]  ? security_file_permission+0xb5/0xe0
[ 2348.383240]  do_splice_direct+0x1bc/0x290
[ 2348.383839]  ? __pfx_do_splice_direct+0x10/0x10
[ 2348.384428] loop5: detected capacity change from 0 to 40
[ 2348.384496]  ? lock_is_held_type+0x9f/0x120
[ 2348.385434]  do_sendfile+0xb1d/0x12b0
[ 2348.385977]  ? __pfx_do_sendfile+0x10/0x10
[ 2348.386582]  __x64_sys_sendfile64+0x1d5/0x210
[ 2348.387215]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2348.387952]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2348.388674]  do_syscall_64+0x3f/0x90
[ 2348.389181]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2348.389858] RIP: 0033:0x7fb41b187b19
[ 2348.390367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2348.392684] RSP: 002b:00007fb4186fd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2348.393663] RAX: ffffffffffffffda RBX: 00007fb41b29af60 RCX: 00007fb41b187b19
[ 2348.394599] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2348.395539] RBP: 00007fb4186fd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2348.396487] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2348.397411] R13: 00007ffcd9ca88ff R14: 00007fb4186fd300 R15: 0000000000022000
[ 2348.398385]  </TASK>
[ 2348.417950] syz-executor.1: attempt to access beyond end of device
[ 2348.417950] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2348.419505] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:41:12 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

[ 2348.488858] loop3: detected capacity change from 0 to 40
[ 2348.490997] loop6: detected capacity change from 0 to 40
[ 2348.500518] loop2: detected capacity change from 0 to 40
[ 2348.515876] syz-executor.6: attempt to access beyond end of device
[ 2348.515876] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2348.516783] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2348.593362] syz-executor.3: attempt to access beyond end of device
[ 2348.593362] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2348.595194] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:41:26 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

15:41:26 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 14)

15:41:26 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

15:41:26 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 16)

15:41:26 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

15:41:26 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 19)

15:41:26 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
recvmsg$unix(r0, &(0x7f0000001700)={&(0x7f0000000180), 0x6e, &(0x7f0000001500)=[{&(0x7f00000000c0)=""/9, 0x9}, {&(0x7f0000000240)=""/12, 0xc}, {&(0x7f0000000300)=""/62, 0x3e}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/84, 0x54}, {&(0x7f00000013c0)=""/25, 0x19}, {&(0x7f0000001400)=""/146, 0x92}, {&(0x7f00000014c0)=""/55, 0x37}], 0x8, &(0x7f0000001580)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r1=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x148}, 0x80000101)
openat(r1, &(0x7f0000001740)='./file1\x00', 0x80000, 0x21)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r2, r0, 0x0, 0xfffffdef)
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040)={0x4000, 0x100, 0x11}, 0x18)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x200000c, 0x4010, r3, 0x4a44c000)

15:41:26 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 16)

[ 2362.328223] loop1: detected capacity change from 0 to 40
[ 2362.333388] loop5: detected capacity change from 0 to 40
[ 2362.335100] loop6: detected capacity change from 0 to 40
[ 2362.342053] loop0: detected capacity change from 0 to 40
[ 2362.342521] loop3: detected capacity change from 0 to 40
[ 2362.345535] loop7: detected capacity change from 0 to 40
[ 2362.347997] loop2: detected capacity change from 0 to 40
[ 2362.348123] loop4: detected capacity change from 0 to 40
[ 2362.416143] syz-executor.0: attempt to access beyond end of device
[ 2362.416143] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2362.418163] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2362.437171] syz-executor.4: attempt to access beyond end of device
[ 2362.437171] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2362.438857] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2362.448942] syz-executor.1: attempt to access beyond end of device
[ 2362.448942] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2362.450608] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2362.453767] syz-executor.6: attempt to access beyond end of device
[ 2362.453767] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2362.455294] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:41:26 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

[ 2362.461599] syz-executor.3: attempt to access beyond end of device
[ 2362.461599] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2362.463314] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:41:27 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

15:41:27 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 15)

15:41:27 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 20)

15:41:27 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 17)

15:41:27 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 17)

[ 2362.591767] loop5: detected capacity change from 0 to 40
[ 2362.605528] loop7: detected capacity change from 0 to 40
[ 2362.637391] loop6: detected capacity change from 0 to 40
[ 2362.646921] loop0: detected capacity change from 0 to 40
[ 2362.656481] loop3: detected capacity change from 0 to 40
[ 2362.668184] loop1: detected capacity change from 0 to 40
[ 2362.693225] syz-executor.6: attempt to access beyond end of device
[ 2362.693225] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2362.694865] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2362.736042] syz-executor.0: attempt to access beyond end of device
[ 2362.736042] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2362.737791] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2362.739716] syz-executor.1: attempt to access beyond end of device
[ 2362.739716] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2362.741241] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2362.745720] syz-executor.3: attempt to access beyond end of device
[ 2362.745720] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2362.747421] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:41:27 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

[ 2362.812721] loop5: detected capacity change from 0 to 40
15:41:27 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 21)

15:41:27 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 16)

15:41:27 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 18)

[ 2362.872527] loop0: detected capacity change from 0 to 40
[ 2362.876492] loop6: detected capacity change from 0 to 40
[ 2362.894150] loop1: detected capacity change from 0 to 40
[ 2362.901561] FAULT_INJECTION: forcing a failure.
[ 2362.901561] name failslab, interval 1, probability 0, space 0, times 0
[ 2362.902980] CPU: 0 PID: 10355 Comm: syz-executor.6 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2362.903996] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2362.904990] Call Trace:
[ 2362.905321]  <TASK>
[ 2362.905619]  dump_stack_lvl+0xc1/0xf0
[ 2362.906133]  should_fail_ex+0x4b4/0x5b0
[ 2362.906667]  should_failslab+0x9/0x20
[ 2362.907169]  __kmem_cache_alloc_node+0x5b/0x310
[ 2362.907783]  ? iter_file_splice_write+0x169/0xcb0
[ 2362.908421]  ? iter_file_splice_write+0x169/0xcb0
[ 2362.909042]  __kmalloc+0x4a/0x160
[ 2362.909521]  iter_file_splice_write+0x169/0xcb0
[ 2362.910140]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2362.910822]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2362.911539]  ? inode_security+0x105/0x140
[ 2362.912104]  ? security_file_permission+0xb5/0xe0
[ 2362.912737]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2362.913416]  direct_splice_actor+0x113/0x180
[ 2362.914007]  splice_direct_to_actor+0x33a/0x8c0
[ 2362.914631]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2362.915282]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2362.915962]  ? security_file_permission+0xb5/0xe0
[ 2362.916595]  do_splice_direct+0x1bc/0x290
[ 2362.917149]  ? __pfx_do_splice_direct+0x10/0x10
[ 2362.917792]  ? lock_is_held_type+0x9f/0x120
[ 2362.918367]  do_sendfile+0xb1d/0x12b0
[ 2362.918895]  ? __pfx_do_sendfile+0x10/0x10
[ 2362.919487]  __x64_sys_sendfile64+0x1d5/0x210
[ 2362.920087]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2362.920743]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2362.921418]  do_syscall_64+0x3f/0x90
[ 2362.921896]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2362.922551] RIP: 0033:0x7f746e5b1b19
[ 2362.923029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2362.925260] RSP: 002b:00007f746bb27188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2362.926207] RAX: ffffffffffffffda RBX: 00007f746e6c4f60 RCX: 00007f746e5b1b19
[ 2362.927093] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2362.927989] RBP: 00007f746bb271d0 R08: 0000000000000000 R09: 0000000000000000
[ 2362.928877] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2362.929762] R13: 00007ffcd6c9647f R14: 00007f746bb27300 R15: 0000000000022000
[ 2362.930684]  </TASK>
[ 2362.949985] syz-executor.0: attempt to access beyond end of device
[ 2362.949985] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2362.951516] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:41:39 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 18)

15:41:39 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 22)

15:41:39 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 19)

15:41:39 executing program 4:
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000000)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}, {&(0x7f0000000300)="153f03f93c4c9e1af1ee86f4c7c7a3c787ce057a3caa873dc240c5377de56c35be17e205d4b021eaa1978fd46c0aa8d354b2fe86df6b3ca57256a82903645778f997eed005c4717f4a2e4f1fdddbf5c724375952b91694249d76d3f826915a4b8ebb3d05bb3301b7fbb5942c9ea0163573120b8c29a64e573f0541119dc21ec7ac98c5cc75e8a97f35f60509e1cd5b80961f923708771abd5653d7", 0x9b, 0x9}, {&(0x7f00000003c0)="bca4ac07c504fec8e83b16400d79e2e874ce4c62b00e008151291047b35fa9c0ff45ad2a60014406f4e00900031b98909a5e22df3de36bf1092ee964b19c3a709bfdbe8883b5c88bee77d81ca3b5d91265ef1ea2f63abb34bab128024636f387b1f6bd7a35495c9f30b7e4da975982ceb27e0b3b15f85a9a7143f2aad50dd6c2ba5de2d0cabdbe596087139b373759f2c9955024ef788dfb78c562ba45f74ba56e035b51e46709538c027e74a14e15b99c6d680ef3df470e0bf6", 0xba, 0x4}, {&(0x7f0000000480)="50c241ffe9e621da89c125b7cd8e883da88aa7b47b5d231f09cfa6bbe9c2c0c0e970a00751d5f96a9c9d70aa808fc35a2eb4958cf892c1f1a4e761c3ef83d6c562276563254c93f7b36644a9f054a668ad2af6869dc4eeae644290e4f8e30a2a1a9c5573871a0b2e9072d4aad44afd365b5e3dcaf3fd293d9e3a20cb25c13daf10480513ae627d014b93beb2fe630fadc03e481be9d7ba9963abf7ad7b7167c3f0087a61ad3c64c391f5a7940b6f99c9b918c1f5796e4e3b36fcbc8802323ccead7e83b05c6fe5f2c263bf26202fec0c98b76ce3791686d1a49740dee5eb6fed0d9e3b34b9620d75517b7069e735fc", 0xef, 0xfffffffffffff499}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
getresgid(&(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000340)=<r2=>0x0)
chown(&(0x7f00000001c0)='./file0\x00', 0xee01, r2)
getresgid(&(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000340)=<r3=>0x0)
chown(&(0x7f00000001c0)='./file0\x00', 0xee01, r3)
syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x1f, 0x4, &(0x7f0000000680)=[{&(0x7f00000001c0)="7fc12aac58586e2e5a76e4718d1258ab915512edf78c1477790f9cc046a054ad467aa87e236e01f4e8a4177d9360f32614d626e1e1cf7fdc29e826dc287e79bc89009b208c1e45c08f", 0x49, 0x9}, {&(0x7f0000000240)="ad8252581b4d0559c6580bef9754c0ebadb38d5c1dcc52919c566c10caac4407bd00ea02321f6b95a06244", 0x2b, 0x6}, {&(0x7f0000000580)="02396f5d9f37d7b5b820b35ac8034c1ab1c0f6afa4b9708f63e6350f52b889612e8e8dd4d8a9063dcc6edf77e479c23a80622f443600d82093cc9bf18cbb661c4e7913dc26145c6190caeacb203b21ab0404feaac13af6b7f7515e0caf9476f0ed1dbf9e53c1a75c6ee7", 0x6a, 0x8}, {&(0x7f0000000600)="fb6dea7a864592854097be14cfff827f3f11f57d941649b62c4c2dfbc4073d1b8b336cf3a666b368ae06dd3648241f508bb35946596fc5b50ac4a2f138154fcd3480a1e2a243fd5db3ebfb6e", 0x4c, 0xffff}], 0x92004, &(0x7f0000000700)={[{@nr_inodes={'nr_inodes', 0x3d, [0x33, 0x30]}}, {@huge_within_size}, {@huge_never}, {@gid={'gid', 0x3d, r2}}, {@huge_never}, {@gid={'gid', 0x3d, r3}}], [{@fsuuid={'fsuuid', 0x3d, {[0x38, 0x62, 0x30, 0x65, 0x61, 0x39, 0x64, 0x61], 0x2d, [0x33, 0x39, 0x65, 0x30], 0x2d, [0x64, 0x39, 0x62, 0x6a], 0x2d, [0x31, 0x61, 0x7665172008fb89db, 0x33], 0x2d, [0x33, 0x66, 0x66, 0x37, 0x62, 0x63, 0x64, 0x64]}}}, {@subj_type={'subj_type', 0x3d, '*@'}}, {@obj_user={'obj_user', 0x3d, 'vfat\x00'}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]})
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x4010}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:41:39 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

15:41:40 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x0)

15:41:40 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

15:41:40 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 17)

[ 2375.483128] loop6: detected capacity change from 0 to 40
[ 2375.496221] loop7: detected capacity change from 0 to 40
[ 2375.502141] loop1: detected capacity change from 0 to 40
[ 2375.507955] loop3: detected capacity change from 0 to 40
[ 2375.527805] loop4: detected capacity change from 0 to 16372
[ 2375.530717] loop5: detected capacity change from 0 to 40
[ 2375.534952] loop2: detected capacity change from 0 to 40
[ 2375.546344] FAT-fs (loop4): invalid media value (0xce)
[ 2375.547303] FAT-fs (loop4): Can't find a valid FAT filesystem
15:41:40 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 1)

[ 2375.555850] loop0: detected capacity change from 0 to 40
[ 2375.558463] bio_check_eod: 1 callbacks suppressed
[ 2375.558475] syz-executor.3: attempt to access beyond end of device
[ 2375.558475] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2375.559768] buffer_io_error: 1 callbacks suppressed
[ 2375.559776] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2375.564535] syz-executor.1: attempt to access beyond end of device
[ 2375.564535] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2375.566393] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2375.599858] syz-executor.6: attempt to access beyond end of device
[ 2375.599858] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2375.601671] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2375.603861] loop4: detected capacity change from 0 to 255
15:41:40 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 20)

[ 2375.644318] syz-executor.0: attempt to access beyond end of device
[ 2375.644318] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2375.645326] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:41:40 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 19)

[ 2375.687374] loop7: detected capacity change from 0 to 40
[ 2375.690510] loop3: detected capacity change from 0 to 40
15:41:40 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 18)

[ 2375.703505] FAULT_INJECTION: forcing a failure.
[ 2375.703505] name failslab, interval 1, probability 0, space 0, times 0
[ 2375.704356] CPU: 1 PID: 10385 Comm: syz-executor.7 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2375.704916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2375.705484] Call Trace:
[ 2375.705679]  <TASK>
[ 2375.705857]  dump_stack_lvl+0xc1/0xf0
[ 2375.706174]  should_fail_ex+0x4b4/0x5b0
[ 2375.706496]  should_failslab+0x9/0x20
[ 2375.706773]  __kmem_cache_alloc_node+0x5b/0x310
[ 2375.707103]  ? alloc_pipe_info+0x10e/0x590
[ 2375.707405]  kmalloc_trace+0x26/0xc0
[ 2375.707676]  alloc_pipe_info+0x10e/0x590
[ 2375.707963]  splice_direct_to_actor+0x6e6/0x8c0
[ 2375.708298]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2375.708640]  ? inode_security+0x105/0x140
[ 2375.708936]  ? selinux_file_permission+0x96/0x510
[ 2375.709277]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2375.709642]  ? security_file_permission+0xb5/0xe0
[ 2375.709984]  do_splice_direct+0x1bc/0x290
[ 2375.710298]  ? __pfx_do_splice_direct+0x10/0x10
[ 2375.710633]  ? lock_is_held_type+0x9f/0x120
[ 2375.710947]  do_sendfile+0xb1d/0x12b0
[ 2375.711223]  ? __pfx_do_sendfile+0x10/0x10
[ 2375.711527]  __x64_sys_sendfile64+0x1d5/0x210
[ 2375.711860]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2375.712206]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2375.712573]  do_syscall_64+0x3f/0x90
[ 2375.712835]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2375.713188] RIP: 0033:0x7f7050f93b19
[ 2375.713443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2375.714620] RSP: 002b:00007f704e509188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2375.715126] RAX: ffffffffffffffda RBX: 00007f70510a6f60 RCX: 00007f7050f93b19
[ 2375.715598] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2375.716075] RBP: 00007f704e5091d0 R08: 0000000000000000 R09: 0000000000000000
[ 2375.716556] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2375.717032] R13: 00007ffeb40769df R14: 00007f704e509300 R15: 0000000000022000
[ 2375.717521]  </TASK>
15:41:40 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 1)

15:41:40 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 23)

15:41:40 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 1)

[ 2375.744653] syz-executor.3: attempt to access beyond end of device
[ 2375.744653] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2375.745610] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2375.767148] loop0: detected capacity change from 0 to 40
[ 2375.783184] loop1: detected capacity change from 0 to 40
[ 2375.790007] loop5: detected capacity change from 0 to 40
[ 2375.799100] loop6: detected capacity change from 0 to 40
[ 2375.801598] loop2: detected capacity change from 0 to 40
[ 2375.860750] FAULT_INJECTION: forcing a failure.
[ 2375.860750] name failslab, interval 1, probability 0, space 0, times 0
[ 2375.862262] CPU: 1 PID: 10396 Comm: syz-executor.5 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2375.863361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2375.864361] Call Trace:
[ 2375.864687]  <TASK>
[ 2375.864984]  dump_stack_lvl+0xc1/0xf0
[ 2375.865494]  should_fail_ex+0x4b4/0x5b0
[ 2375.866040]  should_failslab+0x9/0x20
[ 2375.866647]  __kmem_cache_alloc_node+0x5b/0x310
[ 2375.867322]  ? alloc_pipe_info+0x10e/0x590
[ 2375.867928]  kmalloc_trace+0x26/0xc0
[ 2375.868428]  alloc_pipe_info+0x10e/0x590
[ 2375.868965]  splice_direct_to_actor+0x6e6/0x8c0
[ 2375.869684]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2375.870319]  ? inode_security+0x105/0x140
[ 2375.870872]  ? selinux_file_permission+0x96/0x510
[ 2375.871643]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2375.872341]  ? security_file_permission+0xb5/0xe0
[ 2375.873089]  do_splice_direct+0x1bc/0x290
[ 2375.873638]  ? __pfx_do_splice_direct+0x10/0x10
[ 2375.874347]  ? lock_is_held_type+0x9f/0x120
[ 2375.874961]  do_sendfile+0xb1d/0x12b0
[ 2375.875558]  ? __pfx_do_sendfile+0x10/0x10
[ 2375.876228]  __x64_sys_sendfile64+0x1d5/0x210
[ 2375.876914]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2375.877616]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2375.878421]  do_syscall_64+0x3f/0x90
[ 2375.879037]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2375.879710] RIP: 0033:0x7f6e1785cb19
[ 2375.880278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2375.882775] RSP: 002b:00007f6e14dd2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2375.883719] RAX: ffffffffffffffda RBX: 00007f6e1796ff60 RCX: 00007f6e1785cb19
[ 2375.884706] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2375.885594] RBP: 00007f6e14dd21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2375.886483] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2375.887374] R13: 00007ffe2a2236ff R14: 00007f6e14dd2300 R15: 0000000000022000
[ 2375.888304]  </TASK>
[ 2375.912564] syz-executor.0: attempt to access beyond end of device
[ 2375.912564] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2375.914226] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2375.917787] FAULT_INJECTION: forcing a failure.
[ 2375.917787] name failslab, interval 1, probability 0, space 0, times 0
[ 2375.919132] CPU: 0 PID: 10397 Comm: syz-executor.2 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2375.920143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2375.921145] Call Trace:
[ 2375.921473]  <TASK>
[ 2375.921762]  dump_stack_lvl+0xc1/0xf0
[ 2375.922437]  should_fail_ex+0x4b4/0x5b0
[ 2375.922991]  should_failslab+0x9/0x20
[ 2375.923459]  __kmem_cache_alloc_node+0x5b/0x310
[ 2375.924108]  ? alloc_pipe_info+0x10e/0x590
[ 2375.924779]  kmalloc_trace+0x26/0xc0
[ 2375.925346]  alloc_pipe_info+0x10e/0x590
[ 2375.925978]  splice_direct_to_actor+0x6e6/0x8c0
[ 2375.926698]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2375.927473]  ? inode_security+0x105/0x140
[ 2375.928126]  ? selinux_file_permission+0x96/0x510
[ 2375.928674] syz-executor.1: attempt to access beyond end of device
[ 2375.928674] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2375.928851]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2375.930297] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2375.930959]  ? security_file_permission+0xb5/0xe0
[ 2375.932646]  do_splice_direct+0x1bc/0x290
[ 2375.933294]  ? __pfx_do_splice_direct+0x10/0x10
[ 2375.934031]  ? lock_is_held_type+0x9f/0x120
[ 2375.934710]  do_sendfile+0xb1d/0x12b0
[ 2375.935316]  ? __pfx_do_sendfile+0x10/0x10
[ 2375.935995]  __x64_sys_sendfile64+0x1d5/0x210
[ 2375.936690]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2375.937454]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2375.938259]  do_syscall_64+0x3f/0x90
[ 2375.938826]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2375.939599] RIP: 0033:0x7fe077f6cb19
[ 2375.940172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2375.942754] RSP: 002b:00007fe0754e2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2375.943853] RAX: ffffffffffffffda RBX: 00007fe07807ff60 RCX: 00007fe077f6cb19
[ 2375.944872] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2375.945897] RBP: 00007fe0754e21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2375.946914] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2375.947940] R13: 00007ffda5f9e29f R14: 00007fe0754e2300 R15: 0000000000022000
[ 2375.948252] syz-executor.6: attempt to access beyond end of device
[ 2375.948252] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2375.949002]  </TASK>
[ 2375.950946] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2376.329904] loop4: detected capacity change from 0 to 16372
[ 2376.331404] FAT-fs (loop4): Unrecognized mount option "./file0" or missing value
[ 2376.351518] loop4: detected capacity change from 0 to 255
15:41:55 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 20)

15:41:55 executing program 4:
r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x7f, 0x2)
ioctl$CDROM_SELECT_DISK(r0, 0x5322, 0x5)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(r2, &(0x7f00000000c0)='./file1\x00', 0x1a1501, 0x0)
write$binfmt_aout(r2, &(0x7f0000000300)={{0xcc, 0x3f, 0x81, 0x27, 0x36f, 0x50ec, 0x2a2, 0x9}, "75249898070bff3ad2ac970da216975e86966a4e975eccca1c92ec80e43e10c0fffbb11eb75a0e99d1abb531bcf881f6c4172aac397b2b5d81b85146dd7b0b4672b55899bb8de5bafc6b1b5bf7fbc82e331e40580a0f77705d594213709b07328948585e6a8c08f664db74f6e1daae2366df91eb2829d8b22631f4a26a37f08414ec0956de8b9ac3cbf63841891e48772706f86c3c0a792f78d9862d74bc75f819eee251eee6ea6ce6725353ce3ef63d16c7c584a7a1d002a582637bed6d321d5b3d02decb595649fa6dcb0cc6f318051bab6af037f4b72eb8e36de12e0683af299d239dba221659d62c4733dfdf34a12759b25c0566a7fb4af1d7e1db9141974c0c58d53795f023e83530c6318aa030a12f035b8ad1f744549137082c5d084a9d18c092aecc90f3ff689dbb8fb443860c30e897370c7c3457f53f0fd1c93cfaf7f2f89780fe6e1ddd8600fdccecc440875fa0058479d2b139642140c5624502e7e398c197a9bc92a298ead2b149b9451267ba4b3c658ee91d73dfced0c5b4e800d7fe960575b93e0541adc181aae829c56d02e5e88aa0e180e990d1f48dde06419a9129b99f0888d1fa88f719505150f139a06b0e49c9b6cc764bc6022888061411a2f57cd8f3673b5ffece19e8c82e205c57e9bae86aa58bf6f81664d869c3227bcb5c929322ad73e75fdd0c8c9f08d1b34344479543e67da00ab4c653452b5cce4e428bd622fa768c92efabd588c54fe7a1c97974680df5b1f11b39802db118a0ca64d651ff4a52b2fc07a3912d8f9697af3f53ef65950ab873b86ad1decea4cff8390512e6d00675a9f5371103d424871705615474cdf397fb161e2b3139641ff7a81084b3a55ed072c3575cc1cb9951312f206473d8248f18ce10c10ab841c48572a64aff6094d3a59cc752bc78ff2a84381130d23bf657878b3d8df05ade1e06bd73ce449c4d9b4488cdbdbc112482f29c39311066e2130ef8922183da9949970af816402d92416c2ca1b04befe6a6fccb1e548b19992f026805096ddc1b2ab2357555ac369bc3378135ac4f90c91ae807670cc29a87f914d3998184b9f7b304322a31012a58d0f3d8f3bd905cf32253f6e45cd9c77cd908805cdef3e40252c56c22cfbd627ac1bdb80e5285495d839101598d80b82ebf942a0d2640572cba3469616a493bc252ec52979f730628572cfd9fac0d31c1de57858678a850e17c5c4f9b52785d03245d2ca0be5cd269677a827a08c9083695d89e205fa75fe45ae4dffbb0587341c14ba883544817e92a5bbd7e227f5655d4e37765034cb46bf7c10436804eb0c2f654547701cd77b97f238b37457f7d016edb09eb12bfa3f4bd448a45f5c3b2ffcce6bf424c6795415395d46f87ff5da1720f3df255994cc6e43d0140d892915b46f18413ed33324a1d0f9bbf15372c1f2c952c0f14b3912b5b44a2a6709493950ff12e24ead276f2971f137bf4e8cea0a497f6007cc4a56d9517cfced7c315277ba72169250d13415a3c7f558d74495973d822907815a8c429e024947c3bf39f8d9ca0b6ad2f120a70ff7bffa550c7dbcc06b2a6ddcacfd47699b7d4c1a783be54cd025b0f3ef8378246d6c4035f6d0ef54097adcd70747334cc51d37a521bbb329c7c2f4eef3ef6939a38cf6146622cb57ab57a6222ece6e16360cf65f386ccffc91a8868d8713c83fd2359aa4e4247bd0c737fa83b3196b127340febebde4e74323366acde59f526ec64eeb9cee742179bf7814c05a859c7c53b1f6ee89431460ed790afce98764a1c4e32131389e8e3d12f110348125051db826904b284c863b462eacb25d8141ef87dd3b6d776a7a407834fa7c56bbf8aa1182abc217a0f0dd038a74c6baa4b6a6036245af05c4529e3ad2ad602283df48fb1d401c3100c91f50dcee009dfc3ac3048305716c2edb46036223b6626c60fa22aad01cfa998cfa4fa703739bdf2276d7d13ae89235cc6d42ae04ef3414bfcee68a58266d92fccad4fe93317cef8053526de543281da4f5daaa370a61cf82afdfca2199c08b518081255ed684b4312df030ddd97b4642485509331b8b9ed99d39975d1075167a4e9ad32db7aa5981133a13cd8f32173271252920d0bc2b4da06e815462c10a98ec01f4bca63eed3b584445e9ec53d6914be73dadd643990384e52cf81c3d5803d374830de7a029173dc13c8e981b4f3a46d9f75aa6f1a9558a83d739669d6428d6449d0b73c07be555e10a02919c3ed1f4bc38e4098318f886ba00fb7eb4ca337adf69b5e084c464d8f4fc60b2de23da1be04218271343b074fd7b8c5ebacd1dee38521f4b159bde5221e1e96cf704d30c5a47635dca7530af63c54d7c3b09e04e73e50ed61349b877b44f61acbbf4c07ee3dc7ffdcdbf7d829caa21947d10e77ef1358d282b08cf7a6fca1f3e178d4bccaaeef1fbd3cc1ddcab4c4b46155083227e060d129ef3b336f979cd53f1646a73b977aa250eed96562071b8ff3ae5410a342a1824b01554e13d6495ba958c523443a816db64ad0361654a95125913d332e46dcb34ea1bd8e5ca7fd1dc40a928db0b7f16c0f11b4b9a8ecfeb3c7d02825d7d34c5303644181bd96f7427eaceede84e596d55f96ce84917e7e88be4a09fbf6db735cd90f7cabd79eb42340d42f7466bffae370599e22d0f9537990f646f104a8cf475a85523385228e903b9350d962332ce65f71e35ffe4cda4011df7d1e686df0e1df2811b3411b96453408da82b1121452169f282b385045b92bd7514215bd1dd0df9f8828205a22b9db34866fad114fbef948c02f2154fd709d794879b63be529ddb0642e5ade624dd8bd1bdd5c082e531374eb2a9c151902af6ee2f3f725cb917148f30e8b415b4e10cdfeb1ba46b2479f442c534ab5f0e6645e70cd359928e9b8fa5db0392331410689b5c284c278946c3b3a9027d279056f2baf7c3ae3936c11a822e75be5c4f2d53bf73b786ae05715b73f476ad2dd2452273aaefdcfb0fac3324b53c8ef1d43c6285fc86fd1b8d8956a48cbfea71f77f9c01167bd969d74e602cd7a3598e2d52d849ab39179523e62efdefa71f9b9f7677e21b42332ea69ee1ec6426f9e76f403fefec8e2f7ad88136fb17d5450d28192d73f88794c701d9e5cedb87afe5c739c68790f46373f8f051aa7d7ffd91f0e66ad1369f4ce060017b72ee24d3feacce1eba90e1d2c70c1d130ba5b6aafb525fe77c2031bacf59088aefb676e9230e4c2fc75d131be25a76d68211cd92e5aa31f1f45edc5121834f82b3bd24feba9d15e391a3b7c25b8e5267ad72764fed892960ebbdda3e494a284a76faa27c4a7b81bb5d3eb14b485e35aea0e85ef7775b8a0294b9a7d1aec2c596b05521eb42e877c184b7ee87f3d6744946961a7724142d5035b8e0f4b85067952f8a473fbc4e3828c4dc21eaf03ad859abc7566334caaa655aa7187decc56a3a3719b91683b37a3555da59ab9074affbca357c0ee27353f0df9f5a4555387988f1a891b08731256c14ca6477330e1773c7ebdb1ce77ec69e3597db7167e9914574e2cfa8e695ba1b686759d20b56671fb162c2f2880fbac5e09127b0e0e50eae3e4fb7601f4ea2ed8fa741530fe0c30b0d933b8b34c5bbc133e8b8e4f8f0446f6914177fbe736d8a68ef2ff14d1127cb85b5c274d5c464aa7b2d177614f96958ba93205c64cb150b2ec18e5d137a71670d20cc041c75626fea9ca11df46f72c4df999c64bc586869fdb05e12f628b7086be50080e9a93e6ede680171169f661a144a385d9b447cc8bc6df5087e0f142b3e32076ec01330f320887a5b11b1456a882175b2b2522e59d9122db6835e10de3ebdb6d6e8c8e5fde045a754ab3cb7c4a106c47de31ed5d9ed568c75c2de9f1e05a19303b806dd267280a3de5e816e344b7b45694a4a5700397ebf60a55e088f252bf25b385d0d9c26ba9a8878aa384383e85cba51d83f9ab27ec09289722bf9b60384c488386c16e6173c0864e9d691d6954321426e9c3352384c2cdde941fedcd911b96094ee4ec1082c10515e9c9aa9aa99c111a3d31f3b5d0fee82321c650e614e1bbec4a2812b508c5db62c05512d8409ef0268a539ccfdb883687b45f4d6ad2c821efe5a5cb8da018fa645ab7ab580e3bb1dff9cd012962a6d0f68f7139c9a8a25d6b4b56886869c3e4296499b15e0be41ea41ce9e21d1d3c2b9576ff642d718fd0e4c64b30380e3dc8948f4d1335098f9cf509a6aa5ceddab3b2f85fe6acb7de882007f1b82ce5b44c62a73cea84ce14f41f03f9202947b940926db0a0ba1ee7a23e4afb1a751ec9c260f884f98de32861eb292637680663afd18960288fff73f3db5c91f3a1cb425caf2fb1da247c41c05bd9480e14a8e7f167c5dae8da1a23aa0090cc1db2da9a4167f2ec6d1ac81f85f2ab046a61ada3776b87e4dfd7cad11d0dc69c3b0630df0d380e04aa4c5d15d6a51a232286cb38c4e793712f4690f3eb4be29d91275e2a183bcdaaf08fe2ceb058c88c34be8cb4e90ce1121308805b98f829a07fd2a1c4f6668c1b1a6bcf6fee0fbcfd42a14d3bfb8b40d56bbd1e4cac75ca1b92ac2efd8322c2c4f8fef4bd54566a652635193e9f5405150b633e172a2fdbf78d2b74fe43aa139aa48a319093cfec92b7987d6c943ea55b1f0afbba16282f3501a7cef9d554e91632b7154a0dc423e88c3d5086ffa46ddc6fd5fb52b5ef4a082a91de51177b4ed47094d6dda5e138fb665c68287046a10f0cf354b8c22d2d407118518ed0074b0a929c31afc74f71946408a8e4ef22f0e53e2d3f7ba555cc6e701409342d1af0bf2364a36feea00671c4270f59762ff8a964e398a6985d678984964751866251b0da8479a41ad50e18c115ea2c08ad5abb7882aa78d8fe3cb49cb77f92cad2d58badbca59175d52a1d5550d089e8172ddd022f4c8a5b3937cfb34a66289dbbe153adab5c0e7336c867eb6e35658437820f2ecbc616ac3afb36f2c74d13a3f90bb16e1a9feff724fcdc21efd144f4d31b4d634c2c8ffcde2675fb215b6296f9d757b92aef195e331211521fe4f98e4b534d44a447e52ed41054209a7b191b8ef1811278659847bf96f464176b91030fdb358027735efdacd2f1284b10b58b17828b94da0849d8c5264d6ab8d291213db8ebc4b084d3ed124a8b0983d26a45e8a6e9722255a166ce7c03d67778b906b77b184e22d8964b4b31fa128f6a6c09a5e0d2cee125590171a5759e2d7e38b84c3c398bf5a724a4aba12bca9cb02b93fb99c8d540a12f6a8403a7154a5af6fe51b6b463778dc39e3c726524862fddc1f61bd8295f442330765c5a557e832b10312c119a3d9f485955d4598e49984da152e2729f109a766e74c630f47f7b3720840c1eb9ee7537e821c57cafc2b4c7ab81ee36b833bb1a9eb8dc6916485c56edd6ce4214d8779b8f294ea5be811c681c500f4c4b38629c3c9939378a3ad91a6d20a4fde550908fc823b6231fd915af3b17a97fbfb2b8062eea3f8a89a6b8a4f43072a1958f951e7207fb28f538b2a8e60a54eaa3dafb919811fad6c95a0ad10fb2c415bf6e740a90b0d7a794b5c88f35548cebad25ff7e77834798567bb7dab3aab5edc62299e8862fb2178eefbb4e400356cfd5bca46f73163f06347381a04e83e0d8f515bc468536f273bc1f7f8811ef10d91906e77c63a5ad368d34dfa60dbaa080bbc206dd8097ffe1f19dd00a8d61e1069613e1ba1d686e956f7975a1fafc0d5af54a897274ab2863e774124509f50fbadb5f80eb0d123e1bcd804b9cded95ff065", ['\x00', '\x00', '\x00']}, 0x1320)
sendfile(r2, r1, 0x0, 0xfffffdef)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)

15:41:55 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 2)

15:41:55 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 19)

15:41:55 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 2)

15:41:55 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 2)

15:41:55 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 21)

15:41:55 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 24)

[ 2390.854137] loop4: detected capacity change from 0 to 40
[ 2390.878406] loop0: detected capacity change from 0 to 40
[ 2390.888906] loop3: detected capacity change from 0 to 40
[ 2390.890584] loop5: detected capacity change from 0 to 40
[ 2390.900359] loop7: detected capacity change from 0 to 40
[ 2390.913117] loop6: detected capacity change from 0 to 40
[ 2390.917374] loop1: detected capacity change from 0 to 40
[ 2390.917724] loop2: detected capacity change from 0 to 40
[ 2390.995094] FAULT_INJECTION: forcing a failure.
[ 2390.995094] name failslab, interval 1, probability 0, space 0, times 0
[ 2390.995669] syz-executor.7: attempt to access beyond end of device
[ 2390.995669] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2390.996566] CPU: 0 PID: 10423 Comm: syz-executor.1 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2390.998096] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2390.999006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2390.999029] Call Trace:
[ 2390.999039]  <TASK>
[ 2390.999050]  dump_stack_lvl+0xc1/0xf0
[ 2391.000557] syz-executor.3: attempt to access beyond end of device
[ 2391.000557] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2391.000953]  should_fail_ex+0x4b4/0x5b0
[ 2391.001374] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2391.001614]  should_failslab+0x9/0x20
[ 2391.005335]  __kmem_cache_alloc_node+0x5b/0x310
[ 2391.005948]  ? iter_file_splice_write+0x169/0xcb0
[ 2391.006575]  ? iter_file_splice_write+0x169/0xcb0
[ 2391.007202]  __kmalloc+0x4a/0x160
[ 2391.007671]  iter_file_splice_write+0x169/0xcb0
[ 2391.008307]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2391.008972]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2391.009658]  ? inode_security+0x105/0x140
[ 2391.010217]  ? security_file_permission+0xb5/0xe0
[ 2391.010829]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2391.011489]  direct_splice_actor+0x113/0x180
[ 2391.012087]  splice_direct_to_actor+0x33a/0x8c0
[ 2391.012707]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2391.013345]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2391.014011]  ? security_file_permission+0xb5/0xe0
[ 2391.014633]  do_splice_direct+0x1bc/0x290
[ 2391.015171]  ? __pfx_do_splice_direct+0x10/0x10
[ 2391.015801]  ? lock_is_held_type+0x9f/0x120
[ 2391.016365]  do_sendfile+0xb1d/0x12b0
[ 2391.016878]  ? __pfx_do_sendfile+0x10/0x10
[ 2391.017437]  __x64_sys_sendfile64+0x1d5/0x210
[ 2391.018020]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2391.018659]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2391.019331]  do_syscall_64+0x3f/0x90
[ 2391.019822]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2391.020465] RIP: 0033:0x7f2e3b857b19
[ 2391.020936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2391.021061] syz-executor.0: attempt to access beyond end of device
[ 2391.021061] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2391.023064] RSP: 002b:00007f2e38dcd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2391.023097] RAX: ffffffffffffffda RBX: 00007f2e3b96af60 RCX: 00007f2e3b857b19
[ 2391.023118] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2391.023138] RBP: 00007f2e38dcd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2391.024766] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2391.025591] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2391.029952] R13: 00007ffe89ecc33f R14: 00007f2e38dcd300 R15: 0000000000022000
[ 2391.030833]  </TASK>
[ 2391.032017] syz-executor.2: attempt to access beyond end of device
[ 2391.032017] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2391.033705] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2391.036105] syz-executor.5: attempt to access beyond end of device
[ 2391.036105] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2391.037813] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2391.053558] syz-executor.4: attempt to access beyond end of device
[ 2391.053558] loop4: rw=2049, sector=48, nr_sectors = 4 limit=40
[ 2391.055266] Buffer I/O error on dev loop4, logical block 12, lost async page write
[ 2391.058141] syz-executor.4: attempt to access beyond end of device
[ 2391.058141] loop4: rw=2049, sector=52, nr_sectors = 8 limit=40
[ 2391.068809] syz-executor.6: attempt to access beyond end of device
[ 2391.068809] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2391.070431] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:41:55 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 3)

15:41:55 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 21)

15:41:55 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 25)

15:41:55 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 3)

15:41:55 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 3)

15:41:55 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_dev$rtc(&(0x7f0000000000), 0x5, 0x410000)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendfile(r2, r3, &(0x7f0000000040)=0xdd, 0x9)
syz_read_part_table(0x6, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000180)="c33126d5876c4fc2", 0x8, 0x20000000000}])
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x608000, 0x30)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:41:55 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 20)

[ 2391.236159] loop3: detected capacity change from 0 to 40
[ 2391.240833] loop7: detected capacity change from 0 to 40
[ 2391.265684] loop5: detected capacity change from 0 to 40
[ 2391.274736] loop6: detected capacity change from 0 to 40
[ 2391.279913] loop2: detected capacity change from 0 to 40
[ 2391.280061] FAULT_INJECTION: forcing a failure.
[ 2391.280061] name failslab, interval 1, probability 0, space 0, times 0
[ 2391.282402] CPU: 0 PID: 10432 Comm: syz-executor.7 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2391.283396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2391.284400] Call Trace:
[ 2391.284729]  <TASK>
[ 2391.285021]  dump_stack_lvl+0xc1/0xf0
[ 2391.285528]  should_fail_ex+0x4b4/0x5b0
[ 2391.286059]  should_failslab+0x9/0x20
[ 2391.286554]  __kmem_cache_alloc_node+0x5b/0x310
[ 2391.287150]  ? alloc_pipe_info+0x1e9/0x590
[ 2391.287682]  ? alloc_pipe_info+0x10e/0x590
[ 2391.288233]  ? alloc_pipe_info+0x1e9/0x590
[ 2391.288773]  __kmalloc+0x4a/0x160
[ 2391.289239]  alloc_pipe_info+0x1e9/0x590
[ 2391.289764]  splice_direct_to_actor+0x6e6/0x8c0
[ 2391.290361]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2391.290991]  ? inode_security+0x105/0x140
[ 2391.291528]  ? selinux_file_permission+0x96/0x510
[ 2391.292169]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2391.292824]  ? security_file_permission+0xb5/0xe0
[ 2391.293437]  do_splice_direct+0x1bc/0x290
[ 2391.293975]  ? __pfx_do_splice_direct+0x10/0x10
[ 2391.294595]  ? lock_is_held_type+0x9f/0x120
[ 2391.295158]  do_sendfile+0xb1d/0x12b0
[ 2391.295663]  ? __pfx_do_sendfile+0x10/0x10
[ 2391.296226]  __x64_sys_sendfile64+0x1d5/0x210
[ 2391.296798]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2391.297445]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2391.298140]  do_syscall_64+0x3f/0x90
[ 2391.298612]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2391.299257] RIP: 0033:0x7f7050f93b19
[ 2391.299731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2391.301907] RSP: 002b:00007f704e509188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2391.302842] RAX: ffffffffffffffda RBX: 00007f70510a6f60 RCX: 00007f7050f93b19
[ 2391.303718] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2391.304598] RBP: 00007f704e5091d0 R08: 0000000000000000 R09: 0000000000000000
[ 2391.305487] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2391.306366] R13: 00007ffeb40769df R14: 00007f704e509300 R15: 0000000000022000
[ 2391.307284]  </TASK>
15:41:55 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 22)

[ 2391.320535] loop0: detected capacity change from 0 to 40
[ 2391.330887] loop4: detected capacity change from 0 to 40
[ 2391.360206] FAULT_INJECTION: forcing a failure.
[ 2391.360206] name failslab, interval 1, probability 0, space 0, times 0
[ 2391.361800] CPU: 1 PID: 10438 Comm: syz-executor.2 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2391.362898] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2391.364013] Call Trace:
[ 2391.364357]  <TASK>
[ 2391.364651]  dump_stack_lvl+0xc1/0xf0
[ 2391.365181]  should_fail_ex+0x4b4/0x5b0
[ 2391.365770]  should_failslab+0x9/0x20
[ 2391.366326]  __kmem_cache_alloc_node+0x5b/0x310
[ 2391.366983]  ? alloc_pipe_info+0x1e9/0x590
[ 2391.367534]  ? alloc_pipe_info+0x10e/0x590
[ 2391.368104]  ? alloc_pipe_info+0x1e9/0x590
[ 2391.368704]  __kmalloc+0x4a/0x160
[ 2391.369218]  alloc_pipe_info+0x1e9/0x590
[ 2391.369809]  splice_direct_to_actor+0x6e6/0x8c0
[ 2391.370447]  ? __cond_resched+0x46/0x70
[ 2391.370970]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2391.371671]  ? inode_security+0x105/0x140
[ 2391.372291]  ? selinux_file_permission+0x96/0x510
[ 2391.372987]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2391.373713]  ? security_file_permission+0xb5/0xe0
[ 2391.374392]  do_splice_direct+0x1bc/0x290
[ 2391.374986]  ? __pfx_do_splice_direct+0x10/0x10
[ 2391.375609]  ? lock_is_held_type+0x9f/0x120
[ 2391.376199]  do_sendfile+0xb1d/0x12b0
[ 2391.376755]  ? __pfx_do_sendfile+0x10/0x10
[ 2391.377377]  __x64_sys_sendfile64+0x1d5/0x210
[ 2391.378044]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2391.378749]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2391.379468]  do_syscall_64+0x3f/0x90
[ 2391.379999]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2391.380697] RIP: 0033:0x7fe077f6cb19
[ 2391.381199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2391.383487] RSP: 002b:00007fe0754e2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2391.384453] RAX: ffffffffffffffda RBX: 00007fe07807ff60 RCX: 00007fe077f6cb19
[ 2391.385379] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2391.386296] RBP: 00007fe0754e21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2391.387233] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2391.388224] R13: 00007ffda5f9e29f R14: 00007fe0754e2300 R15: 0000000000022000
[ 2391.389162]  </TASK>
[ 2391.407207] syz-executor.0: attempt to access beyond end of device
[ 2391.407207] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2391.408797] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:41:55 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 4)

[ 2391.422711] syz-executor.3: attempt to access beyond end of device
[ 2391.422711] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2391.424576] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2391.427469] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2391.481268] FAULT_INJECTION: forcing a failure.
[ 2391.481268] name failslab, interval 1, probability 0, space 0, times 0
[ 2391.482743] CPU: 0 PID: 10434 Comm: syz-executor.5 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2391.483371] loop1: detected capacity change from 0 to 40
[ 2391.483744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2391.483768] Call Trace:
[ 2391.483780]  <TASK>
[ 2391.483803]  dump_stack_lvl+0xc1/0xf0
[ 2391.486558]  should_fail_ex+0x4b4/0x5b0
[ 2391.487127]  should_failslab+0x9/0x20
[ 2391.487640]  __kmem_cache_alloc_node+0x5b/0x310
[ 2391.488278]  ? alloc_pipe_info+0x1e9/0x590
[ 2391.488844]  ? alloc_pipe_info+0x10e/0x590
[ 2391.489394]  ? alloc_pipe_info+0x1e9/0x590
[ 2391.489951]  __kmalloc+0x4a/0x160
[ 2391.490439]  alloc_pipe_info+0x1e9/0x590
[ 2391.490973]  splice_direct_to_actor+0x6e6/0x8c0
[ 2391.491618]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2391.492279]  ? inode_security+0x105/0x140
[ 2391.492841]  ? selinux_file_permission+0x96/0x510
[ 2391.493491]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2391.494176]  ? security_file_permission+0xb5/0xe0
[ 2391.494834]  do_splice_direct+0x1bc/0x290
[ 2391.495401]  ? __pfx_do_splice_direct+0x10/0x10
[ 2391.496061]  ? lock_is_held_type+0x9f/0x120
[ 2391.496659]  do_sendfile+0xb1d/0x12b0
[ 2391.497194]  ? __pfx_do_sendfile+0x10/0x10
[ 2391.497789]  __x64_sys_sendfile64+0x1d5/0x210
[ 2391.498411]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2391.499073]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2391.499775]  do_syscall_64+0x3f/0x90
[ 2391.500296]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2391.500980] RIP: 0033:0x7f6e1785cb19
[ 2391.501479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2391.503743] RSP: 002b:00007f6e14dd2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2391.504724] RAX: ffffffffffffffda RBX: 00007f6e1796ff60 RCX: 00007f6e1785cb19
[ 2391.505637] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2391.506548] RBP: 00007f6e14dd21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2391.507461] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2391.508375] R13: 00007ffe2a2236ff R14: 00007f6e14dd2300 R15: 0000000000022000
[ 2391.509298]  </TASK>
15:41:56 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 26)

15:41:56 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 22)

15:41:56 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 21)

[ 2391.599310] loop7: detected capacity change from 0 to 40
[ 2391.620960] loop3: detected capacity change from 0 to 40
[ 2391.634849] loop6: detected capacity change from 0 to 40
[ 2391.639251] loop0: detected capacity change from 0 to 40
[ 2405.374775] loop2: detected capacity change from 0 to 40
15:42:09 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 4)

15:42:09 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 5)

15:42:09 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 22)

15:42:09 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
fchmodat(r2, &(0x7f0000000000)='./file0\x00', 0x20)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x9, 0xffffffffffffffff, 0x1)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:42:09 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 4)

[ 2405.394547] loop3: detected capacity change from 0 to 40
15:42:09 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:42:09 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 23)

15:42:09 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 27)

[ 2405.398239] loop5: detected capacity change from 0 to 40
[ 2405.406957] loop4: detected capacity change from 0 to 40
[ 2405.419143] bio_check_eod: 6 callbacks suppressed
[ 2405.419167] syz-executor.2: attempt to access beyond end of device
[ 2405.419167] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2405.420382] buffer_io_error: 5 callbacks suppressed
[ 2405.420390] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2405.429932] loop1: detected capacity change from 0 to 40
[ 2405.439609] syz-executor.3: attempt to access beyond end of device
[ 2405.439609] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2405.440690] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2405.443968] loop0: detected capacity change from 0 to 40
[ 2405.447077] syz-executor.5: attempt to access beyond end of device
[ 2405.447077] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2405.447968] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2405.450423] loop7: detected capacity change from 0 to 40
[ 2405.454568] loop6: detected capacity change from 0 to 40
[ 2405.478201] syz-executor.1: attempt to access beyond end of device
[ 2405.478201] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
15:42:10 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 5)

[ 2405.479136] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:42:10 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 24)

15:42:10 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 5)

[ 2405.500879] syz-executor.4: attempt to access beyond end of device
[ 2405.500879] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2405.502530] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2405.511001] FAULT_INJECTION: forcing a failure.
[ 2405.511001] name failslab, interval 1, probability 0, space 0, times 0
[ 2405.512563] CPU: 0 PID: 10478 Comm: syz-executor.7 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2405.513657] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2405.514756] Call Trace:
[ 2405.515121]  <TASK>
[ 2405.515445]  dump_stack_lvl+0xc1/0xf0
[ 2405.516032]  should_fail_ex+0x4b4/0x5b0
[ 2405.516618]  should_failslab+0x9/0x20
[ 2405.517170]  __kmem_cache_alloc_node+0x5b/0x310
[ 2405.517831]  ? iter_file_splice_write+0x169/0xcb0
[ 2405.518538]  ? iter_file_splice_write+0x169/0xcb0
[ 2405.519224]  __kmalloc+0x4a/0x160
[ 2405.519729]  iter_file_splice_write+0x169/0xcb0
[ 2405.520424]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2405.521152]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2405.521904]  ? inode_security+0x105/0x140
[ 2405.522515]  ? security_file_permission+0xb5/0xe0
[ 2405.523194]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2405.523889]  direct_splice_actor+0x113/0x180
[ 2405.524548]  splice_direct_to_actor+0x33a/0x8c0
[ 2405.525219]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2405.525916]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2405.526639]  ? security_file_permission+0xb5/0xe0
[ 2405.527322]  do_splice_direct+0x1bc/0x290
[ 2405.527916]  ? __pfx_do_splice_direct+0x10/0x10
[ 2405.528605]  ? lock_is_held_type+0x9f/0x120
[ 2405.529225]  do_sendfile+0xb1d/0x12b0
[ 2405.529781]  ? __pfx_do_sendfile+0x10/0x10
[ 2405.530366]  __x64_sys_sendfile64+0x1d5/0x210
[ 2405.531008]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2405.531716]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2405.532470]  do_syscall_64+0x3f/0x90
[ 2405.533010]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2405.533740] RIP: 0033:0x7f7050f93b19
[ 2405.534269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2405.535890] loop2: detected capacity change from 0 to 40
[ 2405.536741] RSP: 002b:00007f704e509188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2405.538200] RAX: ffffffffffffffda RBX: 00007f70510a6f60 RCX: 00007f7050f93b19
[ 2405.539182] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2405.540174] RBP: 00007f704e5091d0 R08: 0000000000000000 R09: 0000000000000000
[ 2405.541163] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2405.542153] R13: 00007ffeb40769df R14: 00007f704e509300 R15: 0000000000022000
[ 2405.543170]  </TASK>
[ 2405.554866] syz-executor.4: attempt to access beyond end of device
[ 2405.554866] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2405.555851] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2405.560338] loop3: detected capacity change from 0 to 40
[ 2405.561778] loop5: detected capacity change from 0 to 40
15:42:10 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r1 = openat(r0, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2405.570001] FAULT_INJECTION: forcing a failure.
[ 2405.570001] name failslab, interval 1, probability 0, space 0, times 0
[ 2405.570813] CPU: 1 PID: 10480 Comm: syz-executor.2 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2405.571378] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2405.571951] Call Trace:
[ 2405.572141]  <TASK>
[ 2405.572308]  dump_stack_lvl+0xc1/0xf0
[ 2405.572600]  should_fail_ex+0x4b4/0x5b0
[ 2405.572903]  should_failslab+0x9/0x20
[ 2405.573193]  __kmem_cache_alloc_node+0x5b/0x310
[ 2405.573534]  ? iter_file_splice_write+0x169/0xcb0
[ 2405.573901]  ? iter_file_splice_write+0x169/0xcb0
[ 2405.574255]  __kmalloc+0x4a/0x160
[ 2405.574519]  iter_file_splice_write+0x169/0xcb0
[ 2405.574878]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2405.575258]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2405.575653]  ? inode_security+0x105/0x140
[ 2405.575991]  ? security_file_permission+0xb5/0xe0
[ 2405.576345]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2405.576722]  direct_splice_actor+0x113/0x180
[ 2405.577089]  splice_direct_to_actor+0x33a/0x8c0
[ 2405.577470]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2405.577921]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2405.578328]  ? security_file_permission+0xb5/0xe0
[ 2405.578708]  do_splice_direct+0x1bc/0x290
[ 2405.579040]  ? __pfx_do_splice_direct+0x10/0x10
[ 2405.579408]  ? lock_is_held_type+0x9f/0x120
[ 2405.579753]  do_sendfile+0xb1d/0x12b0
[ 2405.580057]  ? __pfx_do_sendfile+0x10/0x10
[ 2405.580388]  __x64_sys_sendfile64+0x1d5/0x210
[ 2405.580733]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2405.581117]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2405.581531]  do_syscall_64+0x3f/0x90
[ 2405.581814]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2405.582210] RIP: 0033:0x7fe077f6cb19
[ 2405.582483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2405.583797] RSP: 002b:00007fe0754e2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2405.584375] RAX: ffffffffffffffda RBX: 00007fe07807ff60 RCX: 00007fe077f6cb19
[ 2405.584917] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2405.585429] RBP: 00007fe0754e21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2405.585971] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2405.586497] R13: 00007ffda5f9e29f R14: 00007fe0754e2300 R15: 0000000000022000
[ 2405.587040]  </TASK>
[ 2405.590376] syz-executor.0: attempt to access beyond end of device
[ 2405.590376] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2405.592223] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2405.595405] syz-executor.6: attempt to access beyond end of device
[ 2405.595405] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2405.597111] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2405.602927] FAULT_INJECTION: forcing a failure.
[ 2405.602927] name failslab, interval 1, probability 0, space 0, times 0
[ 2405.603864] CPU: 1 PID: 10485 Comm: syz-executor.5 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2405.604470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2405.605078] Call Trace:
[ 2405.605278]  <TASK>
[ 2405.605465]  dump_stack_lvl+0xc1/0xf0
[ 2405.605787]  should_fail_ex+0x4b4/0x5b0
[ 2405.606116]  should_failslab+0x9/0x20
[ 2405.606407]  __kmem_cache_alloc_node+0x5b/0x310
[ 2405.606772]  ? iter_file_splice_write+0x169/0xcb0
[ 2405.607173]  ? iter_file_splice_write+0x169/0xcb0
[ 2405.607564]  __kmalloc+0x4a/0x160
[ 2405.607844]  iter_file_splice_write+0x169/0xcb0
[ 2405.608212]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2405.608590]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2405.608986]  ? inode_security+0x105/0x140
[ 2405.609303]  ? security_file_permission+0xb5/0xe0
[ 2405.609654]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2405.610037]  direct_splice_actor+0x113/0x180
[ 2405.610375]  splice_direct_to_actor+0x33a/0x8c0
[ 2405.610727]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2405.611095]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2405.611472]  ? security_file_permission+0xb5/0xe0
[ 2405.611826]  do_splice_direct+0x1bc/0x290
[ 2405.612150]  ? __pfx_do_splice_direct+0x10/0x10
[ 2405.612514]  ? lock_is_held_type+0x9f/0x120
[ 2405.612847]  do_sendfile+0xb1d/0x12b0
[ 2405.613145]  ? __pfx_do_sendfile+0x10/0x10
[ 2405.613463]  __x64_sys_sendfile64+0x1d5/0x210
[ 2405.613795]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2405.614170]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2405.614561]  do_syscall_64+0x3f/0x90
[ 2405.614833]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2405.615201] RIP: 0033:0x7f6e1785cb19
[ 2405.615468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2405.616772] RSP: 002b:00007f6e14dd2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2405.617313] RAX: ffffffffffffffda RBX: 00007f6e1796ff60 RCX: 00007f6e1785cb19
[ 2405.617821] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2405.618327] RBP: 00007f6e14dd21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2405.618827] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000001
[ 2405.619326] R13: 00007ffe2a2236ff R14: 00007f6e14dd2300 R15: 0000000000022000
[ 2405.619844]  </TASK>
15:42:10 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000040)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2405.639501] syz-executor.3: attempt to access beyond end of device
[ 2405.639501] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2405.640411] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2405.646518] loop1: detected capacity change from 0 to 40
[ 2405.681681] loop4: detected capacity change from 0 to 40
[ 2405.810263] syz-executor.4: attempt to access beyond end of device
[ 2405.810263] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2405.812060] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:42:24 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 28)

15:42:24 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 23)

15:42:24 executing program 4:
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000180)=[{&(0x7f0000000080)="04000000646f7366d87f8777d1b8d387b93b306d14e2f6ca7327ba29917ba01333512f17016f4f2fdd7de60dd1e4bbfd8d471031616aa4f20d06446cfefd46ec7678", 0x42, 0xfc5a}, {0x0, 0x0, 0x2800}, {&(0x7f0000000300)="1d1912fe2a1f614781de484794dd190c0f134c95321f55fbc274f3bd8944146cc3a9cb05ea732b89ba139d1fac9a08d9922872bd542a69287c94457d96029353d0b5965b4000c8d1d826b7d70dbc6719dd05286c3acbd9a534d70fd805ace8017f28b0e45068595a11f95fa90bf0e8ed8d547c419599d6311eba985af0a6be8e28fde19ded575210e502bff88b7b686b68d2726a9264c027a4222caf5fd724c90e57d8b9132f35577de2443c713faef9db0d8e436365746b71235d64a6a34b845be4033f4bfedd40ae9cc14820dc3f9b25b2d5ebe173bc5b16a75d256ab5cd23b53ba626fe", 0xe5, 0xff}, {&(0x7f0000000400)="f215861e2a971e96a280f50782f9bd9fa60755b64ad95599542fda509f142b7aa956d3575ae65a8c2ca7db74b965c76c2275fbae5e094ac7947dbe43f0e27c5ca2569a968e32a21a84af49d8c6c0c79406d4c8a082b4fbbdc26ab518ffe6a397dbed8a930dabe3dfc0428a150e2593ada8f2086026324ec9a6a9c95a42646f296e57c1f357c60e84b675cf3f8d17ea4bf788ba6b565c8c0e9c38adf1b4586296a0211eaf22", 0xa5, 0x5}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
openat(r1, &(0x7f0000000000)='./file1\x00', 0x2402, 0x1ec)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r2, r0, 0x0, 0xfffffdef)

[ 2419.668714] loop4: detected capacity change from 0 to 252
15:42:24 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendfile(r0, r2, &(0x7f00000000c0)=0xffffffffffffffff, 0x9)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r3, 0x40286608, &(0x7f0000000040)={0x0, 0x7f, 0x401, 0x101, 0x2, 0x3})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r4, 0x1, 0x2e, &(0x7f0000000000)={0x77359400}, 0x10)
recvmmsg(r4, &(0x7f0000000fc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:42:24 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 6)

15:42:24 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 6)

15:42:24 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 6)

15:42:24 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 25)

[ 2419.684621] FAT-fs (loop4): invalid media value (0xa6)
[ 2419.685356] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 2419.692256] loop3: detected capacity change from 0 to 40
[ 2419.693010] loop2: detected capacity change from 0 to 40
[ 2419.695045] loop7: detected capacity change from 0 to 40
[ 2419.701836] loop0: detected capacity change from 0 to 40
[ 2419.709869] loop5: detected capacity change from 0 to 40
[ 2419.728819] loop1: detected capacity change from 0 to 40
[ 2419.732323] syz-executor.7: attempt to access beyond end of device
[ 2419.732323] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2419.733527] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2419.736061] syz-executor.2: attempt to access beyond end of device
[ 2419.736061] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2419.736936] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2419.755743] syz-executor.5: attempt to access beyond end of device
[ 2419.755743] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2419.756573] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2419.776575] loop6: detected capacity change from 0 to 40
15:42:24 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 7)

15:42:24 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 7)

[ 2419.822452] syz-executor.3: attempt to access beyond end of device
[ 2419.822452] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2419.824336] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2419.828245] syz-executor.0: attempt to access beyond end of device
[ 2419.828245] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2419.829952] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:42:24 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 7)

[ 2419.854144] loop7: detected capacity change from 0 to 40
[ 2419.855990] syz-executor.6: attempt to access beyond end of device
[ 2419.855990] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2419.857460] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2419.878933] syz-executor.1: attempt to access beyond end of device
[ 2419.878933] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2419.880558] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2419.886961] syz-executor.7: attempt to access beyond end of device
[ 2419.886961] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2419.887870] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2419.928462] loop2: detected capacity change from 0 to 40
15:42:24 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 8)

15:42:24 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 24)

15:42:24 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 26)

15:42:24 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 29)

[ 2420.018859] loop5: detected capacity change from 0 to 40
[ 2420.029480] loop6: detected capacity change from 0 to 40
[ 2420.036776] syz-executor.2: attempt to access beyond end of device
[ 2420.036776] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2420.038528] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2420.080020] syz-executor.6: attempt to access beyond end of device
[ 2420.080020] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2420.080893] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2420.101441] loop0: detected capacity change from 0 to 40
[ 2420.111341] loop3: detected capacity change from 0 to 40
15:42:24 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 30)

[ 2420.136544] loop7: detected capacity change from 0 to 40
15:42:24 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 8)

[ 2420.371749] loop6: detected capacity change from 0 to 40
[ 2420.395244] loop2: detected capacity change from 0 to 40
[ 2420.505183] loop4: detected capacity change from 0 to 252
[ 2420.508291] FAT-fs (loop4): Unrecognized mount option "./file0" or missing value
15:42:37 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 9)

[ 2432.694346] loop1: detected capacity change from 0 to 40
15:42:37 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 8)

15:42:37 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
fspick(r1, &(0x7f0000000040)='./file0\x00', 0x0)
openat(r1, &(0x7f0000000000)='./file0\x00', 0x2140, 0x5)

15:42:37 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
lsetxattr$security_capability(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), &(0x7f00000000c0)=@v1={0x1000000, [{0x3b, 0x8}]}, 0xc, 0x1)

[ 2432.701960] loop4: detected capacity change from 0 to 40
[ 2432.705151] loop7: detected capacity change from 0 to 40
15:42:37 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 27)

15:42:37 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 25)

15:42:37 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 31)

15:42:37 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 9)

[ 2432.724580] loop6: detected capacity change from 0 to 40
[ 2432.732310] loop0: detected capacity change from 0 to 40
[ 2432.736358] loop3: detected capacity change from 0 to 40
[ 2432.747623] loop2: detected capacity change from 0 to 40
[ 2432.788512] bio_check_eod: 7 callbacks suppressed
[ 2432.788524] syz-executor.3: attempt to access beyond end of device
[ 2432.788524] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2432.788904] loop5: detected capacity change from 0 to 40
[ 2432.790344] buffer_io_error: 7 callbacks suppressed
[ 2432.790354] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2432.793593] syz-executor.0: attempt to access beyond end of device
[ 2432.793593] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2432.794534] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2432.813742] syz-executor.4: attempt to access beyond end of device
[ 2432.813742] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2432.814652] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:42:37 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 26)

15:42:37 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 28)

[ 2432.858276] syz-executor.7: attempt to access beyond end of device
[ 2432.858276] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2432.860066] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2432.866522] syz-executor.1: attempt to access beyond end of device
[ 2432.866522] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2432.868219] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:42:37 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

[ 2432.882808] syz-executor.6: attempt to access beyond end of device
[ 2432.882808] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2432.884460] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2432.898004] syz-executor.5: attempt to access beyond end of device
[ 2432.898004] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2432.899795] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2432.901338] syz-executor.2: attempt to access beyond end of device
[ 2432.901338] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2432.903080] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2432.910390] syz-executor.1: attempt to access beyond end of device
[ 2432.910390] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2432.911305] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2432.915038] loop3: detected capacity change from 0 to 40
[ 2432.916565] loop0: detected capacity change from 0 to 40
15:42:37 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 32)

[ 2432.943465] loop4: detected capacity change from 0 to 40
15:42:37 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 10)

[ 2432.976809] syz-executor.0: attempt to access beyond end of device
[ 2432.976809] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2432.977678] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:42:37 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 9)

15:42:37 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r1 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000000)=ANY=[@ANYRESHEX, @ANYRESOCT=0x0, @ANYRESHEX, @ANYBLOB="ea384dfc", @ANYRES16=r0, @ANYRES64, @ANYRES16=r0])
chdir(&(0x7f0000000140)='./file0\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$BLKIOMIN(r4, 0x1278, &(0x7f00000000c0))
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0xfffffdef)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r4, 0xc0189371, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r5=>r1}, './file1\x00'})
openat(r5, &(0x7f00000001c0)='./file1\x00', 0x0, 0x108)

[ 2433.018029] loop6: detected capacity change from 0 to 40
15:42:37 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 10)

[ 2433.042874] loop7: detected capacity change from 0 to 40
[ 2433.056536] loop1: detected capacity change from 0 to 40
[ 2433.065125] FAT-fs (loop1): Unrecognized mount option "0xffffffffffffffff000000000000000000000000xffffffffffffffffê8Mü" or missing value
[ 2433.100469] loop2: detected capacity change from 0 to 40
[ 2433.128331] loop5: detected capacity change from 0 to 40
[ 2433.879049] loop1: detected capacity change from 0 to 40
[ 2433.883946] FAT-fs (loop1): Unrecognized mount option "0xffffffffffffffff000000000000000000000000xffffffffffffffffê8Mü" or missing value
15:42:51 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 29)

15:42:51 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
close(r1)
copy_file_range(r1, &(0x7f0000000040)=0xfffffffffffffffb, 0xffffffffffffffff, &(0x7f00000000c0)=0x100000001, 0x5, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
pwritev(r2, &(0x7f0000000180)=[{&(0x7f0000000300)="4f3728759395ce8612f877ed1d0ff67b34cfe79bc9105b8aabb679b36161047959cda1af172890058aa0af87aac944215441e44b24f7ae98f0c88c70ba02d3183ec3f80fc508371410a70e059e4165f39f0e03f976bbcb6c6e9483056fb2a6695519956bf04b32b4cabe1416a9c3d4e036aa8c34ba7a52d668e7ae3d6dbf97ab30c44b8f456270c04e64fd7269823f8f04c351a44a3394446f512edcb08b7dca31b4062fcb0237c397399a4ab65c810d559b35abf286f0bfe98d627ae260", 0xbe}, {&(0x7f00000003c0)="1de6c5cf04facaad9d6cab03c1647a8348e3baed77e7ca540f6052c6609dedc13578ab1d3c118bb871ddd95f74a3f0774df69e6569fef537cb2bce3f5df68b50cb6a2ca3df77e6550f0062fcdc7934b37c4d9cd6697673c9b93c0bc0063bb47ae2b46c4de125afd4a6d133ccbefa7229f07da7dec93ae0f31ddeebed7654a53a2abe9607c40263897b984cdd558c5b2e8cdd810fdf169a69cf3a263669bf047fa4a17b248117cc4afd2e2b36cfbfe8f8ac0b3c1eb1f597d73dabea4fd6f31b152cffd9d9069d7ed09646de898b71b95b33e03b0c326b03a61d9f2880e6c854fea593", 0xe2}], 0x2, 0x2, 0x8)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$AUTOFS_DEV_IOCTL_READY(r3, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r4, {0x9}}, './file1\x00'})

15:42:51 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 10)

15:42:51 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 33)

15:42:51 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 11)

15:42:51 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 11)

15:42:51 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 27)

15:42:51 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
openat(r0, &(0x7f0000000180)='./file2\x00', 0x801, 0x199)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
write$binfmt_aout(r2, &(0x7f0000000000)=ANY=[@ANYRESOCT, @ANYRESOCT, @ANYRES16=r3, @ANYRES32=r4, @ANYRESHEX=r0, @ANYRESDEC=r5, @ANYRESOCT], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000005640)={<r6=>0x0, <r7=>0x0})
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005480)=[{{&(0x7f00000002c0), 0x6e, &(0x7f00000009c0)=[{&(0x7f0000000340)=""/204, 0xcc}, {&(0x7f0000000440)=""/71, 0x47}, {&(0x7f00000004c0)=""/88, 0x58}, {&(0x7f0000000540)=""/119, 0x77}, {&(0x7f0000000640)=""/108, 0x6c}, {&(0x7f00000006c0)=""/254, 0xfe}, {&(0x7f00000007c0)=""/253, 0xfd}, {&(0x7f00000008c0)=""/226, 0xe2}], 0x8}}, {{&(0x7f0000000a40), 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000ac0)=""/67, 0x43}], 0x1, &(0x7f0000000b40)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r8=>0x0}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x108}}, {{&(0x7f0000000c80)=@abs, 0x6e, &(0x7f0000002240)=[{&(0x7f0000000d00)=""/17, 0x11}, {&(0x7f0000000d40)=""/41, 0x29}, {&(0x7f0000000d80)=""/167, 0xa7}, {&(0x7f0000000e40)=""/22, 0x16}, {&(0x7f0000000e80)=""/176, 0xb0}, {&(0x7f0000000f40)=""/150, 0x96}, {&(0x7f0000001000)=""/134, 0x86}, {&(0x7f00000010c0)=""/157, 0x9d}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f0000002180)=""/164, 0xa4}], 0xa}}, {{&(0x7f0000002300), 0x6e, &(0x7f00000037c0)=[{&(0x7f0000002380)=""/54, 0x36}, {&(0x7f00000023c0)=""/154, 0x9a}, {&(0x7f0000002480)=""/168, 0xa8}, {&(0x7f0000002540)=""/4096, 0x1000}, {&(0x7f0000003540)=""/117, 0x75}, {&(0x7f00000035c0)=""/246, 0xf6}, {&(0x7f00000036c0)=""/240, 0xf0}], 0x7, &(0x7f0000003840)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x38}}, {{0x0, 0x0, &(0x7f0000003900)=[{&(0x7f0000003880)=""/75, 0x4b}], 0x1, &(0x7f0000003940)=ANY=[@ANYBLOB="140000000000c8cf0100000001000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x18}}, {{0x0, 0x0, &(0x7f0000004ac0)=[{&(0x7f0000003980)=""/108, 0x6c}, {&(0x7f0000003a00)=""/9, 0x9}, {&(0x7f0000003a40)=""/4096, 0x1000}, {&(0x7f0000004a40)=""/85, 0x55}], 0x4, &(0x7f0000004b00)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000004b80)=@abs, 0x6e, &(0x7f0000005300)=[{&(0x7f0000004c00)=""/232, 0xe8}, {&(0x7f0000004d00)=""/173, 0xad}, {&(0x7f0000004dc0)=""/188, 0xbc}, {&(0x7f0000004e80)=""/60, 0x3c}, {&(0x7f0000004ec0)=""/206, 0xce}, {&(0x7f0000004fc0)=""/88, 0x58}, {&(0x7f0000005040)=""/124, 0x7c}, {&(0x7f00000050c0)=""/91, 0x5b}, {&(0x7f0000005140)=""/220, 0xdc}, {&(0x7f0000005240)=""/154, 0x9a}], 0xa, &(0x7f00000053c0)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xb8}}], 0x7, 0x2, &(0x7f0000005680)={r6, r7+60000000})
lstat(&(0x7f00000056c0)='./file2\x00', &(0x7f0000005700)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
setresuid(0x0, r10, 0x0)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240), 0x20000, &(0x7f0000005780)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {}, 0x2c, {[{@aname={'aname', 0x3d, ':'}}, {@cache_loose}], [{@euid_lt={'euid<', 0xee01}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@subj_user={'subj_user', 0x3d, '[/\\\xaf[@%'}}, {@fowner_lt={'fowner<', r8}}, {@uid_gt={'uid>', r9}}, {@euid_gt={'euid>', r10}}]}})
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2447.018736] loop7: detected capacity change from 0 to 40
[ 2447.049162] loop2: detected capacity change from 0 to 40
[ 2447.051877] loop3: detected capacity change from 0 to 40
[ 2447.054016] loop6: detected capacity change from 0 to 40
[ 2447.055515] loop1: detected capacity change from 0 to 40
[ 2447.077011] loop0: detected capacity change from 0 to 40
[ 2447.082777] loop4: detected capacity change from 0 to 40
[ 2447.093749] bio_check_eod: 5 callbacks suppressed
[ 2447.093779] syz-executor.3: attempt to access beyond end of device
[ 2447.093779] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2447.095004] buffer_io_error: 5 callbacks suppressed
[ 2447.095012] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2447.096111] syz-executor.6: attempt to access beyond end of device
[ 2447.096111] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2447.097018] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2447.097166] loop5: detected capacity change from 0 to 40
[ 2447.103311] syz-executor.2: attempt to access beyond end of device
[ 2447.103311] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2447.104136] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2447.121997] syz-executor.1: attempt to access beyond end of device
[ 2447.121997] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2447.122833] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2447.131621] syz-executor.7: attempt to access beyond end of device
[ 2447.131621] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2447.133298] Buffer I/O error on dev loop7, logical block 10, lost async page write
15:42:51 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 12)

15:42:51 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 34)

15:42:51 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 30)

15:42:51 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002ac0)=[{{&(0x7f0000000180), 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000240)=""/83, 0x53}, {&(0x7f00000002c0)=""/211, 0xd3}, {0x0}, {&(0x7f00000003c0)=""/181, 0xb5}, {&(0x7f0000000480)=""/58, 0x3a}, {&(0x7f00000004c0)=""/168, 0xa8}, {&(0x7f0000000580)=""/32, 0x20}, {&(0x7f00000005c0)=""/226, 0xe2}], 0x8, &(0x7f0000000740)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r1=>0x0}}}], 0xa8}}, {{&(0x7f0000000800)=@abs, 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000880)=""/168, 0xa8}, {&(0x7f0000000940)=""/51, 0x33}, {&(0x7f0000000980)=""/129, 0x81}, {&(0x7f0000000a40)=""/58, 0x3a}], 0x4, &(0x7f0000000ac0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xd0}}, {{&(0x7f0000000bc0)=@abs, 0x6e, &(0x7f0000000f40)=[{&(0x7f0000000c40)=""/213, 0xd5}, {&(0x7f0000000d40)=""/247, 0xf7}, {&(0x7f0000000e40)=""/254, 0xfe}], 0x3, &(0x7f0000000f80)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x10}}], 0x140}}, {{&(0x7f00000010c0), 0x6e, &(0x7f00000013c0)=[{&(0x7f0000001140)=""/155, 0x9b}, {&(0x7f0000001200)=""/254, 0xfe}, {&(0x7f0000001300)=""/171, 0xab}], 0x3, &(0x7f0000001400)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x88}}, {{&(0x7f00000014c0)=@abs, 0x6e, &(0x7f0000002940)=[{&(0x7f0000001540)=""/165, 0xa5}, {&(0x7f0000001600)=""/230, 0xe6}, {&(0x7f0000001700)=""/26, 0x1a}, {&(0x7f0000001740)=""/69, 0x45}, {&(0x7f00000017c0)=""/8, 0x8}, {&(0x7f0000001800)=""/4096, 0x1000}, {&(0x7f0000002800)=""/205, 0xcd}, {&(0x7f0000002900)}], 0x8, &(0x7f00000029c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xd0}}], 0x5, 0x40010001, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000002d40)=@IORING_OP_STATX={0x15, 0x1, 0x0, r0, &(0x7f0000002c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0}, &(0x7f0000002d00)='./file0\x00', 0x7ff, 0x400, 0x1}, 0x2)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x10020, &(0x7f0000002d80)={'trans=virtio,', {[{@msize={'msize', 0x3d, 0x6}}, {@cachetag}, {@dfltuid={'dfltuid', 0x3d, r1}}, {@uname={'uname', 0x3d, 'vfat\x00'}}], [{@uid_eq}, {@pcr={'pcr', 0x3d, 0x1}}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, 'vfat\x00'}}, {@smackfsdef={'smackfsdef', 0x3d, 'vfat\x00'}}, {@fowner_eq={'fowner', 0x3d, r2}}]}})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r4, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r4, r3, 0x0, 0xfffffdef)

[ 2447.196811] syz-executor.0: attempt to access beyond end of device
[ 2447.196811] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2447.198459] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2447.208060] syz-executor.5: attempt to access beyond end of device
[ 2447.208060] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2447.209768] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2447.227915] loop2: detected capacity change from 0 to 40
[ 2447.232497] loop3: detected capacity change from 0 to 40
[ 2447.234880] loop6: detected capacity change from 0 to 40
[ 2447.237139] loop1: detected capacity change from 0 to 40
15:42:51 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 12)

[ 2447.271891] syz-executor.2: attempt to access beyond end of device
[ 2447.271891] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2447.272914] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2447.276187] syz-executor.3: attempt to access beyond end of device
[ 2447.276187] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2447.277065] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2447.288223] syz-executor.6: attempt to access beyond end of device
[ 2447.288223] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2447.289086] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:42:51 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 28)

15:42:51 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 13)

15:42:51 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 31)

15:42:51 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 11)

[ 2447.375547] loop3: detected capacity change from 0 to 40
[ 2447.380318] loop7: detected capacity change from 0 to 40
[ 2447.390182] loop2: detected capacity change from 0 to 40
[ 2447.410245] FAULT_INJECTION: forcing a failure.
[ 2447.410245] name failslab, interval 1, probability 0, space 0, times 0
[ 2447.411098] CPU: 1 PID: 10631 Comm: syz-executor.2 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2447.411677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2447.412223] Call Trace:
[ 2447.412408]  <TASK>
[ 2447.412579]  dump_stack_lvl+0xc1/0xf0
[ 2447.412873]  should_fail_ex+0x4b4/0x5b0
[ 2447.413178]  should_failslab+0x9/0x20
[ 2447.413466]  __kmem_cache_alloc_node+0x5b/0x310
[ 2447.413828]  ? iter_file_splice_write+0x169/0xcb0
[ 2447.414196]  ? iter_file_splice_write+0x169/0xcb0
[ 2447.414551]  __kmalloc+0x4a/0x160
[ 2447.414819]  iter_file_splice_write+0x169/0xcb0
[ 2447.415154]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2447.415521]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2447.415895]  ? inode_security+0x105/0x140
[ 2447.416200]  ? security_file_permission+0xb5/0xe0
[ 2447.416539]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2447.416903]  direct_splice_actor+0x113/0x180
[ 2447.417232]  splice_direct_to_actor+0x33a/0x8c0
[ 2447.417568]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2447.417908]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2447.418267]  ? security_file_permission+0xb5/0xe0
[ 2447.418608]  do_splice_direct+0x1bc/0x290
[ 2447.418912]  ? __pfx_do_splice_direct+0x10/0x10
[ 2447.419266]  ? lock_is_held_type+0x9f/0x120
[ 2447.419598]  do_sendfile+0xb1d/0x12b0
[ 2447.419886]  ? __pfx_do_sendfile+0x10/0x10
[ 2447.420212]  __x64_sys_sendfile64+0x1d5/0x210
[ 2447.420552]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2447.420857] loop0: detected capacity change from 0 to 40
[ 2447.420921]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2447.422027]  do_syscall_64+0x3f/0x90
[ 2447.422306]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2447.422676] RIP: 0033:0x7fe077f6cb19
[ 2447.422941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2447.424187] RSP: 002b:00007fe0754e2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2447.424729] RAX: ffffffffffffffda RBX: 00007fe07807ff60 RCX: 00007fe077f6cb19
[ 2447.425227] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2447.425719] RBP: 00007fe0754e21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2447.426213] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2447.426714] R13: 00007ffda5f9e29f R14: 00007fe0754e2300 R15: 0000000000022000
[ 2447.427237]  </TASK>
[ 2447.439880] loop5: detected capacity change from 0 to 40
15:43:06 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 12)

15:43:06 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 35)

15:43:06 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 29)

15:43:06 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 32)

15:43:06 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000640)={{{@in6=@private0, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@private1}, 0x0, @in6=@dev}}, &(0x7f0000000240)=0xe8)
statx(r1, &(0x7f0000000740)='./file1\x00', 0x0, 0x2, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x7fffffff, 0x4, &(0x7f0000000180)=[{&(0x7f0000000300)="b713f2b53186ef648061f701f00a66a89314a30f88543eb7ca0df630cfd04a8e0a47cf0f40824e4681192c95f96ab6fc7f581469084fe34e26e681c7a8c8e45a66d9a5c855734a6f1fcf9cbdbd9b48071285dbf621d723d8e15914e65e2ae0bfeadd75b45c6e4d08170d902c34dd9fa862aa6671e00e44184faa94ef42fc6c91b0fd3254395bb40a6127a1e2546f5387a03a126747b1245a579d1a13dc9257017017dd662992e0bd57352de5f3d4673f6a8c800cc283c4b1908c3a4819b59a5c", 0xc0, 0x7}, {&(0x7f00000003c0)="c456b493f7485cfa7823d1889f8d475c0600e05da3b07d5442a54444467caab5233d6ae5d96863029f0aa74d09c03eeef35de8723772e2f9e71a59e9e91137b47ff28473fa981c174b7b3166c91e18352cd140f8a232b555f5edf684645ded51b0214c4d86359322eed93ddc137e91b02bf60c96f7c6ae71e6c8828fd80041e92d0582688f1d43", 0x87, 0x4}, {&(0x7f0000000480)="e3d5c45180d39d9fda820ed71680a6a3be44cedba2bd8e6aa70d9aad61c43f096bce9fcf77ab7dee69554ac59ebbf12952ec1e78c34d846690f20af619fb288c04878349bf1e2d3320d9802b80b2f8bd57b1875733164ec758e0f3d8d98d5030e3cfec7d5e71e15fd689d48d4cb12fe06855f77e4e87ac720a33423aec9f8eaa9d1672b1cc083932731b907fe8d3eb2809dfa9e4556db8d23c5ad552855bdeb04ce5db59a729ea590d047ec38cbe1a53be", 0xb1, 0x88}, {&(0x7f0000000540)="3505cc4f80c14ee39ecec8788e0fc41bf02582cee599b55e13b55db2b2fe659591021f62880a7b8d7a310714a185db270e707790857e6c80e7f7c42a5f5b43d8809dfdc90978698aaacc1fe3da1a3304b5a440a3fbeba14756264981c3a7068216237a2609fae1760edcd2d38d5fb43618e17d7005c257b14fb9fc0da4e8a566d5a3da07c4410ca11205fa8bf64d4aeb59e49ce1519bd674a752e67cdbc87c28ec050676d3d0e02f93e16b1a7478a718cad14d8eeabf7dece6f90d8aa5beff7eeb7ff3bd923e2581a4a2123dcaa9de9be33f6d40d8e95fa7789952af5da885fbbbcb924f1a9c4d643747fe69494a", 0xee, 0x3}], 0x6, &(0x7f0000000880)={[{@utf8}], [{@euid_eq={'euid', 0x3d, r2}}, {@euid_gt={'euid>', r3}}, {@permit_directio}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@pcr={'pcr', 0x3d, 0x34}}, {@fsuuid={'fsuuid', 0x3d, {[0x33, 0x61, 0x64, 0x62, 0x65, 0x31, 0x35, 0x62], 0x2d, [0x64, 0x66, 0x61, 0x31], 0x2d, [0x37, 0x62, 0x39, 0x33], 0x2d, [0x35, 0x38, 0x61, 0x64], 0x2d, [0x31, 0x37, 0x32, 0x64, 0x65, 0x65, 0x61, 0x62]}}}]})
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:43:06 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 13)

[ 2462.054000] loop0: detected capacity change from 0 to 40
[ 2462.054879] loop5: detected capacity change from 0 to 40
[ 2462.065521] loop7: detected capacity change from 0 to 40
15:43:06 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
unlinkat(r2, &(0x7f0000000000)='./file1\x00', 0x0)

15:43:06 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 14)

[ 2462.094992] loop4: detected capacity change from 0 to 40
[ 2462.099771] bio_check_eod: 5 callbacks suppressed
[ 2462.099784] syz-executor.0: attempt to access beyond end of device
[ 2462.099784] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2462.101098] buffer_io_error: 5 callbacks suppressed
[ 2462.101108] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2462.102947] FAULT_INJECTION: forcing a failure.
[ 2462.102947] name failslab, interval 1, probability 0, space 0, times 0
[ 2462.103781] CPU: 0 PID: 10652 Comm: syz-executor.7 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2462.104341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2462.104907] Call Trace:
[ 2462.105096]  <TASK>
[ 2462.105257]  dump_stack_lvl+0xc1/0xf0
[ 2462.105542]  should_fail_ex+0x4b4/0x5b0
[ 2462.105856]  should_failslab+0x9/0x20
[ 2462.106131]  __kmem_cache_alloc_node+0x5b/0x310
[ 2462.106460]  ? iter_file_splice_write+0x169/0xcb0
[ 2462.106823]  ? iter_file_splice_write+0x169/0xcb0
[ 2462.107169]  __kmalloc+0x4a/0x160
[ 2462.107422]  iter_file_splice_write+0x169/0xcb0
[ 2462.107779]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2462.108156]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2462.108538]  ? inode_security+0x105/0x140
[ 2462.108856]  ? security_file_permission+0xb5/0xe0
[ 2462.109202]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2462.109575]  direct_splice_actor+0x113/0x180
[ 2462.109898]  splice_direct_to_actor+0x33a/0x8c0
[ 2462.110237]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2462.110600]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2462.110978]  ? security_file_permission+0xb5/0xe0
[ 2462.111337]  do_splice_direct+0x1bc/0x290
[ 2462.111640]  ? __pfx_do_splice_direct+0x10/0x10
[ 2462.112001]  ? lock_is_held_type+0x9f/0x120
[ 2462.112323]  do_sendfile+0xb1d/0x12b0
[ 2462.112644]  ? __pfx_do_sendfile+0x10/0x10
[ 2462.112960]  __x64_sys_sendfile64+0x1d5/0x210
[ 2462.113291]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2462.113670]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2462.114061]  do_syscall_64+0x3f/0x90
[ 2462.114319]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2462.114700] RIP: 0033:0x7f7050f93b19
[ 2462.114953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2462.115333] loop6: detected capacity change from 0 to 40
[ 2462.116163] RSP: 002b:00007f704e509188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2462.116183] RAX: ffffffffffffffda RBX: 00007f70510a6f60 RCX: 00007f7050f93b19
[ 2462.117769] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2462.118263] RBP: 00007f704e5091d0 R08: 0000000000000000 R09: 0000000000000000
[ 2462.118764] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2462.119268] R13: 00007ffeb40769df R14: 00007f704e509300 R15: 0000000000022000
[ 2462.119786]  </TASK>
[ 2462.121057] loop3: detected capacity change from 0 to 40
[ 2462.124006] syz-executor.5: attempt to access beyond end of device
[ 2462.124006] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2462.124916] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2462.126110] loop2: detected capacity change from 0 to 40
[ 2462.129127] loop1: detected capacity change from 0 to 40
15:43:06 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 13)

15:43:06 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 30)

[ 2462.176617] syz-executor.4: attempt to access beyond end of device
[ 2462.176617] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2462.177528] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2462.179896] syz-executor.1: attempt to access beyond end of device
[ 2462.179896] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2462.180750] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2462.181850] syz-executor.2: attempt to access beyond end of device
[ 2462.181850] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2462.182702] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2462.185986] syz-executor.3: attempt to access beyond end of device
[ 2462.185986] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2462.186854] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2462.188294] syz-executor.6: attempt to access beyond end of device
[ 2462.188294] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2462.189283] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2462.201308] syz-executor.1: attempt to access beyond end of device
[ 2462.201308] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2462.202192] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2462.206177] loop0: detected capacity change from 0 to 40
[ 2462.207380] syz-executor.4: attempt to access beyond end of device
[ 2462.207380] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2462.207509] loop5: detected capacity change from 0 to 40
[ 2462.208243] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:43:06 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 14)

15:43:06 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 33)

15:43:06 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 15)

[ 2462.253613] FAULT_INJECTION: forcing a failure.
[ 2462.253613] name failslab, interval 1, probability 0, space 0, times 0
[ 2462.254432] CPU: 0 PID: 10667 Comm: syz-executor.5 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2462.254991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2462.255545] Call Trace:
[ 2462.255737]  <TASK>
[ 2462.255909]  dump_stack_lvl+0xc1/0xf0
[ 2462.256206]  should_fail_ex+0x4b4/0x5b0
[ 2462.256497]  should_failslab+0x9/0x20
[ 2462.256788]  __kmem_cache_alloc_node+0x5b/0x310
[ 2462.257124]  ? iter_file_splice_write+0x169/0xcb0
[ 2462.257472]  ? iter_file_splice_write+0x169/0xcb0
[ 2462.257819]  __kmalloc+0x4a/0x160
[ 2462.258078]  iter_file_splice_write+0x169/0xcb0
[ 2462.258422]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2462.258794]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2462.259167]  ? inode_security+0x105/0x140
[ 2462.259482]  ? security_file_permission+0xb5/0xe0
[ 2462.259830]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2462.260199]  direct_splice_actor+0x113/0x180
[ 2462.260518]  splice_direct_to_actor+0x33a/0x8c0
[ 2462.260877]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2462.261232]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2462.261593]  ? security_file_permission+0xb5/0xe0
[ 2462.261949]  do_splice_direct+0x1bc/0x290
[ 2462.262247]  ? __pfx_do_splice_direct+0x10/0x10
[ 2462.262578]  ? lock_is_held_type+0x9f/0x120
[ 2462.262910]  do_sendfile+0xb1d/0x12b0
[ 2462.263191]  ? __pfx_do_sendfile+0x10/0x10
[ 2462.263502]  __x64_sys_sendfile64+0x1d5/0x210
[ 2462.263832]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2462.264184]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2462.264556]  do_syscall_64+0x3f/0x90
[ 2462.264828]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2462.265191] RIP: 0033:0x7f6e1785cb19
[ 2462.265450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2462.266666] RSP: 002b:00007f6e14dd2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2462.267171] RAX: ffffffffffffffda RBX: 00007f6e1796ff60 RCX: 00007f6e1785cb19
[ 2462.267661] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2462.268149] RBP: 00007f6e14dd21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2462.268637] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2462.269113] R13: 00007ffe2a2236ff R14: 00007f6e14dd2300 R15: 0000000000022000
[ 2462.269603]  </TASK>
[ 2462.286876] syz-executor.0: attempt to access beyond end of device
[ 2462.286876] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2462.287780] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:43:06 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 36)

15:43:06 executing program 4:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x82)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>r1}, './file0\x00'})
openat(r3, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000040)='./file1\x00', 0xc380, 0x9)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1ef0, 0x6}, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:43:06 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
openat(r0, &(0x7f0000000000)='./file0\x00', 0x10040, 0x4)

[ 2462.303850] loop7: detected capacity change from 0 to 40
[ 2462.305708] loop1: detected capacity change from 0 to 40
[ 2462.313558] loop4: detected capacity change from 0 to 40
15:43:06 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 31)

[ 2462.351342] loop2: detected capacity change from 0 to 40
[ 2462.353298] loop3: detected capacity change from 0 to 40
15:43:06 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 15)

15:43:06 executing program 4:
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000000))
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:43:06 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000340)="04000000646f7366d8a02b0093adb0935170117e00f80153994b07ca6b2cfb080c02a3b6a8855ee7fbf832dcb8fa1dd2860ee687a6777c54183b560d21a0a2d7df94875b9bcd85741e3edca358fa0a32bb2d4e2e8afeb57e9ab61adfe304ade3b31fce0f85bdc112faf0af6d9ac3ea77d66966ed7fa3a944bd5c0ee5c9a8c4242575273f92df43bd2b8126caaf730cca81e88e17b8d1297e1fdcb7e8dbbeb0a2e8c6bf46337295cb3560c762bba8d477d6c53de53debc465e20fd12a8c57999872ce07ecb7730495a24e2519cede14557cbd00867ca8942085232e21ff8018b5391ab55e6730887bb8eb2f78cec1f507289f13318c846378eef34187e97be1d5ad8069d58a06cb3f799627b141109efb6adfe356efb0432994fce8e85298a0b0", 0xde, 0x8}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
r2 = syz_mount_image$nfs4(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfffffffffffff1fb, 0x2, &(0x7f0000000180)=[{&(0x7f0000000240)="e246ad2e79102b93e90617e4a7c52c4f1ac599eb07a7eadfd3c0c1ee0952b03763a82f979d8a4e781114c32471c168e834bba984b2526409763f2c4cc87f6a1af659dccfe212a01cfa1410d989935dd5ae7a9bd12495bcc05af2fdb9ad3ebbb5cfaa40dbd78403e923ddc17f0b5a6815af0fecdc4e34f8f355ca96a93080efd48971f6224eeca82e20b362452542f90ec307bcb20e5ef9f0de24a929929e32c5c4ed30959742f014f993adaf82a9a62a6bbf6c7cba6e07b6a7653c", 0xbb, 0x7}, {&(0x7f00000000c0)="8599", 0x2, 0x100}], 0x20004, &(0x7f0000000480)={[{}, {'!#*}'}], [{@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@fsmagic={'fsmagic', 0x3d, 0x7}}, {@subj_type={'subj_type', 0x3d, ')#'}}, {@dont_measure}]})
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f00000001c0)={0x8, 0x1000, 0x3ff, 0x81, 0xfffff000})
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2462.424103] loop6: detected capacity change from 0 to 40
[ 2462.450342] loop7: detected capacity change from 0 to 40
[ 2462.462922] FAT-fs (loop1): bogus number of reserved sectors
[ 2462.463344] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 2462.472092] loop4: detected capacity change from 0 to 40
[ 2462.482587] loop0: detected capacity change from 0 to 40
[ 2462.489161] loop1: detected capacity change from 0 to 264192
[ 2463.297619] FAT-fs (loop1): Unrecognized mount option "./file0" or missing value
[ 2463.315617] loop1: detected capacity change from 0 to 264192
15:43:23 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 14)

15:43:23 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 16)

15:43:23 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x4080, 0x80)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
clock_gettime(0x7, &(0x7f0000000040)={<r3=>0x0, <r4=>0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendfile(r5, r6, &(0x7f00000002c0)=0x8, 0x8)
utimensat(r1, &(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)={{r3, r4/1000+10000}, {0x0, 0x2710}}, 0x100)
clock_gettime(0x1, &(0x7f00000001c0))
perf_event_open(&(0x7f0000000240)={0x5, 0x80, 0x4, 0x7f, 0x0, 0xff, 0x0, 0x3, 0x3, 0x4, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000000180)}, 0x10000, 0xc1, 0x101, 0x1, 0x81, 0xd4d, 0xdcc, 0x0, 0xfffeffff, 0x0, 0x7fff}, 0x0, 0x8, r0, 0x8)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2478.521378] loop6: detected capacity change from 0 to 40
15:43:23 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 32)

15:43:23 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 34)

15:43:23 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 37)

15:43:23 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x4, 0x54, &(0x7f0000000200), 0x200450, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000300))
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:43:23 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 16)

[ 2478.535052] FAT-fs (loop4): bogus number of reserved sectors
[ 2478.535492] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 2478.555274] bio_check_eod: 9 callbacks suppressed
[ 2478.555285] syz-executor.6: attempt to access beyond end of device
[ 2478.555285] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2478.556033] loop1: detected capacity change from 0 to 40
[ 2478.556520] buffer_io_error: 9 callbacks suppressed
[ 2478.556529] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2478.578540] loop3: detected capacity change from 0 to 40
[ 2478.589599] loop0: detected capacity change from 0 to 40
15:43:23 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 38)

[ 2478.597711] loop7: detected capacity change from 0 to 40
[ 2478.633299] syz-executor.3: attempt to access beyond end of device
[ 2478.633299] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2478.634290] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2478.641033] loop2: detected capacity change from 0 to 40
[ 2478.644471] syz-executor.7: attempt to access beyond end of device
[ 2478.644471] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2478.645357] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2478.652236] loop5: detected capacity change from 0 to 40
[ 2478.654875] syz-executor.0: attempt to access beyond end of device
[ 2478.654875] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2478.655771] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2478.720470] loop6: detected capacity change from 0 to 40
[ 2478.729710] syz-executor.2: attempt to access beyond end of device
[ 2478.729710] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2478.730857] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2478.733775] syz-executor.1: attempt to access beyond end of device
[ 2478.733775] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2478.734505] syz-executor.5: attempt to access beyond end of device
[ 2478.734505] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2478.734585] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2478.737370] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2478.768071] syz-executor.1: attempt to access beyond end of device
[ 2478.768071] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2478.769142] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2478.811731] syz-executor.6: attempt to access beyond end of device
[ 2478.811731] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2478.812600] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2479.386529] FAT-fs (loop4): Unrecognized mount option "./file0" or missing value
15:43:37 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 35)

15:43:37 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 33)

15:43:37 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
statfs(&(0x7f0000000180)='./file0\x00', &(0x7f00000003c0)=""/4096)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_unix(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x820000, &(0x7f0000000300)={'trans=unix,', {[{@cachetag={'cachetag', 0x3d, ':^'}}, {@debug={'debug', 0x3d, 0x1}}, {@version_L}, {@fscache}, {@access_user}, {@nodevmap}], [{@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'vfat\x00'}}, {@permit_directio}, {@subj_type={'subj_type', 0x3d, '\\:^'}}]}})
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:43:37 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 39)

[ 2493.227602] loop6: detected capacity change from 0 to 40
15:43:37 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 15)

15:43:37 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 17)

15:43:37 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000001700)=[{{&(0x7f0000000000)=@nfc_llcp={0x27, 0x0, 0x1, 0x4, 0x80, 0x1, "0d92fbbe5d101fc1e7335f2c1c1e744aa8bf2d77941a886364f71932a9a51e0774d8ee795de1b06e40664d8f4c6e020587ef3663750394794dd3e7a6fadf4e", 0xc}, 0x80, &(0x7f00000003c0)=[{&(0x7f00000000c0)="d7341f3789d0bab2e0b197e4c3932338d003d584ddf403920233c9a31846a134d3489ae6c46d1b", 0x27}, {&(0x7f0000000180)="000058d8dabc01373dcb84e1c4259103a4822d536a863b80034635b5aa8561535474804f346f10a343702c23d933df8a520b102ffe83e97f5f6a4fea26f0e268415b6886002ff4187225dd62b602711fe97841b245ed5d8239e17f5a625280285f50d1ce1558192d104e7382c7cdff", 0x6f}, {&(0x7f0000000240)="39599e928ce5cb5ac5f96d1d0b3226bf3a601cba942d2aee9091af012b404c95fef5fb5be6186fe774fcaf888ac4057bed15d16ba55fc44662ecaddc6aef7a8bc83f86f14319a21eef9e932550ea93dcc94e9534270f0983f5e9986480cd9a7ae4071a9a71c516c9369ea9de12ec8fd2694f63fb863f94bff35190e0105669", 0x7f}, {&(0x7f00000002c0)="3612320ae748859256d4ba83cc21e710a99e0672594447287672fdc153c38bb7432e9219999102d977f46ff4617c4f753a14404f564ccc3af1fd57bf791ce9e3100dce42d977eedf6661ce99447dcbf569eeddfebc2185f9e6d605ba52d82697a65cb41bef8500fc864c5f4bced15c104eabb83dde224aa102cb472eaf81931c0bfa896ef84638ec45dda6155eec1df93c193185d830f49ed4230d6888bfc237859841b8fda5254aa7b76b278da5decd019489e3a65df076b7ffe5da7520cb7ef75c3b14286ba2ee155cd98b31010628d4a52a7bc1bd80436474377083125c92a16983f0e9c182d62935efd49d44344083e77763a7235b325c06ee32", 0xfc}], 0x4, &(0x7f0000000400)=[@mark={{0x14}}, @timestamping={{0x14, 0x1, 0x25, 0x3}}, @mark={{0x14, 0x1, 0x24, 0x401}}], 0x48}}, {{&(0x7f0000000480)=@l2tp6={0xa, 0x0, 0x4, @local, 0x800, 0x3}, 0x80, &(0x7f0000001640)=[{&(0x7f0000000500)="3d0ee197742e4de30dfdaa4b378aa79c11496086df1c86edd1afeea43daf0d1be111a3c7b66bf2716995983d5cc36d293d3678e4818fa078e64605baaab10153a893f1e77466c421184f03cdfb25c696892cbc8414d8f426641e9ca330d0c78c1c9dcddf256a12202567f8216f1b1c7c259891f0271a1a8fb68c4fc3f145c3667ab0b3dedb08db4c19d6559fce5824ba5e16c2c425b853c83828442b46efe0d6108a4b629ced69bb1458690a6a5aa5ba608af6d687b6ed6070a65e30be72784c3596aedf7a5231d755753c699b39309c6900e74a1c200bbae7cbf4ad9c8cd63422dfde41ec2a2cfc32157524820d597072f95b7002f9b4995c9e4847bb5b1d68c705168c6ecacce10db9100b1fa8b20dce0324aacd12d82cf6fa8c7cb586eda22351de1f7930ad66fd2818ca0939e61f4eecf8eb4c49c2c72bed61ba246c6d0b30af8fbc2ca9051275a799c94662f42fe6c12c83e94dddb9910cb1801c705fdbd6d98208504ecaf27e2398b88c13e1d45a5e7744cd04d173efbfab76ec64850a5a2455b3752101f19471de27e988ec1f1a95a039ded78f28ac64a427fcdea6cf739bf5e50ec7bb1e1066d8c6be63fadb607f83929b883346612ab755286397beebe66326ca268b116ed82f1ef3f5f8108dee945404c4f9e9437c03e248693bc4254ca7453b92d70ba0c24014781a843370370849e3da3f88d5bd46762aaae2ff9beebb18f0465e28d1cd225ba34efc86ecb7efd70e44f401d1e15654405f2c9a8532aa4806ff6fdf1a28a903817e036dbb1ddc1b9d9af9d26196e2e69d8968c5d89fff530cc156767c96df6e42590c6318392870f0a936f18806e23b61b9c0323ec759a1b23630ebb63b58e80ac30d7125375f6125d63c9ca16dc7d568992fc3e6fd262eb0c0763b0887fc0839598ec240d209d6421599e7379a2c89d9eadc94b30c7c14a0a3f9a777af31a04cc37530fc2f1f09be03ee1f3cac09089785ef16782e5ea8fdada958ad5a4b277145e0bc567dd68a41e5b5429dbd9b2164b65c72c041cc6f5ce01112bf991cd13a6c2399dbe811cdfd8e5a1033e4ed870359f195bdbc9aa4364d9654e03fc8b0d0d065438a91c442cfdda6cecf2ffde0ce1b9b311c9a976a2a401c49770e4bf28e71fc969b6c7cc76811ba57ab0fd6459058b2254c9a5fc846c9962be8d6bb65f4f7f9dbbe330f014dc05ab214c5dd9bc95fc1d3692ec5963abd8b44aa981202e413c68e35637126b48a6226e643b80d6ff86630c30356d992d23d3ac5ba37d10e4eb97dafdee973777287a1286a412175a765bf72d08f358047280e8fd16472ebce1ac256df8f65627d5c8ab428304e10ab9f4c097e38705889f66c43d465961b795a4975f0722cacce21981859d1378cf64f3be0ab304bab43d64ab37ce585a950d57707617aab47eb08bd7764c018b0e13c9735d0cd2094b8ad6b770babaceafe355114404e352d6994f87e9894f114688e5129edb78f695aef14a7fe4ef0d6c62b281fb1ee9c2f232960c67af1935bc93621e342b1b859401c5a19ec234f60158b235c54e343a385526be92e4de510d6f794c9794c0047abe92b7f362081e9c5e5ae8b5806d3db2ebe5d2501ed526110ae4cc1e0ab7826246a7d4f8f473a8b7265224e9f1ff4738ba59fd0a7a0d55a7714921dae32f534cee8043807d8847a820a7df99b4080dfb639b115720cc62bab01598aaf81419c926913c60c113a121e1dc48369df5d46942598d90ba9cd304a3c40479c1e23ec22092a2015620a911ab9900ee9817261442a0de5e005bf7085e5888384761a4e4092806da8040cdb261238c755da8c2482d8e91781134331d915ae7f73e84ce3d6c24253c9bf0636f424e5ceff78f9741f9c8dd2431fb2a63238ec6aec204b7d4036e9f9e24c2c007f63110af40faf47b451503f067327a852aa49dff6f81a903ada33aab2df1db5751981268ebc1bdeee7ab85b7d17ee9c84f7024823c33014f778366c71f37cc45ea649b83da71489e07b168c25d4d8923e98b1bcad6865be09b78d768c0d94cd5452d2c52db080b68e81fdc916a2a1e33c5574acbe317b3d6afae34a2774f0d9f23a37bcfcd635ccfeb94f567e1a8032784fe1c7da42723084ceea5211dcb81ceac8eb1f300f969574c432946236d8b2f6da2c609d1f02ba8a53badf4953f18d8b483c6813ead898abcb47a99df615b87a721cb6ffc532151aef1bbe7c172ebc8c228b9ef29f951a056edb9b24014bfd862f0590fe4b243c4b695009b7c8c9037caa404ee497673685fead4db9fafd0e3c1699e2d814a468f41fc85beab35e25dda3be892e2c2584253259cb3fa4f48544c6426fdd1d2676cd0321b7a96eedb5c8ad17b337bff2543d573eb05e044f46fa7f898b6af60054a63a9402b07435ed1e62f5059ff10beb1175a1bcc3721d6bc4e91b4c122df72c9fba0134e9978c67c8ebe1cdb2920caafcc820e5377ad601883efb176774fc59377b08de9db8a6f3989a9d81e7ceb6fdd5239f92f3e7372f307ce59a522643647e78fd396ce6b15abd74d3c7a11efeb8f33b682deb0f7e9d8fe4d2ebea55866a02be9154bad80833d53ff585965d0cc63bb3c926674a4779f9cd6927bc158cb8242f8ef0fe2f9366b6163eef1271ac6867594e300f77394fe8052ec5c4ffe5a8c9066c5651c5d6232174ddeebc64392740dd36496f2ee4373a8b2332727a10fb476786238b46dae8aa299542e7d79245125ad564d75b1420eeb51703d3823c338a265121fd8a04cea90c897e9b1a3db5a5f7799b76d71d87976741ecfeba8146c54420539ce1289384460faa082e0be6a657157e4cd834115fca330490e2a60322323491d9b43e34a7d1f739bf7bfeddd54d082eb3754ae48c49564be94c8cc0b4629a2b9f87b48b810342124ad2dcd2e57b4113dc0ec9edb0312192f81c5b68b3d78590a1dce971d7c6a0cec21f2284245114106e3b0b8183b707cfc8088d90942505db0320673242e5ec9a3653ab017c56c3f026d6e18940e377db0e142c36bc213898830004c597246e41af9c98917310af0a4d677e51953d2bddb3ef7a53165c9bb3619eeb715ac62a16d10795166a2202aa24d6436118b0ba938d0b13deaf63638d2da05e91ca2f04fc9a3bb9c23238740a1bfa9941e442ee61933f8231d46e52644fd4fcfb2b55f07019233ea6781f1060f890676c5ac7b5edc82fa4d8e9c80fbeec398dfdbe767e6bc38237e45b61e3929628fa38b4315d622fc0d0a4176a4fb8a3e9636846814ff63cf5389e35561f5d9dbdf278759d4f543f42fe7b8ce6b02bab697592d891fed42405c65731d4bdbd0a78dd71b0d3de0842be7959002c30b2c8142fa31b2038ee9e7e0562b434b8f8c23a4f98ae277f3ec07ab7297a7a9030d6d7319efe14aa18fa0ccd2072254e24a8029d94a96a10589735079a4f05656ae3569b54908bc2c13ac0b5b507e08303fea917e43ec4ede72c5ebfb945f91201dab73cfa7856a0cd0539747a37fe93730467f04796f8f4c8fc80e482c89e8fc6d0f21ebab6c231abc6cc66c30f0bb8c193330c37874f8862ea291f850dff429ba6d3781196ef099dc45a74b732bf2de61a01597cb3d67a51ee00b6c20bac82e01d9bf6a4443eaff87c6d75769b9106c690c071facf886e4db0be3bfee256aabb3ec55077be844758824a28a5d3a165fc04e07ad45d0c968eb7cb09e98a6665967149ad8543a70c9d84419b4fa6095be42813f9bbed726c213b2b3ebac54e5f588076c6d19bf03ac9119c4c9da5bb8e6c3ea0c5e2cf1fa6a334557581f8f7b5f0019273755a4a39d278b9ba2bec6415d4a5efd71e0b975b8bc9c8514adb0cbb862466db59c92b5e243ad7603c0f09e938d8bb417dddef32aee23270319c70961773092c876c043aa4659412589378a9dc2d4e44b4f7e19fe59a40207d20abbf195f7ea566feb1665a6a7f3f8aa710a96771e93491c2508396a9d739231a964d5b87799224abb7d2148da7c3e8fa7fb79edbb6dddbe733a04237ff9f4ae4eef6559a8dbc9d50c0f88771ef65b41df3b7a24ba532aa3e74720f872623126de260513592de384bdb785a11eeaf644a6df9fcbe6b8261b7a00a3c5e54e5b3b9f6c2fece8b7c403d3c69a81773c97410e4acfd1573ef3c6eeb447a0b0f18d88455e739d5b3339e74cdf4caa8fbada755b5b5c069de04234838527c91f212bb581c16dde9d493f23f4386f909cf2a057e93057ec173fe8981496a1f9ef200dab69f39c0100a5a409188082dbbaf53e256eb953f19119dd6f27c5dd1d96c2e615df8e28c32c8a2d53fbaa2d9a550f5275da3afbdc37762e42bec9892b82a388583b912841eaee3ace8621d88d01e527121ae0952c277c1291c9f80ce9572298c868a458891f971939d18df660e9dc3ae559db08a89a7c443ecd823e3b1917473b35f8f5d75c4b7c8994712366afcde55d19bc87b538f0e910ec52d665ac7b0ba11cc4e1698b410c7a0669887a9d4cb8145c0bc52bf3f854cc8ab8a19665271accabba0eac266eaaec0b544c7c534b4ec7ae951ec1a508890ab0a5cab96b2e4380dbb4b2609166447cb55d6d7bd2d41b9c5b3013ff1e2908065ab65c125478af054deeb85f48845997abc127bbbeb90a596440c7861d6ec2a60372c3d8231304bda0cdc96d18d87f8202b4ed58a94981ac673cc877b0ae7ae6d9b456ca1f69ad033182ad3239ed12c0f8a10d3691966488f6df2ea40602bc19c1b11ffbb414fefe1b8c57d5ceffe2d2e5643e563a7cabd042f6672d7d5ad68743cfd7aa72f1be35a14b610082e0ec3f552328d62f01b1c845dc60147a95579181ddebb0ea31ff8eb1ef650f5e6b4b948e1dabb0d1eafab3ac96b29cd7590f7fa40a9d086481eb0703c1557df7bdcd60cc133fb09cc068f9f825deb8ff411282332c5cceee84622cedb3b877ef888d36b23646d9946162ea606b809928c781be8d591342ba3e0fbaf87b2cfcb6d23cdbdce537c35eebc9bd500db01f8e4c4b385be361e8ad4c314fb7d7ee12c947561f85402d53830d886008fcc4675d5b1d03073a7dfc79d50f037dd51b65c0ffd26f1f3954e3cccfc19643996ec462228537579a9afc569f31de7c82e03f59aa0bc49a448ccaf0e24a5da77f7df8ffac5f1a98b281d52910928b6e7bc993b79aaed221716a2ca9d56788609d279876b1239af8ee4ebb79b769ed696e1e5af2b563edb36a5aed9611441a7f571b9c7b60fd059c9b06f2d37aa35357f51fc233e082d0fdaa7b86e49f7734d20c69ffea4bec8ae2fa4e48d7e3fbaee2fdfd2af46bdab7035692fc8cc3d17bd97568e178c899799998abf34490128fbf41c50bea2531982815d3b08f62526bc6bd9710f50baec7947e8bacea69b875675eb9e68e3928569c986fb533fc03efe4c699831b424206b54ff98871c68e5414cb6d65cda1c7c25064a640c095615a4391c4298ec8f62d156b4ba96c6bd50f750be8b748cbba20f88f5659a550f8962f4418fdae1c500f475e1cbfde059feb2b70dc86c16f2e61cf861b2b2eaaccf9b836f38a3222817896884b898656e8a91b0dcf618599822c3bf614e041ee4050bc9812146dbecf259ec3661ef2950f6f96c72cda9c6e33e279cae1317f8f5af659cf228d2d1a67d6a0d544ee7892c51870431cfcd0c67b41be1bd07d5a89bc317b530277c05c0d6c84ef177d2e8c52936b4e74c74cb46d279735498dee3f43bf1671eeac54e994e592b51e38426a79563d1c2b8eceb27c6adac43f186d5353b09b3617a93790bb5b82f96", 0x1000}, {&(0x7f0000001500)="618f1939d4e890ba889044d0c198de9e4b0eebf9564963d5f50552b73b7607ed05059c5609e7b0bcba4d3025d2eaa952619251d252b7703940416146a780395e6a0a07e0d66d244f43bd54f64b19fbd6665a8e7ffd839d1de6235ac4d8295002dbe4acec39cb47a048190b1eb6c085957ed2c3289c231840ac0d9c6d6f27b8f83bccce39cc76bce7973696a1b9e66f13cf2b6df14c01c76fb7", 0x99}, {&(0x7f00000015c0)="ba00a52020ab9622352da27cbec99480af1fec3e01b35a5a7db93ae046164200cc74a34b47715af99bdf53d3439c0c6dfdcad8e72a6c1ea76eae02849c9f9b29e381cf881929ba43634128ce7ca928", 0x4f}], 0x3, &(0x7f0000001680)=[@timestamping={{0x14, 0x1, 0x25, 0x8a}}, @txtime={{0x18, 0x1, 0x3d, 0x8}}, @timestamping={{0x14, 0x1, 0x25, 0x7fff}}], 0x48}}], 0x2, 0x48840)
setxattr$incfs_id(&(0x7f0000001780)='./file0/file0\x00', &(0x7f00000017c0), &(0x7f0000001800)={'0000000000000000000000000000000', 0x32}, 0x20, 0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x208181, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = dup(r1)
clock_gettime(0x0, &(0x7f0000001880)={<r3=>0x0, <r4=>0x0})
futimesat(r2, &(0x7f0000001840)='./file0/file0\x00', &(0x7f00000018c0)={{r3, r4/1000+60000}, {0x0, 0xea60}})
sendfile(r1, r0, 0x0, 0xfffffdef)

15:43:37 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 17)

[ 2493.253321] loop4: detected capacity change from 0 to 40
[ 2493.259824] loop3: detected capacity change from 0 to 40
[ 2493.263480] loop5: detected capacity change from 0 to 40
[ 2493.279620] FAULT_INJECTION: forcing a failure.
[ 2493.279620] name failslab, interval 1, probability 0, space 0, times 0
[ 2493.281343] CPU: 0 PID: 10736 Comm: syz-executor.6 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2493.282202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2493.283061] Call Trace:
[ 2493.283342]  <TASK>
[ 2493.283593]  dump_stack_lvl+0xc1/0xf0
[ 2493.284036]  should_fail_ex+0x4b4/0x5b0
[ 2493.284535]  ? fat_cache_add.part.0+0x5b4/0xb50
[ 2493.285191]  should_failslab+0x9/0x20
[ 2493.285731]  kmem_cache_alloc+0x5a/0x390
[ 2493.286297]  fat_cache_add.part.0+0x5b4/0xb50
[ 2493.286919]  fat_get_cluster+0x922/0xd40
[ 2493.287495]  ? __pfx_fat_get_cluster+0x10/0x10
[ 2493.288167]  fat_get_mapped_cluster+0x216/0x4a0
[ 2493.288832]  ? __pfx_fat_get_mapped_cluster+0x10/0x10
[ 2493.289569]  fat_bmap+0x1fc/0x460
[ 2493.290081]  fat_get_block+0x33e/0x9f0
[ 2493.290649]  ? __pfx_fat_get_block+0x10/0x10
[ 2493.291289]  __block_write_begin_int+0x3f5/0x1530
[ 2493.291955]  ? __pfx_fat_get_block+0x10/0x10
[ 2493.292581]  ? folio_wait_stable+0x96/0xe0
[ 2493.293131]  ? __pfx___block_write_begin_int+0x10/0x10
[ 2493.293745]  ? __pfx_fat_get_block+0x10/0x10
[ 2493.294234]  block_write_begin+0xb9/0x450
[ 2493.294732]  cont_write_begin+0x4fe/0x700
[ 2493.295186]  ? wb_wakeup_delayed+0x66/0xf0
[ 2493.295679]  ? __pfx_fat_get_block+0x10/0x10
[ 2493.296166]  ? __pfx_cont_write_begin+0x10/0x10
[ 2493.296690]  ? lock_release+0x1e3/0x680
[ 2493.297151]  fat_write_begin+0x89/0x180
[ 2493.297602]  ? __pfx_fat_get_block+0x10/0x10
[ 2493.298103]  generic_perform_write+0x25a/0x580
[ 2493.298612]  ? __pfx_generic_perform_write+0x10/0x10
[ 2493.299162]  ? __pfx_fat_update_time+0x10/0x10
[ 2493.299676]  ? __pfx_file_update_time+0x10/0x10
[ 2493.300186]  ? generic_write_checks+0x2c0/0x400
[ 2493.300717]  __generic_file_write_iter+0x308/0x4b0
[ 2493.301265]  ? do_sendfile+0xb1d/0x12b0
[ 2493.301707]  ? __x64_sys_sendfile64+0x1d5/0x210
[ 2493.302214]  ? do_syscall_64+0x3f/0x90
[ 2493.302641]  generic_file_write_iter+0xe7/0x350
[ 2493.303162]  do_iter_readv_writev+0x211/0x3c0
[ 2493.303652]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 2493.304193]  ? avc_policy_seqno+0x9/0x20
[ 2493.304642]  ? security_file_permission+0xb5/0xe0
[ 2493.305188]  do_iter_write+0x189/0x7e0
[ 2493.305623]  ? __kmem_cache_alloc_node+0x1bc/0x310
[ 2493.306168]  ? kasan_set_track+0x25/0x30
[ 2493.306620]  vfs_iter_write+0x74/0xb0
[ 2493.307046]  iter_file_splice_write+0x73f/0xcb0
[ 2493.307577]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2493.308139]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2493.308731]  ? inode_security+0x105/0x140
[ 2493.309213]  ? security_file_permission+0xb5/0xe0
[ 2493.309732]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2493.310283]  direct_splice_actor+0x113/0x180
[ 2493.310776]  splice_direct_to_actor+0x33a/0x8c0
[ 2493.311292]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2493.311823]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2493.312374]  ? security_file_permission+0xb5/0xe0
[ 2493.312892]  do_splice_direct+0x1bc/0x290
[ 2493.313358]  ? __pfx_do_splice_direct+0x10/0x10
[ 2493.313877]  ? lock_is_held_type+0x9f/0x120
[ 2493.314357]  do_sendfile+0xb1d/0x12b0
[ 2493.314788]  ? __pfx_do_sendfile+0x10/0x10
[ 2493.315262]  __x64_sys_sendfile64+0x1d5/0x210
[ 2493.315750]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2493.316290]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2493.316843]  do_syscall_64+0x3f/0x90
[ 2493.317254]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2493.317795] RIP: 0033:0x7f746e5b1b19
[ 2493.318187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2493.320007] RSP: 002b:00007f746bb27188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2493.320783] RAX: ffffffffffffffda RBX: 00007f746e6c4f60 RCX: 00007f746e5b1b19
[ 2493.321516] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2493.322239] RBP: 00007f746bb271d0 R08: 0000000000000000 R09: 0000000000000000
[ 2493.322966] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2493.323698] R13: 00007ffcd6c9647f R14: 00007f746bb27300 R15: 0000000000022000
[ 2493.324453]  </TASK>
[ 2493.326394] loop0: detected capacity change from 0 to 40
[ 2493.329436] loop7: detected capacity change from 0 to 40
[ 2493.331006] loop1: detected capacity change from 0 to 40
[ 2493.331004] loop2: detected capacity change from 0 to 40
[ 2493.376511] syz-executor.3: attempt to access beyond end of device
[ 2493.376511] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2493.377894] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2493.383763] syz-executor.5: attempt to access beyond end of device
[ 2493.383763] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2493.385146] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2493.399905] syz-executor.2: attempt to access beyond end of device
[ 2493.399905] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2493.401289] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2493.414950] syz-executor.0: attempt to access beyond end of device
[ 2493.414950] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2493.416079] syz-executor.7: attempt to access beyond end of device
[ 2493.416079] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2493.416315] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2493.417361] Buffer I/O error on dev loop7, logical block 10, lost async page write
15:43:37 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 36)

15:43:37 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 16)

15:43:37 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 18)

15:43:38 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3000001, 0x2010, 0xffffffffffffffff, 0xd759a000)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:43:38 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 34)

15:43:38 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 18)

[ 2493.513321] loop3: detected capacity change from 0 to 40
[ 2493.522229] syz-executor.6: attempt to access beyond end of device
[ 2493.522229] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2493.523476] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2493.525029] loop5: detected capacity change from 0 to 40
[ 2493.584124] loop0: detected capacity change from 0 to 40
[ 2493.587408] loop2: detected capacity change from 0 to 40
[ 2493.593104] loop1: detected capacity change from 0 to 40
[ 2493.600255] syz-executor.3: attempt to access beyond end of device
[ 2493.600255] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2493.601477] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2493.602792] syz-executor.5: attempt to access beyond end of device
[ 2493.602792] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2493.603963] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:43:38 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 40)

[ 2493.619888] loop7: detected capacity change from 0 to 40
15:43:38 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 37)

[ 2493.707767] syz-executor.2: attempt to access beyond end of device
[ 2493.707767] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2493.709104] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2493.710146] syz-executor.1: attempt to access beyond end of device
[ 2493.710146] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2493.711273] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2493.735608] loop6: detected capacity change from 0 to 40
15:43:38 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 17)

[ 2493.783405] loop5: detected capacity change from 0 to 40
15:43:38 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 19)

[ 2493.884881] loop3: detected capacity change from 0 to 40
[ 2493.910189] loop2: detected capacity change from 0 to 40
15:43:53 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 35)

15:43:53 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 18)

15:43:54 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2509.469996] loop5: detected capacity change from 0 to 40
[ 2509.478962] loop6: detected capacity change from 0 to 40
15:43:54 executing program 4:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000240)=<r1=>0x0)
r2 = dup(r0)
perf_event_open(&(0x7f0000000300)={0x3, 0x80, 0x5, 0x1f, 0x1, 0x8, 0x0, 0x80, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x3dd973f70b0c4217, @perf_bp={&(0x7f00000001c0), 0x6}, 0x0, 0x101, 0x0, 0x5, 0x1000, 0x5, 0x1000, 0x0, 0x3, 0x0, 0x10000}, r1, 0x7, r2, 0xb)
chdir(&(0x7f0000000140)='./file0\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r4, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000000)=@sr0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0)='ufs\x00', 0x2900000, &(0x7f0000000180)='&+\x00')
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r4, r3, 0x0, 0xfffffdef)

15:43:54 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 19)

15:43:54 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 41)

15:43:54 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 38)

15:43:54 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 20)

[ 2509.497449] loop1: detected capacity change from 0 to 40
[ 2509.503709] loop4: detected capacity change from 0 to 40
[ 2509.521532] loop2: detected capacity change from 0 to 40
[ 2509.524758] bio_check_eod: 6 callbacks suppressed
[ 2509.524792] syz-executor.5: attempt to access beyond end of device
[ 2509.524792] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2509.526036] buffer_io_error: 6 callbacks suppressed
[ 2509.526044] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2509.533194] syz-executor.6: attempt to access beyond end of device
[ 2509.533194] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2509.534165] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2509.546398] loop0: detected capacity change from 0 to 40
[ 2509.549560] loop3: detected capacity change from 0 to 40
[ 2509.550604] loop7: detected capacity change from 0 to 40
[ 2509.562271] syz-executor.2: attempt to access beyond end of device
[ 2509.562271] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2509.563260] Buffer I/O error on dev loop2, logical block 10, lost async page write
15:43:54 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 19)

15:43:54 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 42)

15:43:54 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 21)

[ 2509.636845] syz-executor.0: attempt to access beyond end of device
[ 2509.636845] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2509.637755] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2509.654321] syz-executor.3: attempt to access beyond end of device
[ 2509.654321] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2509.656065] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2509.657174] loop6: detected capacity change from 0 to 40
[ 2509.657388] syz-executor.7: attempt to access beyond end of device
[ 2509.657388] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2509.659289] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2509.659969] loop2: detected capacity change from 0 to 40
[ 2509.661606] loop5: detected capacity change from 0 to 40
15:43:54 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 36)

15:43:54 executing program 1:
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000240)={'ip6_vti0\x00', &(0x7f0000000180)={'syztnl2\x00', <r0=>0x0, 0x29, 0x3f, 0x9, 0x7fffffff, 0x64, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, @ipv4={'\x00', '\xff\xff', @local}, 0x7800, 0x0, 0x4, 0x300000}})
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000300)={'ip6_vti0\x00', &(0x7f0000000280)={'syztnl0\x00', r0, 0x4, 0x1, 0x0, 0x0, 0x13, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8000, 0x8000, 0x0, 0x800}})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendmmsg$inet(r1, &(0x7f0000000680)=[{{&(0x7f0000000340)={0x2, 0x4e20, @local}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000380)="4497f18c4740cf9d8e484442ed0788a2bc902ed46b4d9896b8c4a10344bdb5a6d0253090a515b1eb918f0842a8b624e6216161798fae4de220bdc044a949501eb4e9aadd55498076a7410e62ea097589529ea6c100d5d09a65ed8173812e17e0192a9275117d0c8fb1", 0x69}, {&(0x7f0000000400)="aca17f182b0a8cd7f57ece45b9e282e5388d1ad59613e4e8aca73ef070413376877e4b18db765f4673fa47c45c72990cd67107d9d1f5d0c6ccc93d775fbfdce5b73a888c4985cd1282be8da6c18ba4b03a3aacbfe8439cdae590bf988909ef0eb74626d24f4a5ee7ade846e5e2dbd4ba6990baf3bbf151b451d0bb4afc51d76d5f53bb1ef1d41ed3ce7f8b66ec1e5f1571ce7f5885efcf1e669cdf6cad6c9c4d0f9e2ac303908d347f5b261d3ac76853313bafcdfa83900ff2bd581d10f48cb2de8187b144695d4479d92c1c86dce59c28272eb8fe7b7f87ced104f3a842ae285d30ad98ba22420df588be43d3e17e8693af06090b3a05eb7687ea2126d47d", 0xff}, {&(0x7f0000000500)="1e8bcccf7ef3183345afa3ff3506f57a55499ab15f6f7a9bbff9e814", 0x1c}], 0x3, &(0x7f0000000580)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7d}}, @ip_ttl={{0x14, 0x0, 0x2, 0xffffff03}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x1}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xfffffff9}}, @ip_retopts={{0x28, 0x0, 0x7, {[@timestamp_addr={0x44, 0xc, 0xe4, 0x1, 0x5, [{@empty, 0x52}]}, @lsrr={0x83, 0xb, 0x70, [@broadcast, @dev={0xac, 0x14, 0x14, 0x22}]}]}}}, @ip_tos_u8={{0x11}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_ttl={{0x14, 0x0, 0x2, 0xadb1}}, @ip_retopts={{0x30, 0x0, 0x7, {[@rr={0x7, 0x1f, 0x63, [@multicast1, @multicast2, @multicast2, @loopback, @empty, @multicast2, @empty]}]}}}], 0x100}}], 0x1, 0x44000)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x160)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0xfffffdef)
lsetxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f00000000c0)=@sha1={0x1, "8126eccadc993147064be8d30ebc3cb7baedcb95"}, 0x15, 0x2)

[ 2509.721346] syz-executor.5: attempt to access beyond end of device
[ 2509.721346] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2509.722276] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2509.728386] syz-executor.2: attempt to access beyond end of device
[ 2509.728386] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2509.729282] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2509.731321] syz-executor.4: attempt to access beyond end of device
[ 2509.731321] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2509.731659] syz-executor.6: attempt to access beyond end of device
[ 2509.731659] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2509.732934] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2509.733707] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:43:54 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 39)

[ 2509.765172] loop0: detected capacity change from 0 to 40
15:43:54 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 20)

15:43:54 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 20)

15:43:54 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 22)

[ 2509.802600] loop1: detected capacity change from 0 to 40
[ 2509.843876] loop2: detected capacity change from 0 to 40
[ 2509.868276] loop3: detected capacity change from 0 to 40
[ 2509.903931] loop7: detected capacity change from 0 to 40
[ 2509.911498] FAULT_INJECTION: forcing a failure.
[ 2509.911498] name failslab, interval 1, probability 0, space 0, times 0
[ 2509.912357] CPU: 1 PID: 10820 Comm: syz-executor.3 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2509.912891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2509.913441] Call Trace:
[ 2509.913620]  <TASK>
[ 2509.913781]  dump_stack_lvl+0xc1/0xf0
[ 2509.914063]  should_fail_ex+0x4b4/0x5b0
[ 2509.914359]  ? fat_cache_add.part.0+0x5b4/0xb50
[ 2509.914681]  should_failslab+0x9/0x20
[ 2509.914950]  kmem_cache_alloc+0x5a/0x390
[ 2509.915241]  fat_cache_add.part.0+0x5b4/0xb50
[ 2509.915555]  fat_get_cluster+0x922/0xd40
[ 2509.915847]  ? __pfx_fat_get_cluster+0x10/0x10
[ 2509.916176]  fat_get_mapped_cluster+0x216/0x4a0
[ 2509.916506]  ? __pfx_fat_get_mapped_cluster+0x10/0x10
[ 2509.916871]  fat_bmap+0x1fc/0x460
[ 2509.917123]  fat_get_block+0x33e/0x9f0
[ 2509.917418]  ? __pfx_fat_get_block+0x10/0x10
[ 2509.917744]  __block_write_begin_int+0x3f5/0x1530
[ 2509.918088]  ? __pfx_fat_get_block+0x10/0x10
[ 2509.918404]  ? folio_wait_stable+0x96/0xe0
[ 2509.918709]  ? __pfx___block_write_begin_int+0x10/0x10
[ 2509.919088]  ? __pfx_fat_get_block+0x10/0x10
[ 2509.919401]  block_write_begin+0xb9/0x450
[ 2509.919696]  cont_write_begin+0x4fe/0x700
[ 2509.919979]  ? wb_wakeup_delayed+0x66/0xf0
[ 2509.920277]  ? __pfx_fat_get_block+0x10/0x10
[ 2509.920590]  ? __pfx_cont_write_begin+0x10/0x10
[ 2509.920900]  ? lock_release+0x1e3/0x680
[ 2509.921203]  fat_write_begin+0x89/0x180
[ 2509.921483]  ? __pfx_fat_get_block+0x10/0x10
[ 2509.921807]  generic_perform_write+0x25a/0x580
[ 2509.922136]  ? __pfx_generic_perform_write+0x10/0x10
[ 2509.922477]  ? __pfx_fat_update_time+0x10/0x10
[ 2509.922819]  ? __pfx_file_update_time+0x10/0x10
[ 2509.923140]  ? generic_write_checks+0x2c0/0x400
[ 2509.923492]  __generic_file_write_iter+0x308/0x4b0
[ 2509.923837]  ? do_sendfile+0xb1d/0x12b0
[ 2509.924115]  ? __x64_sys_sendfile64+0x1d5/0x210
[ 2509.924434]  ? do_syscall_64+0x3f/0x90
[ 2509.924707]  generic_file_write_iter+0xe7/0x350
[ 2509.925034]  do_iter_readv_writev+0x211/0x3c0
[ 2509.925363]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 2509.925703]  ? avc_policy_seqno+0x9/0x20
[ 2509.925988]  ? security_file_permission+0xb5/0xe0
[ 2509.926337]  do_iter_write+0x189/0x7e0
[ 2509.926604]  ? __kmem_cache_alloc_node+0x1bc/0x310
[ 2509.926963]  ? kasan_set_track+0x25/0x30
[ 2509.927253]  vfs_iter_write+0x74/0xb0
[ 2509.927528]  iter_file_splice_write+0x73f/0xcb0
[ 2509.927867]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2509.928242]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2509.928606]  ? inode_security+0x105/0x140
[ 2509.928924]  ? security_file_permission+0xb5/0xe0
[ 2509.929263]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2509.929645]  direct_splice_actor+0x113/0x180
[ 2509.929971]  splice_direct_to_actor+0x33a/0x8c0
[ 2509.930308]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2509.930674]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2509.931052]  ? security_file_permission+0xb5/0xe0
[ 2509.931397]  do_splice_direct+0x1bc/0x290
[ 2509.931703]  ? __pfx_do_splice_direct+0x10/0x10
[ 2509.932049]  ? lock_is_held_type+0x9f/0x120
[ 2509.932371]  do_sendfile+0xb1d/0x12b0
[ 2509.932656]  ? __pfx_do_sendfile+0x10/0x10
[ 2509.932972]  __x64_sys_sendfile64+0x1d5/0x210
[ 2509.933317]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2509.933680]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2509.934052]  do_syscall_64+0x3f/0x90
[ 2509.934320]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2509.934690] RIP: 0033:0x7fe051d4ab19
[ 2509.934956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2509.936188] RSP: 002b:00007fe04f2c0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2509.936710] RAX: ffffffffffffffda RBX: 00007fe051e5df60 RCX: 00007fe051d4ab19
[ 2509.937203] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2509.937703] RBP: 00007fe04f2c01d0 R08: 0000000000000000 R09: 0000000000000000
[ 2509.938189] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2509.938678] R13: 00007ffe399a466f R14: 00007fe04f2c0300 R15: 0000000000022000
[ 2509.939174]  </TASK>
15:44:09 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:44:09 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 23)

15:44:09 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 21)

15:44:09 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 37)

15:44:09 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 43)

15:44:09 executing program 4:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000000)={0x2, [0x0, 0x0]})

15:44:09 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 40)

[ 2524.740280] loop3: detected capacity change from 0 to 40
[ 2524.741768] loop1: detected capacity change from 0 to 40
15:44:09 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x450000, 0x171}, 0x18)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x100, 0x100)
syz_io_uring_complete(0x0)
r1 = openat(r0, &(0x7f00000000c0)='./file0\x00', 0x101002, 0x2ae)
syz_mount_image$tmpfs(&(0x7f00000001c0), &(0x7f0000000240)='./file1\x00', 0xa3d, 0x3, &(0x7f00000004c0)=[{&(0x7f0000000280)="68293ebcd3a064efa0861b1a758f4b6966190485fa050df30deb45788b310b28cc511b2f67dee9b64f8a60c35db8cf68f61f694d32c0c382f19db32d96d8155a19e1e2da064a9c82bde12de574e26014f56a55a73de94c452a48012e912c2e97737ab5425c7d08590f42d9fc34e6a5b325476b05ecd360f12a84f8c022ba262365d2b57f6cd89e81bd6dd761b8641e61f9db1cda595545f3a1280d9b647fea0e149659b53d031bda36ff8856c4cb41d93bdc5c9193ea2efab33504e9685963fd1264dc04bd79546cf6f21d664685bb43fe3dc4d73058ced407c7b28ea0c7940011a6ee6d992086f6847b6fa384b4", 0xee, 0x1f}, {&(0x7f0000000380)="1de8f0dc71dda9e7f9317cb41a9a5306ced5d74de5946a83fb8db3385fdf526543e2715dedf0fcabcc919da436af79aea6bb9f420674d1016c84aa41955071d7", 0x40, 0x5}, {&(0x7f00000003c0)="0b077f8466539edf3528fd48cbde297b5130e18f8eb0efac8c3cf0ef0fd84e0274bfafeaab68f93fa58339d218e93d692012534f26753a3dafbfeb53142bdf7e7dafaba4fbd3437ff4df3ebb3b65290f38b9f6a1ae3c185e074a2f46bc9c8706f135866669382c1cef7f0212601cb90765b1e6d66b25792db5193b590752759b0bec1c199a76f309952b25a152cc6849100c5561221ce91df4b54ed0ec3fb1c70011cc28901012e8f30a6b1b411052da5f1443aac566bca4d99266a8fa8a415eb99f2887880822811707a836993cecc616d6e7708f9cb802c6484c6845995ab22977e8b47c9399de478868473c7c8422f660598e453742abec280550", 0xfc, 0xff}], 0x3034000, &(0x7f0000000540)={[{@nr_inodes={'nr_inodes', 0x3d, [0x78, 0x37, 0x34, 0x39, 0x35, 0x35]}}, {@mode={'mode', 0x3d, 0x8c}}, {@huge_within_size}, {@mode={'mode', 0x3d, 0x9}}, {@uid={'uid', 0x3d, 0xee01}}, {@huge_advise}], [{@pcr={'pcr', 0x3d, 0x26}}, {@smackfshat={'smackfshat', 0x3d, 'vfat\x00'}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '*'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '(@[{'}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@hash}, {@uid_gt}]})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2524.760359] loop2: detected capacity change from 0 to 40
[ 2524.776165] loop0: detected capacity change from 0 to 40
[ 2524.783213] loop7: detected capacity change from 0 to 40
[ 2524.783924] bio_check_eod: 6 callbacks suppressed
[ 2524.783935] syz-executor.3: attempt to access beyond end of device
[ 2524.783935] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2524.783956] buffer_io_error: 6 callbacks suppressed
[ 2524.783963] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2524.791144] loop6: detected capacity change from 0 to 40
[ 2524.799659] loop5: detected capacity change from 0 to 40
[ 2524.808966] loop4: detected capacity change from 0 to 40
15:44:09 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
socketpair(0x2c, 0x4, 0x3fe, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$AUTOFS_IOC_PROTOVER(r2, 0x80049363, &(0x7f0000000040))

[ 2524.830832] syz-executor.0: attempt to access beyond end of device
[ 2524.830832] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2524.831739] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:44:09 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 41)

[ 2524.844749] syz-executor.6: attempt to access beyond end of device
[ 2524.844749] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2524.845595] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2524.857229] FAULT_INJECTION: forcing a failure.
[ 2524.857229] name failslab, interval 1, probability 0, space 0, times 0
[ 2524.858817] CPU: 1 PID: 10844 Comm: syz-executor.7 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2524.859860] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2524.860902] Call Trace:
[ 2524.861257]  <TASK>
[ 2524.861582]  dump_stack_lvl+0xc1/0xf0
[ 2524.862122]  should_fail_ex+0x4b4/0x5b0
[ 2524.862680]  should_failslab+0x9/0x20
[ 2524.863213]  __kmem_cache_alloc_node+0x5b/0x310
[ 2524.863851]  ? iter_file_splice_write+0x169/0xcb0
[ 2524.864525]  ? iter_file_splice_write+0x169/0xcb0
[ 2524.865181]  __kmalloc+0x4a/0x160
[ 2524.865692]  iter_file_splice_write+0x169/0xcb0
[ 2524.866375]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2524.867089]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2524.867826]  ? inode_security+0x105/0x140
[ 2524.868431]  ? security_file_permission+0xb5/0xe0
[ 2524.869096]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2524.869833]  direct_splice_actor+0x113/0x180
[ 2524.870458]  splice_direct_to_actor+0x33a/0x8c0
[ 2524.871117]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2524.871783]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2524.872504]  ? security_file_permission+0xb5/0xe0
[ 2524.873177]  do_splice_direct+0x1bc/0x290
[ 2524.873785]  ? __pfx_do_splice_direct+0x10/0x10
[ 2524.874453]  ? lock_is_held_type+0x9f/0x120
[ 2524.875067]  do_sendfile+0xb1d/0x12b0
[ 2524.875427] loop1: detected capacity change from 0 to 40
[ 2524.875605]  ? __pfx_do_sendfile+0x10/0x10
[ 2524.876567]  __x64_sys_sendfile64+0x1d5/0x210
[ 2524.877202]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2524.877904]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2524.878637]  do_syscall_64+0x3f/0x90
[ 2524.879151]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2524.879849] RIP: 0033:0x7f7050f93b19
[ 2524.880359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2524.882731] RSP: 002b:00007f704e509188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2524.883737] RAX: ffffffffffffffda RBX: 00007f70510a6f60 RCX: 00007f7050f93b19
[ 2524.884674] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2524.885626] RBP: 00007f704e5091d0 R08: 0000000000000000 R09: 0000000000000000
[ 2524.886571] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
15:44:09 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 38)

[ 2524.887508] R13: 00007ffeb40769df R14: 00007f704e509300 R15: 0000000000022000
[ 2524.888638]  </TASK>
[ 2524.888943] loop3: detected capacity change from 0 to 40
15:44:09 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 44)

[ 2524.919495] syz-executor.2: attempt to access beyond end of device
[ 2524.919495] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2524.920760] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2524.925040] syz-executor.5: attempt to access beyond end of device
[ 2524.925040] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2524.926370] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2524.938458] syz-executor.4: attempt to access beyond end of device
[ 2524.938458] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2524.940007] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2524.941059] syz-executor.1: attempt to access beyond end of device
[ 2524.941059] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2524.941945] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2524.949606] syz-executor.3: attempt to access beyond end of device
[ 2524.949606] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2524.950519] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2524.966850] syz-executor.4: attempt to access beyond end of device
[ 2524.966850] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2524.967007] loop0: detected capacity change from 0 to 40
[ 2524.968226] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2524.974854] loop6: detected capacity change from 0 to 40
15:44:09 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 24)

15:44:09 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 42)

15:44:09 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 22)

15:44:09 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x41)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})

[ 2525.025585] syz-executor.6: attempt to access beyond end of device
[ 2525.025585] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2525.026909] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2525.071074] loop2: detected capacity change from 0 to 40
[ 2525.079517] loop7: detected capacity change from 0 to 40
15:44:09 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 39)

[ 2525.086608] loop3: detected capacity change from 0 to 40
15:44:09 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r0, &(0x7f00000001c0)=[{{&(0x7f0000000000)=@abs, 0x6e, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/52, 0x34}, {&(0x7f0000000300)=""/196, 0xc4}, {&(0x7f0000000400)=""/172, 0xac}, {&(0x7f00000004c0)=""/176, 0xb0}], 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=<r2=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="18000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="28000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="14000000000000000100000001000000", @ANYRES32, @ANYBLOB="00000000d0f115c0e59fb94d4e7a1e90af25c8c781df7f8b1765525524d678ab6200432e5811d03cb4a1db50e1af95bd5802681c8354b22638bc1d63302cebec4858672dc0d84f7a5512afc2f0112b61a63d48d384e5c99e98e65d82e35dd95668a4297cd3403ef5d31b17d278d4e529a9d4cae02544a7b0102a64f17946a576558a0fdcc132cf551ea3dc1d984d50012c70e7b57331016168526443a5eb562b82e9ede4d68ea9ace21787fc5974d58ded5bf4023703e774e482a71b5d7d17a40c707d78cd3e08fa438a598948f7b0bb1c8085b770"], 0x148}}], 0x1, 0x40000040, 0x0)
inotify_add_watch(r2, &(0x7f0000000240)='./file0\x00', 0x46000685)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:44:09 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 45)

[ 2525.127748] loop5: detected capacity change from 0 to 40
[ 2525.133481] loop4: detected capacity change from 0 to 40
[ 2525.165171] FAULT_INJECTION: forcing a failure.
[ 2525.165171] name failslab, interval 1, probability 0, space 0, times 0
[ 2525.166180] CPU: 0 PID: 10865 Comm: syz-executor.7 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2525.166838] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2525.167413] Call Trace:
[ 2525.167594]  <TASK>
[ 2525.167760]  dump_stack_lvl+0xc1/0xf0
[ 2525.168043]  should_fail_ex+0x4b4/0x5b0
[ 2525.168349]  should_failslab+0x9/0x20
[ 2525.168639]  __kmem_cache_alloc_node+0x5b/0x310
[ 2525.168990]  ? iter_file_splice_write+0x169/0xcb0
[ 2525.169340]  ? iter_file_splice_write+0x169/0xcb0
[ 2525.169679]  __kmalloc+0x4a/0x160
[ 2525.169949]  iter_file_splice_write+0x169/0xcb0
[ 2525.170289]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2525.170664]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2525.171061]  ? inode_security+0x105/0x140
[ 2525.171383]  ? security_file_permission+0xb5/0xe0
[ 2525.171717]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2525.172070]  direct_splice_actor+0x113/0x180
[ 2525.172384]  splice_direct_to_actor+0x33a/0x8c0
[ 2525.172712]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2525.173054]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2525.173424]  ? security_file_permission+0xb5/0xe0
[ 2525.173766]  do_splice_direct+0x1bc/0x290
[ 2525.174054]  ? __pfx_do_splice_direct+0x10/0x10
[ 2525.174386]  ? lock_is_held_type+0x9f/0x120
[ 2525.174690]  do_sendfile+0xb1d/0x12b0
[ 2525.174964]  ? __pfx_do_sendfile+0x10/0x10
[ 2525.175267]  __x64_sys_sendfile64+0x1d5/0x210
[ 2525.175591]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2525.175940]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2525.176304]  do_syscall_64+0x3f/0x90
[ 2525.176570]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2525.176919] RIP: 0033:0x7f7050f93b19
[ 2525.177172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2525.178357] RSP: 002b:00007f704e509188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2525.178846] RAX: ffffffffffffffda RBX: 00007f70510a6f60 RCX: 00007f7050f93b19
[ 2525.179320] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2525.179788] RBP: 00007f704e5091d0 R08: 0000000000000000 R09: 0000000000000000
[ 2525.180250] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2525.180716] R13: 00007ffeb40769df R14: 00007f704e509300 R15: 0000000000022000
[ 2525.181196]  </TASK>
[ 2525.237044] loop0: detected capacity change from 0 to 40
[ 2525.250401] loop6: detected capacity change from 0 to 40
15:44:22 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 25)

15:44:22 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
setxattr$trusted_overlay_nlink(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000180)={'L-', 0x720c7bc4}, 0x16, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
r2 = timerfd_create(0x1, 0x80800)
sendfile(r0, r2, &(0x7f0000000000)=0x8, 0x7)
pipe2(&(0x7f00000001c0)={<r3=>0xffffffffffffffff}, 0x89ab473967b0fcc2)
fcntl$setflags(r3, 0x2, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r6 = openat(r5, &(0x7f0000001240)='./file1\x00', 0x113042, 0x0)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$BTRFS_IOC_SUBVOL_CREATE(r4, 0x5000940e, &(0x7f0000000240)={{r6}, "e7a483f9094543ea3be87996d6dab9225b1e32c948955cfcb827b3f4eb494cab1783b98e56c91f88991f109184a320adfb1cff7af49a61e58521355bd6b84f532ce630b1712458b96a60d17f179cefc6aafab972bebb6b9f1da80c0755eefba124c4288489219ba32aad6e769478b38f566ff21773c105087f33cd0f6945c40253830166cf4eccff133e4dca791ce2c4ca93cf11ed060595776b1b52e1310a7c03e4ee4aa1619e79c306c4d852d0a388f4303c0ffb6afe88f1be347ce932f14e4c7b86006f2340c01c80fe778c0f1ae3705d76befd7533380b8f457e22b67d1bcda5c41b8815a162774d65b07db54294bc9adfb4cd12a50c66bfff4b19f3116f230bee0b67caf6a25719c237157af8a26a99ec0b38f99dbb53a6c9a6aeb16d0a1bbdb093082ff943e150905408ba9bc8a579a2e18463f4704d3209f8b297e4b574b65da42df1b3e3dfa88579270bbfcb7695ed7f16bdd3212ca3144401fa6e66f837a07c0eb65e86180403a46c959795b7570d1dbb9e3a126f2f1af24949eb02472f3a5580427cf6dcf7f89eeb0ae94b5c02f48e506c002473570eb096f5df416cee487c472955d210576d1714b76d087011c4d347870f6a059f212b6561df052a4014808cae2a08b15ccdf77918aa6e8485a98842ecb2777550d3879b23ae135e859d02f499e7581969bb2258eb35c7d3c3ea657d44ea56cfe73d712cfe446a6c5af568d728274b09fc14361fd85301a7266c9ba0fa23145dc504a7477fe89303d8613ad60dc265498bf5e99fd305566eade3724b69769a59045bf83ef1d8ca648c2e0b73778e47f821eed8efa19ec92435ee4d0a789b544ff952b5427066a76ffa8ff7c55aa70e09a53aea1ebb1cca842b00e9126ab317aeccf9efedb940af1870e563e7db27d43280c09f956af7e61f46aa2ff0e22702171252cf563b5e16318db366b2a9256a8545d7254c85bc8a3b26610738b3c9727a1d5fc3050f5992cd98954df5e22a39187315b6a418f036741d57874291b7a93c7e6c363c3e1bfdf286ec78d60fecc6b5c31b4ca47de779a72d968a09fa2f5fc334bb9c54636738acc10d8bc71cbdae5c93c08f42cf87389aa86af1d2d6b019093d79fd6810269f7d2d26dbbfe0ba40945c3c91b6626359f179965eaf0945cdf48f0918a01defd2fc32c96b87edcbede7beb4d9ae818695654341fc1d1883f407f86d08cc0011c1d412405617001bf26e1131682f3a12d0405c05c7f06215fbb5d34ce99b8cc5378734be09180cae95673e2001a98982e628ba5169c7db4b75073b787336791f6c9d7cebd720a4c506aa9d8b7ada1606d4ac1f0cca2485ca510e9989d820bbebb5c1dca270be973ae1777ec1cc589da510eadab650ec2ff59a6833655f008f1b3766af72d8cabe8794a0351c5841268978ffe7143ce4d634601ec473b14184be5468efa9ddb45ecc3fb7314cd054c16bd74970955513d686c24e7ebf25f122d5b178af28f6a0fcdf6176d735f315127fab2526b669c87157309168e4d8b46575c1de8e7c8af897615f37afb16203d5e4c295e69846af72439ad5242fe1d7f2ebf2f05bab182445648df11b2e8ce11f02b8e741aee1503b1579b873b878e818ce15a9a196dcd5b2c85f86aabcebbca0e334e56ba609728ea60799c2375ef38254e67256c5c5e155234497f6146715d54244a28bcaf64fbcf91400fc52cdea41bd75ce3b16d224cc93d3f74983a8943d8570e0c2c6b5da71aee9ad706daf85984cbd80cf3e9e2b1404271b29d2facaf7763a7e10de63baf1c19fa6f20473939f3dbb05b34ec6e50a40b9a5f5eabf37fe0efa7bcaf6e2917dd1475d16f451e0ad543870dfbd8a373d0f9e356435633ee15849ced0376a8858a51be0e30e7131300f7231119f8c79b4370df3acb488569cdf1cee7418858527f62593f24c05c66a0e9184a3725f626d20a02e95b471b05e2b859a5a4c7eeed45f6dca6a19979d08bf7fe60e1c6dc20b7caad5f4046fda4b71bf8f3fff45e51a80bcee90c25c08ab72df67aed62ef73e7c8ec54e9be5e07918b92ab352e3dd644a2a3d04fee06826961757e3e2e2f76bae672631658207fd12fdd2d40307353ac749a744321f3459750da49ecbdec189061528ce721738077e7478d239067a77890b62939d0974e96413b66ae7ff087ff86b3d326ddf899974e9da127e724bb05c4f522ece0a7b23b3d0d71d3ab579cc5e49c51ee24cee85bd3e13272faaba2dd878d19bc335f35919bef941a8012910ec4651fc3b5098baa80f5a454e8463ad1455d1665df60c14f0470c9852cde45267ad56dfc2a0c73142580119f88535e92f6e1fedbaa5938510a434c351ed7acd36d645005e2fa91cb3e4a69c78e5df193b0d12b9ccb8d4500d504e0bcaf8dc4779b76c9ff2c532ed6e08c6fff586a03ad851b3f42f73d8cb6c0914d6cb762941f23c466c91e0ff6adf7d5805c4321e0ce467dadeaa4d9ad613bb9f68b0d8bafd9a4df36330efbf188d5a784ba83e6d67909fd85f2d669a8ceef1ca3d971a5b9dbc210177fbb2deb72e069f816037bb0194f86890ff5721460f4225f1e4a33fdf845498d6d66247009394929dd2152627b50cba33ce67e53a423e0e52c55bbfbe54f3a2a4968e2d699398ced8a563f2eab09339566fcfefd575aec3a80b348ea466b94abb2695f51b0f6b11037ae44ab599c4c34b31a34d1c6ab237bfa430c3458865d25451f887eccfdf746c2eda4520e916b953728f60b98fe4f54629f19916272ebac7422354b36dfbc467914f1fd36c0daab8a5b830417ff2ab395f57f3c1db07e76766dfd2035107646154ba4b88afbda760032ee8bfe9c58c7573863d9ab7b95bde4d85980c96a2fb9fae96f33bb988ddb5c0399b32f8f4094e7a9f7ceaf655ed74450ddfb34518a41d21757fa6c8f925005763d974cf85e9826357a26a68ba2acd1307553344e11728f819de06282b98caf50bbcbc0d37335e7c949e2c3ddeda2c4b066f64afba1147583fd249cab7873fad0a77917d4a02b5d7ade3ea56edc5a635f86864bf50c0411b57e4ebf3b9e818c5a1b8a8ebe6894cb8f4b0a9fe5ee3a69720280b5a7dd967695e5d9cbe590096894452a1aac8211d6d57ea32663b13f4a30a4a09c8e92943ca8c9fae6bf89418be4f3745fb7a94163475a28680c3ed6d586dea7399800ba3bf9541222ffaf4a20dfa65e2a786cab54ece88815ef5bd058fac4b9ba39062045a53a079a8ca73289622d5a65ce4aec5978bdd6df32528d07bf327093bbff4fed41bda553ba94a1ce71ed84cbc5aee70934bb771e20f65b6e057cdb8f2288baeb4816486d14298d51baede68efe44ac800b21778541c8fc8b9b52349178583db9ceafb2ecc153e0792e5925d557af8a862b3dd8e6acc2e82f18cc2a5981dcb62ec92af77e3be7ec5fe573f78a7e441a4e45a36683f8b8fbf7b0da14b3d7e845c61df1b66b5b992b10d7d5b6a4a68d09fc2291db18f60fe9624b6aee53979a0c6815f419ac59f9182c393e0bfb78c91347759300668b6b4bbadb36a47b00d7d0efa7e2a3b4b440e1e10a6895425d13fafd382dac988014e469a95e635c11cf2f88f93ee719817482f94ef65da7f98d68bf6f469c7a76291b54bebd643a1214b3f15b65e4a7a9ddecd89ac34a6fbe6f85456c8dcb65c2311b1fcb922295321bb422bdfd3672f896f68e4c916b77d7e9dff34f21c1b402d21e65ab4ba740beb83f85ef4edd10032d24f0155e81c3e20d4fd7b19d4f284ba8a83157299d876fa971a1ee25aa5888fcd85e5cb00922b829f2fba8ffc17310d8c91cd538b835abe0c3abec2605f93d75685ca37c9af8370dd00f0ff0c594490e5ddb77de10a255bb028de9472e868179faba19c482c2f3b2f7874644a98888b45c77b2cf79f1077cdad8b5b4423bf50cf7a5c655c562e3a593602ab27299a2eeaa63e38b2e3d2ff38a90e301e98238898d88bed3691fee33a5f507ac555acab0cec39def92ec3a9dca01796a2d5c03c7a4f048330d1bd35377fb4b73ddf0e670a373a731fcd26078ab7e997ea0bb151c51fab629cc9b01ed60911b360325cec8eff152f64b947df83f752d56bc4e5b355b808305a1758b9b01b833c61e0f628034d42285e23db331fa818566e109bced772a2edbf5632656a2b65d5543cb5ed46aeddb383f3bab63054b11e15cd5acae3a73fabbc7a67a4860decd63ab57b239f103bee81e134064c7aeaec2ed86f829878c34adb37841e0313dcbc23dcb4979991376442e049fb9e1c0a24db2d560651431ebaa49e84521cb107c2c484af4f0f4a87feb099d5b397bb151e12dde22ce0f82399a3fc4ca29efad22ce2aef9211fbc8f39d2700a9eaabbbf92148bf43e2ed0801a9eb0bb55dd53fa489c0b8c75f727026ecbe1df3b4432fddff388241c861bddc4c8459f66b75d3ac461720d009760b492975ee6a217669c0024f84aa51b23ef7b0ae4521d6b79ecbc9c13267768a1a3df73fb38a3f8c6d2e287dc7ed5f68cfa77ce590ad3877570f40ccb33ad7fd32cc4171377eda8950a393c83c624562b77f36a017157b56547cd3955fa7cb13d5cf920c865eb9de501daa73be74e72a065240ac0010803c793bfdeb293f906adeb5c2252311c3822f53662ab6c811d7f5c38f66d63e92a58ab063b0d3be3971f97a93eff5d918cdb746722575b05d5da8151ae3309b2b387bb2177566dc809987605a4c957fccb7d8f45144bc698cdc058d76602ab39171f1f092a9d163a05a9fc78baaf28880269af3f6b5c5b5bef548d5ec5fa1c387147de25098db60fc3c45390a79b45d710c58e595d84fba5d8224deb249541200167e16255d1a457915502e8aace8d2ebe820f8f915d4fa1c66c25d4b031317023ad7e0fc19543890c31001a45f461948b710d5b00bd1cf8cc2b35c88ec7314ef6b9486b6c986f54246c5bdbadb2e0f54f073bb2921f085034ba6db61078811606212262bb9e64ea9cb5c9c347e5f320b11c1e02cf7a816a6ba89baab255b79b489df74a731798b32ffa33df2bb023943edb77c0d496d81e8bd6cb5324a6a4e49e79b1ae1d9e7afa1511c80232e33a552c9e74e9fae7d90541cde2523c28e75b10a73ab222c8e2602a05259ab8b0fd4a552143fb3781a3687d2364a1173e01443a0a2c73c31bac6aa577533df89aadb3f38766f002ecba9708e65ef78cf43ee4d2e3f1710856a61a61675c1f5b2e34ecdcc0faf6ed4910d2271270a19865236b82b9cbac9a1ed247c9c9dbf1b58f6d76a3208c7197e5b2caa4eaf5c95fe45b18f2c6356fce0ebdb35881becc26746a49b593b96d64b63d8b7813e765c0ffd04c6e3bc3d8c6b99671f2d899e1b2491c7adcd903aa3e3a735a77962d971d52b97b9622112bcd0228003e976db3be29425f3153d634cd393cefdea6ed9ee09d08d8fa85a9b116ce12895ce7d0eb1b8a9141caa05458ea04eced9b7b35d3c234eb3e1dc05e539c8de0e0b32c2905a46d451f7d05de9c5e8e4affe0863d1b071b9928a301287e0872653b8715cda3a174d08d1fae724fcb1e20814427c90171014c603aaea9de476fb4c42f7eeb02c0e3f10961622806bcceef73dbba3ec22207684b0bfbca24930483157c248a2a50c0ee26d531f83708f579c29c5628a0ebd1c8debd814695ff4ef5758ef77a9d64a4bc6bdd802093f4c9b396d6a56ce26268956bb196f60e3f080ecfe17afb92334d2d8ecf7ecb5535165a5cdd17ac4913e3b93f275ae8c44082c3808b77b0728c7ee645eca47e12e9eafbf4"})

15:44:22 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
openat(r0, &(0x7f0000000000)='./file0\x00', 0xa00, 0x6)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
openat(r0, &(0x7f0000000640)='./file0\x00', 0x0, 0x0)
setxattr(&(0x7f0000000740)='./file1\x00', &(0x7f0000000780)=@known='user.syz\x00', &(0x7f00000007c0)='vfat\x00', 0x5, 0x2)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r3 = epoll_create(0x3)
r4 = mq_open(&(0x7f0000000040)='vfat\x00', 0x80, 0x100, &(0x7f00000000c0)={0xb8, 0x100000001, 0xffffffffffffffc0, 0x1})
recvmmsg$unix(r0, &(0x7f0000000500)=[{{&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000300)=""/109, 0x6d}, {&(0x7f0000000380)=""/234, 0xea}], 0x2, &(0x7f0000000480)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r5=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x60}}], 0x1, 0x40002100, &(0x7f0000000540)={0x77359400})
stat(&(0x7f0000000680)='./file0/file0\x00', &(0x7f00000006c0))
ppoll(&(0x7f0000000580)=[{r2, 0x40}, {r3, 0x6282}, {r4}, {r1, 0x2000}, {r5, 0x14028}], 0x5, &(0x7f00000005c0), &(0x7f0000000600), 0x8)

15:44:22 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 40)

15:44:22 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 43)

15:44:22 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 23)

15:44:22 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 46)

15:44:22 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
fsconfig$FSCONFIG_SET_PATH(r1, 0x3, &(0x7f0000000000)='vfat\x00', &(0x7f0000000040)='./file1\x00', r0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r0, 0x0, 0xfffffdef)

[ 2537.948503] loop7: detected capacity change from 0 to 40
[ 2537.959369] loop5: detected capacity change from 0 to 40
[ 2537.960398] loop4: detected capacity change from 0 to 40
[ 2537.977278] bio_check_eod: 7 callbacks suppressed
[ 2537.977289] syz-executor.4: attempt to access beyond end of device
[ 2537.977289] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2537.978683] buffer_io_error: 7 callbacks suppressed
[ 2537.978692] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2537.980414] loop1: detected capacity change from 0 to 40
[ 2537.982817] loop6: detected capacity change from 0 to 40
[ 2537.994830] loop3: detected capacity change from 0 to 40
[ 2538.003479] loop0: detected capacity change from 0 to 40
[ 2538.011574] syz-executor.4: attempt to access beyond end of device
[ 2538.011574] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2538.012465] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2538.021249] loop2: detected capacity change from 0 to 40
[ 2538.028945] syz-executor.6: attempt to access beyond end of device
[ 2538.028945] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2538.029856] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2538.046418] syz-executor.3: attempt to access beyond end of device
[ 2538.046418] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2538.047301] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2538.063280] syz-executor.0: attempt to access beyond end of device
[ 2538.063280] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2538.064244] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2538.065273] syz-executor.5: attempt to access beyond end of device
[ 2538.065273] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2538.067031] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2538.070723] syz-executor.7: attempt to access beyond end of device
[ 2538.070723] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2538.072597] Buffer I/O error on dev loop7, logical block 10, lost async page write
15:44:22 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x63828, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
open_tree(r1, &(0x7f0000000000)='./file1\x00', 0x800)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:44:22 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 47)

[ 2538.104968] syz-executor.1: attempt to access beyond end of device
[ 2538.104968] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2538.106939] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2538.117116] syz-executor.1: attempt to access beyond end of device
[ 2538.117116] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2538.118120] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:44:22 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 44)

[ 2538.132424] syz-executor.2: attempt to access beyond end of device
[ 2538.132424] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2538.134307] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2538.145568] loop4: detected capacity change from 0 to 40
[ 2538.149498] loop6: detected capacity change from 0 to 40
15:44:22 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 41)

15:44:22 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x18)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2538.216268] loop3: detected capacity change from 0 to 40
[ 2538.224022] loop1: detected capacity change from 0 to 40
[ 2538.259456] loop0: detected capacity change from 0 to 40
15:44:35 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 24)

15:44:35 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 45)

15:44:35 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 42)

15:44:35 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0xffffffff}}, './file1\x00'})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x283c000, 0x0)
r3 = epoll_create1(0x0)
fcntl$addseals(r3, 0x409, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:44:35 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 48)

15:44:35 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 26)

[ 2551.168843] loop3: detected capacity change from 0 to 40
15:44:35 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r3 = signalfd(r1, &(0x7f0000000000)={[0x800]}, 0x8)
sendfile(r2, r3, 0x0, 0x101)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:44:35 executing program 5:
r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x8490, &(0x7f0000000140)=ANY=[])
fstat(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getresgid(&(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000340)=<r2=>0x0)
chown(&(0x7f00000001c0)='./file0\x00', 0xee01, r2)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0x0, r3, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f00000003c0)={{}, {0x1, 0xf}, [{0x2, 0x3, 0xee00}, {0x2, 0x0, r1}, {0x2, 0x1}, {0x2, 0x0, 0xee00}, {0x2, 0x1, r1}, {0x2, 0x0, r1}, {0x2, 0x4, r3}], {}, [{0x8, 0x1, r2}], {0x10, 0x3b50383464637262}}, 0x64, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x8, 0x1, &(0x7f0000000180)=[{&(0x7f00000000c0), 0x0, 0xfffffffffffffe2e}], 0x40042, &(0x7f0000000240)={[{@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xad3}}], [{@permit_directio}, {@seclabel}, {@smackfstransmute={'smackfstransmute', 0x3d, '*,--{+%:#'}}]})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r5, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
getresgid(&(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000340)=<r6=>0x0)
chown(&(0x7f00000001c0)='./file0\x00', 0xee01, r6)
chown(&(0x7f0000000380)='./file1\x00', r1, r6)
sendfile(r5, r4, 0x0, 0xfffffdef)
openat(r5, &(0x7f0000000440)='./file1\x00', 0x30201, 0x12)

[ 2551.192489] loop7: detected capacity change from 0 to 40
[ 2551.194622] loop0: detected capacity change from 0 to 40
[ 2551.198538] loop4: detected capacity change from 0 to 40
[ 2551.200521] loop2: detected capacity change from 0 to 40
[ 2551.210410] loop5: detected capacity change from 0 to 40
[ 2551.212026] loop6: detected capacity change from 0 to 40
[ 2551.218611] loop1: detected capacity change from 0 to 40
[ 2551.278064] bio_check_eod: 6 callbacks suppressed
[ 2551.278084] syz-executor.3: attempt to access beyond end of device
[ 2551.278084] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2551.280458] buffer_io_error: 6 callbacks suppressed
[ 2551.280475] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2551.291095] syz-executor.0: attempt to access beyond end of device
[ 2551.291095] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2551.292685] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2551.298453] syz-executor.2: attempt to access beyond end of device
[ 2551.298453] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2551.301195] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2551.309940] syz-executor.7: attempt to access beyond end of device
[ 2551.309940] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2551.311594] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2551.316858] syz-executor.6: attempt to access beyond end of device
[ 2551.316858] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2551.318712] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2551.320135] syz-executor.1: attempt to access beyond end of device
[ 2551.320135] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2551.321757] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2551.352051] syz-executor.4: attempt to access beyond end of device
[ 2551.352051] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2551.353599] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:44:35 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 46)

15:44:35 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 49)

15:44:35 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 43)

15:44:35 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 27)

15:44:35 executing program 1:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffd, 0x60, &(0x7f0000000200)=[{&(0x7f0000000240)="04000000646f7366c000aa7c0801010a0440002000f801f34d3ec7cb014c1381dd77bbe7d69c2d3507b2c6dbb531fabd0881b0ada94668724712f5e65cec63a066d5dc7991a6c88c17a2fa9c77f53efb0eebbbf09b7510a6dde368d8bacce16cc37e06920dbd24adb84e728dca6475c80127cba2a71c0670ac6cc7bb172f21166940aa1d64adf189df538943d92ae095be93cca1d5bf84f27a0f17877e28676f1753372c8e29ce83887bd49572033acf3e2090e43140e2f9b49287d8429d7d60f7f81d4245169091f38eb99ee3930406", 0xd0}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x4)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:44:35 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 25)

15:44:35 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
openat(r1, &(0x7f0000000040)='./file1\x00', 0x50200, 0x28e)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
openat(r0, &(0x7f0000000000)='./file0\x00', 0x48c4c2, 0x2)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0xfffffdef)

[ 2551.510221] loop3: detected capacity change from 0 to 40
15:44:36 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x28, r2, 0x100, 0x70bd27, 0x25dfdbfc, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x24000000}, 0x48000)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2551.530998] loop2: detected capacity change from 0 to 40
[ 2551.531748] loop0: detected capacity change from 0 to 40
[ 2551.541743] loop6: detected capacity change from 0 to 40
[ 2551.562216] loop5: detected capacity change from 0 to 40
[ 2551.566090] loop1: detected capacity change from 0 to 264192
[ 2551.570303] loop7: detected capacity change from 0 to 40
[ 2551.579891] FAT-fs (loop1): bogus number of FAT structure
[ 2551.580594] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 2551.584262] syz-executor.3: attempt to access beyond end of device
[ 2551.584262] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2551.585725] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2551.615874] syz-executor.0: attempt to access beyond end of device
[ 2551.615874] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2551.618002] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2551.635323] loop4: detected capacity change from 0 to 40
[ 2551.644854] syz-executor.6: attempt to access beyond end of device
[ 2551.644854] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2551.646491] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2552.405527] loop1: detected capacity change from 0 to 264192
[ 2552.416308] FAT-fs (loop1): Unrecognized mount option "./file0" or missing value
15:44:56 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 47)

15:44:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 28)

15:44:56 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0, {0x6}}, './file0\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, r2, {0xff}}, './file0\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r4, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r4, r3, 0x0, 0xfffffdef)
ioctl$AUTOFS_IOC_EXPIRE(r4, 0x810c9365, &(0x7f0000000240)={{0x101, 0x3}, 0x100, './file1\x00'})

15:44:56 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
write(r2, &(0x7f0000000000)="87da8a831e33a33abd5b80182a9c575891108fc9e572018d0808c34edcd3f4911ceaa07492", 0x25)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:44:56 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 50)

15:44:56 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 26)

15:44:56 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='\x00', 0x8, 0x2, &(0x7f0000000200)=[{&(0x7f0000000240)="7b873237380075220866ead6ddcef3c488a77a53e214c7fce178f590c24e66be5b315f62f14eb1b25a37ffd3dae3e34d06ad4749bb65ac2ba333ffe18560654bc7a873bef1e741db094ae16311c37c5a82bb9d296693cd0e969804bee8a7ad495d0cace2a3090409368af21308a1d92873d3cc4be966665db1eccbc0b1ab62fd02305c7bc6ef8c1c658f83fab14f7b8414dcdc1284a721465733f4358c7c416488508233040c00b53f007a58e15d396827cbfac12c4d299fcf787a1f9785faa167a76e09ace23b4f089d12fd30bb6e429a8a9d7a655b5fae7e33d750b4d32dce3b4941845377ba326f3c3de036cf58c1cbd1dbb860a7e2f113d7f0a0fb3656f387b070f68f4a316fce61f9e2fa6e011c7e2a827f1bd6c235c3f5", 0x11a}, {0x0, 0x0, 0x100000800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x1, 0x5, &(0x7f0000000600)=[{&(0x7f0000000180)="fb8d0a4fac61301232fb923a1cea03ffbd881e5db31e9150b8894466e181aa6d846336e30728cc4bb601abf6ca124eec4876c368236c6a858f11dc", 0x3b, 0x401}, {&(0x7f0000000380)="3aefbde4bd52b848a5b454e971b4a14cd804d6a7e9c36f1fa1f2127e3d81b626f2ac74cc900c229e8a58db4872a35035c4c3e4c18a1aa9bb0c06cb5c0f1ad7993d5593da9b535d6949fb75b88744ffd1bc8b9b14fbbf9d478cf1a8", 0x5b, 0x8}, {&(0x7f0000000400)="7d71dce0ae7e694f183a0b30ba1d3828646438537f58318f9838b210993338bd77be882bbf3fe61997b11bc3b175c0dfdbe7f7ac407906cdda0ef080ace7d6c93c697b09a3f4a7bb8e78af0b88c9294d4ab1a89fede13e2362d03128a6a263fdd6283195f3ed9cffb0c332e3cf", 0x6d, 0xe7dc}, {&(0x7f0000000480)="872c6651562cf44b22503960378ec4ed2e8d11f737032ff18e33a968ee77b77bbdb1e94aa720e3e95bf7a2f5a05fcd39271b2fb70bd86ebe96de2a1485ad7d3230964df904247fdd11d65c9a29e978834f4ce765aab0e71ef99e6b5f849dbd21ded5e9da4abe3f70a5201193b7bcb93cc23a9faaa47513a3b0f288198735bafdcea387c38d41560f0355476bfcdb27c3c0012d3d71844f77145f6282adcb2b5e83ae20130b27bab6932765359a1b137eeae21cbc15a369c3b08ac62a04e8416aec985e139f744ef77df1fac600a36b557e8d69278080c1b9", 0xd8, 0x7}, {&(0x7f0000000580)="5a47702d59abee43828c9a34d130ef7e89de4ae40919479d9a53caafe105ea7ce731209293ddb2dfc7f95f134d78f809939abcf05c007a71aedf4f2539428a75c14bf70b74ee7b121f9bdab9cc4be0793ef181aa600971f72a95908443caf79cd27423a83a06b83a9fd0c9dabd4fa2978032ee1f6b57", 0x76, 0x40}], 0x20000, &(0x7f00000001c0)={[{@mode={'mode', 0x3d, 0x401}}], [{@smackfsfloor}, {@audit}]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendfile(r1, r3, &(0x7f0000000680)=0xfff, 0x7f)
pwrite64(r2, &(0x7f0000000000)="0d6a2de85546431f56a8bec66a100fb5cff38f394b5d4fa84055c770d27433b44352dae0c8c2de5da98a77388eb61cc1ee4e5e1799a38ef992a8d022d296", 0x3e, 0x8)

15:44:56 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 44)

[ 2571.723520] loop4: detected capacity change from 0 to 40
[ 2571.726127] loop6: detected capacity change from 0 to 40
[ 2571.728100] loop7: detected capacity change from 0 to 40
[ 2571.733045] loop0: detected capacity change from 0 to 40
[ 2571.772220] loop1: detected capacity change from 0 to 40
[ 2571.773760] bio_check_eod: 4 callbacks suppressed
[ 2571.773770] syz-executor.6: attempt to access beyond end of device
[ 2571.773770] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2571.775295] buffer_io_error: 4 callbacks suppressed
[ 2571.775304] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2571.778827] syz-executor.7: attempt to access beyond end of device
[ 2571.778827] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2571.781065] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2571.785454] loop2: detected capacity change from 0 to 40
[ 2571.786733] syz-executor.4: attempt to access beyond end of device
[ 2571.786733] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2571.787840] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2571.789621] loop5: detected capacity change from 0 to 264192
[ 2571.791569] loop3: detected capacity change from 0 to 40
[ 2571.794129] syz-executor.0: attempt to access beyond end of device
[ 2571.794129] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2571.795183] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2571.843563] loop5: detected capacity change from 0 to 231
15:44:56 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 45)

15:44:56 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 27)

15:44:56 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 51)

15:44:56 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)={{0x10b, 0x81, 0x7f, 0x7b, 0x90, 0x8, 0x223, 0x876}, "bc9569c2eba8630f68a0f627cbabbed08b2fe017a248ec0832f705f0118ab8c6396489232b84f76a771874f4a0d7fe4c4f04165df6edbdec36324237f2db08da14c2be2a9f3f0bca2412c41fcdccd2816c5d758ab051161f181fc95b05220ad313daf6678cb08e62dbcf2c87598f532b3ae478acdc3d7ffab5583c41836e5d6ff69e0766a6"}, 0xa5)
r2 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r2, 0x4008941a, &(0x7f0000000000))
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2571.889992] syz-executor.2: attempt to access beyond end of device
[ 2571.889992] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2571.891215] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2571.904015] loop7: detected capacity change from 0 to 40
[ 2571.912075] loop0: detected capacity change from 0 to 40
[ 2571.921403] syz-executor.1: attempt to access beyond end of device
[ 2571.921403] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2571.922523] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2571.924477] syz-executor.3: attempt to access beyond end of device
[ 2571.924477] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2571.925369] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2571.936797] loop6: detected capacity change from 0 to 40
[ 2571.970531] loop4: detected capacity change from 0 to 40
15:44:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 29)

[ 2571.980820] syz-executor.7: attempt to access beyond end of device
[ 2571.980820] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2571.981736] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2572.007591] syz-executor.0: attempt to access beyond end of device
[ 2572.007591] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2572.008559] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:44:56 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 48)

[ 2572.021518] syz-executor.6: attempt to access beyond end of device
[ 2572.021518] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2572.022307] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:44:56 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = fsopen(&(0x7f0000000000)='selinuxfs\x00', 0x1)
write$binfmt_script(r2, &(0x7f0000000240)={'#! ', './file0', [{0x20, '!'}, {0x20, '^W.]*:%-$!'}, {0x20, 'vfat\x00'}, {0x20, '(,{'}, {0x20, 'vfat\x00'}], 0xa, "8602d0324b05ee7c4f291e8437678bea2f1b32914223085d4a0fb2443ae9a3caace802dccd121d3c75faf53bd419c2c0014f70602bd27cb201035a1f08bb65d8fb4e7fb3d6476610e6bbc68f19857ffcb83029015fcb1e930486d9f7de6c77f552d38fee21375285ab0211968365066c5adf9a46d3834b61890c14b322fa6f3ed8dd26657bdd5fc052603ff236d0edf522eed073509fb7f9e0da13bd0233da51d64e031ab5c93ce127d1f7810e4a96a30ce1fd63ecce65467fe3027da5d2a97d271b8d404ddcbe737cdad0af02c39259a98157885fda3f907b84b80204205f4868fc95dcd2f5a0a1ce3607f93f5df338f3f3aeb649239616e800a8d81b33a04a7d368eb1dba2efa602f5c3ea47fed1977b5202be6196ca2d704483869e27af7ab64840e88ddc1e2975c1018a587a132da991dfc79d9f91bee96ac5164ea30e1ea11eb1be6974d2438628cd77ed1c8545601270afc38848f6941dcbe54d8c9c0211243d646e02d178e62e0a518137cae2195e688bffa9a5c6b0aee167b52bb53f1ac8b276034b41bec289af64254745dea4d2e471e1030576a29dc78807d996b7f542aa8e585d0f155ed34166a913356d291d5ce9f32d8535cecd66ca70aa01287ec4a224f5d15a23a043f372d828e62f74221628dabefe1dac3f92453b96e1f8c21ccbc0b257e3d0809f016f9467d7fc1194713c3c04eaedbf4f295bb35bb2da1a65fb02dc2709db3314cd6c9ba846e1fa791ce91588d59e064f7dfa2920b34924e8487490b78a9f912eebab389b241788259f7d7aa3f5fbfffa81250125bf4d0552468a4bf67b3ef7254ea8f312a6ace4a88222942ec6bac8c259ee9dd2420b473044bbb4b105971fb2a2034cd877cc1d44b67f87765f1c879873453a240277cb1c3a369e1ce61bc0a6eab68078ebb68e8a29dd4980fe42c11ca8b81f8b1f402c2386bab84814eb31682de10d87d64fe81f440a5a77f0149b37cb20d321088740b80b7e2145b23037e063ea3076165b07190a76a74132e42fb5f7166d4866be0d9a889106397e517dec32c816298c04e792901b606a50c3aa945c04a36fb9ad4b14af270579e612bfb6d137a649febebc17c9e8d1426d89bf3591723e44266efc87ba69c6d3fb5279d6fe80bdbb7a5dcb7c70a84fcf4806244930efcc97e48c131e0172721b44c43206f3c182f45db340b3098faee20d643ea0fe6adc945c24e273595dc484d5c9af8bada1ed6f6abe5e49eea6527fdf75dba339412afb522d155d2c435ca69fd5dd8822ccbf4e51ab08aae3d8d52fdbcf8586bc385a8f978dd5404993521bc4856b8f9495d5a5d07f529cd24943003ea809fd4e7a6eaa89e8732683b20c2cefd642a5884c589d0421e5a8440a28c60c62df19471915e5b53124b9900ec2e9fff46ddf191d5db2260a91f10c6a950baf21ee45743aa2ade181469121e878707fae96ecfa0517d8dce2cba8fda2548aaeb4e0258141e2a7727d835e3cbeb92b660ecdb2a86a9a24749a9112b09527c4f0a8920b1b39169eb43c79973c23ff32a0c8a525b9c557a394f521855a3e765d0803145b62a71d35cf78183cb6e6b7b7be40780c0c99122375569eff5c6ee69a22db182d86d6c2a0b98ea6a6be7f5edd1f70a4c74e72dc4f13db52b5daa7e652a29fd05ead24f17e9b56fe4f352fce506ed3f5d42fb04b003b7b355862dec118d68c47c57d316817b018b0975887fa48985e5bac009a52e576a62d2aa50a286c48766eb6eac3705a14d03d1fdee2270ee1cc08cacfc892019c44bc4d97da8fc02cc011169839a87df2522e17abc4b2a9f6e18a1b2682c179fccaa18b9c7c5f68841ae6620dce27205f1d9ad6271fe706bbe594440fb1b7f90379978ed5e3ffeb1095c3c5c915b201e281351aa4b6cea6166d94c4d43263a3a39bcf0ab29d8d50f64b5c012a5c341051df0ad0ad60b75c70c7b9e59208f11bf38b8fe124872824417d76097e4bde389272de59682342e1ec9bb216ae43923cfd850a174f0e4fa6e343b9d4b71a0ac1db27fa54274dc32b16d4a5c32030184f31dc0a07dee311dcb4ad73f43e0b44a7251eee8fb6266296e28618f4666aa1d3d60e629f3eaa06dabe730194ed2b96a5128b035a6e01b1c84225fe9182aa11c2051d7a21f7b41102dd6653c5022a57298e718406e0e9f65445974fa6ac6dde79fc45ef0061eec5f05200ded895952c4b6270f0243da9a84e3ec7c06fae656b2c4245c6dee14fe5f3699bfedc5d25976c2a2733279d97cdffe07d75dce227c8d80c7472418439c17ec804b309ff77df4525e92df1f22a0d0dff8c385707413511f21c87087201eb651150ed3b2774b0639977eacca0ddb38e330e2f1f73196f53d323858fee90e8328a7ea7ce50c5e24679771c473a4e40ef6f8869739a0ebe9eb6fdac54939dabcb2e2b2f076a3d65e8c74a18c0ed959bcf1d2db9808e502ebafec31d4bfe9cc18572fab39ecb280b5a617db5211e9d87254a633a5007ca7aa9816541de01555353671284acb57329ac19046cb050c60580d6d33a82764e2b93a4c3cae6e4a102cce18d5ccdd715858e91addd48885c375d4fadacdf72e87aa3f28f9a962f6616f0c5ad7dab321fc080fc8064a5c0095dc7c07265cea4ef2633b1e674ca022c58fabff2940d168ba4ba2b3a8b1e0636e3b860521fd98bc1f0db0fc675c96d52939127e6ee45252e62952e8df2ae275a08a64ba594fcedde6eb3dd3005c0af9fc9c324f6d4f935261b52d4083d2945bd37fea01e437b00b46885e24981cee4c89f363acc8993d0cf1f0f7ec0cd59b54afa1b93e810c2105b595973572b3d4816badc4c933638cb6c89c02cdc1c866e407eae20241162e15d6509df6c94042f6e446b680437f16b118b55d07bba682bc4806a270cd6a4ddcec35b89240b4b9362a3ba2d49c8798dbbf550b19353800d4738e452f982c33879e85b9df44d1cf28f36f6d15142990a098e8d2ff6e90898e02e5815c33fff5543e2c69d77a15c59d20c3b2e143868f8fc18b4a535ec54b4f8819e920f98407bf404a1001a3bed0dcc2735b93f2ab56eb80c524cffeab27215a0d258e8559dab915aa4daf46bd4fe0c4e71424a81f221844b98db1058a2577d9faa419ad3b620fdfe27c6474ac162073bff02532843f2dff98d6f0f3a74f9f2d69ec3732390d505e0112b06c8405ba0b00b6c80233837c0bff2d05e23cb1afba4eeeb7cb3aa523abf5de4b26b0a175673082cc7f26227c3a4de80fcb4cf53705db3f3d277d20029b041527dd04d05d690ae95571441e142b68aa5a2e4f9e12e32c0e7e6ca56c9bc75f313cfde511cceccabdf06984dec43d34ad853156bb97ab580590ca1496484b210f370d4eb5eec33966a9970f4737ef0fbca0a27f2235e52e20e6996aeb6238fbd786f1cd1f6b6c4622befdd70560083964ede62c349452a76e3651e9d9ee95cffe2e696191888056680d69388bc6b1256243e992cdd5bd40fe4a81826e248b7fd7f4fdb5acfb0785e9dd5a7ea41c5b82962526550f845c09c51222db404e2bb0954e4d8a7c68d83fd85b2b849bf379a0f9f1eb5ef9a6446fcb0017d1117a5749c23d61ed36be3bfc9e5bf76e8d06d8c946621dbb1c84e5414277043f2168f49862702cb9897f2a7987f7c6548a11f382f0220d68598fff22397a619249d3a9c29e2d1df2d0f9b0b7e541d1e95c2537da2d030554c929a7dedcff1687aaa514db3b76d5745d9fee51e8491fe0c5befda828badd800afde565ba2413e4dc236da7a1fd555ba55c6187f2bd6e22369ac744150cbef29182f9b175cadb215ea3f5c218a9bfb55537f3bfbc725ff28a62d768bf5cbef2efa47e11b29bfd6e8cc9e32b0cdc69bf3fee99602231c111122fbfd5d326ca48f53504e0a6e361622de4666b9449d3f731d1f7b79db7cd89c6c113507093f964bbd675fdce6db4f64db1adb75030af3b3fce9d6894632f49e95633d4fac7c7876500a8e0063b87696e5cf9453dbb0e33db9034e57674fb335d2101db8956276c48b6d916b0ba30d3a4e81316435cb603225480b5fa4bbdf50e45c2d6d88059dfa29b48af6fb07c870d082b161543c3b6ca305a3a9b5c2548f3e4e30cdb06b3cabb637b1d8f0fc63fe360c312d005cfbded7408decb2b6821f9079c17f1c04ce36e98786ff66f62dace0dfa087102f1d0bf8e5da7b1df4fa9e59bd893474a007b5cf08009408696f64ad583d6afcc9b64d1a2ddd4cb59ab34a67bd9afcbaf4b8bf5151cba56cb9cac835b2b875cc4e3d9b4617b279f94ba66c2362dcb597a76188b847965edff9197685c91017ee9f59afd4c3cddfb379630ccfed7000b39d37d00ed1f8ba325e59d6e74d60bd9f88d74826c9692bd50ba3b85c9df8f7a54101db83799f9f799403b8188e1a719c6e093d510f6b161ec4edcc72e991d083ebbbfb966c44bb6021ccf6f659f85143a6d809dee87d6fb571f098de5d1617832fee03bbf819ca1af8b56b1f87d557d07b04d39e5dcf31555545041e6f3b344ed7e293dec9642493ccda1f5a2da3a351fc31ded2f406db1d858bef005d8171b7667cafa675d2aa6d866fa5f0a67140a1cce5e1b3b52685260675ca5488dbc917d4ca662c70897f8df3e776814137b9d20faf0d8569d1f77c4edd3474a9f40941bc7856cae22f0f26ac6191ab7f83675193fcb408f3425d83df21bfa4fc5406e2decd53f6b5def79e896230ab029d3ec64f9036baa4d41bd643707cd1e4aa922943172a9874d3d861ec2e82fec2573d94e4b41efbfff37b1c513170ca4d9624b033bac7a5b1eb52f16d28c8e74e5e94db769eb8e46cf68aee54c0615934a8a5cdbc1d29146ce8e0272b08d56773b0f2c7676da707094f811ace2d887b3c406bb947408f4130c9dbd56390938650d370ffae0907dce92808df721cbf7b889a2ba9eff65a925cea01e2e5f65c72b1bed6adf2d320b5491f876cc116adf4207422acde779b18648d16828905acd685b5db2512b3a1a6b95d3b360f1378ef42c154bda14698950c6938eda9fbbd13153005395fc8713ba45d4d04214bba4f35b4f8075948ccbd09884ac7f343cf18e16650cf992be781d301939152d3c9ee45fe58337f0ee288864940d4a10ba52e8a5a77e167df5e424bedcd23085951e4db78eee4f56d6d65915dd27435c8b639db6584c30ae28e8a73919fcb557af8b5574e12321346ad89dc2728e9482ba7afb9f1482da40443f37e97beeccbe46473606a5533c843f120a6a9c9161e87451696aeddd9c384929ead47e79fc230037d1720565bbaaaa07420a58929ab68131874d9ded282f8d4420fcba073d27ed4b988c842059bf68f18cf143a7f212c3535c978449db0b216f9e896e36cc78e231b11b904b208a6916a0adef007112e6da592e61350ef7f188d9be787bd7999fb1a9586e86bb50f6ee70d4fcbd373c63b61c07656c4ed3afb81e48eae513cbd9757f4aa7e25990057580a538e8779c9540b25fed067e38d944b597ec58fb2d5804e23949b335abea940715a1479849905d16842c982e1aa7561a8efe1b296f56cb38ee14862915dd943696a2f282d8625fa53961562c34901525df7fd6b5ac4fc8b594c1a8c45ce9db7c656f9aa1a4de227ca9dfe39e8e73ef01322c51b478e5193acba5f10948b2a438aff3955c78a1751dcacfccdfa728e0d6bab94deea0dc147c119a69aefac0c402bf0f3cc7ca8e6476a7b8fa97343fd9868502e08adaaa8727534328bdd3ff346c3c46b46fd5b1573ee82b9b2bc10827a9313bd6324d1aaf53fbe8f0246"}, 0x1028)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x20)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:44:56 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 28)

[ 2572.081130] loop3: detected capacity change from 0 to 40
[ 2572.091903] loop2: detected capacity change from 0 to 40
[ 2572.117189] loop1: detected capacity change from 0 to 40
[ 2572.129151] loop7: detected capacity change from 0 to 40
[ 2572.605476] loop5: detected capacity change from 0 to 264192
[ 2572.617807] loop5: detected capacity change from 0 to 231
[ 2585.783874] loop0: detected capacity change from 0 to 40
[ 2585.796391] loop3: detected capacity change from 0 to 40
[ 2585.801357] loop4: detected capacity change from 0 to 40
15:45:10 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 46)

15:45:10 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(0x0, r2, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x100)
mount$9p_tcp(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8020, &(0x7f0000000380)={'trans=tcp,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@access_uid={'access', 0x3d, r2}}, {@access_user}, {@cachetag={'cachetag', 0x3d, 'vfat\x00'}}], [{@audit}, {@fowner_lt={'fowner<', r3}}]}})
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:45:10 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 52)

15:45:10 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
sendmsg$sock(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)="14c2dd5d42b533e89cbdbcca9e2d2edac7fe2c1daa6ee7bc050b3c55b04b388b74b6965aaa3184038bbb86642fedeee7dfdeaa72bafd081e04a7c1bda2aff4575f851552ad0c3ba5485bca4cd3243b2b48f7b05b1f0f11b9dd9e9c764ee44d360753005a0ce701c90fb427af36ac3c33d458cac46910616d29af740e65afb52228bab3b7158321951677e81be57b371d2649f08079a5edec27f526c09868ecb006bcaeaf0251eb", 0xa7}], 0x1, &(0x7f0000000180)=[@txtime={{0x18, 0x1, 0x3d, 0x8}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @mark={{0x14, 0x1, 0x24, 0xfff}}, @txtime={{0x18, 0x1, 0x3d, 0x4}}, @timestamping={{0x14}}], 0x78}, 0x0)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000)
ioctl$BTRFS_IOC_ADD_DEV(r0, 0x5000940a, &(0x7f0000000300)={{r2}, "d03faa62458515e867046087a9319eaea5a673508960eb2f74ef21f8dac9e87f83b826732c09d101f5c686a79a79d98c1442506fdb3ad06547b1741cbc1c1ddd1b30b609ef08243b7401b632e17e319f650778b5ecec8dcc62e345ece2e77936cc7b3a8977addc7b2895b00a40d49d0bc1f29b4c4fd771b0e6e48704c92deff80c2df2c06a3ad0a2647320d4a5fa34f48c400a3df6607b3e4118fa7d4fa37e97815f36951b13be00107df8329035697d71b8e5f902a72353f9e4f8b07d457928acba22b6beb7bc141932c165a897d36ddc1ed55bfe5951c3126237050b1d3dcfae78e09fdf46f9479bb05e109132cc509f773230f08b6ce84955727a26d5df09c2a12205f6b4727f38daa6f830d92b0adb5dbe06b7e929168e20b7c49bf94799d4df5b25ad3e34a6dbc82f35a9e384873c18e180041bae8c051b0bdf51050b36995e41e5a7d86a621c57bafe7613f75a2c3dac54147c62682f5cf1810b724882e54f60852e18e4f56e2be31f7cce3a0494fc96770ef9f424dfcfaa72e89d16533ea98e580919759fdec0ac8531e6d85ddfc932fefcbfeb1cdbefe7d76affa5657990cbc5c45b90692d29f8d828c15e7c9fa063de56d8b56ef568dc7d47e2e275b8160040c44e7b478e242df061d865893a6598c1523406a0624f39156602a4bb6fa52d8a82ad8ffe00453790cfd0864d311ca29013eeaba8fcbdd919c448485072358eaa190c70e820677bbc6aa74f85f7afc8172bb64cda6be8e063a7dfdc7df515144d3d16560e36742d369ecfae985b63748195d7972f13ac27b7138affe23a291d846cf3e86c9f6fc3becc773b525fd64036ef2121c0a8fe31f1a56764c799d7a0f1da2965ca6c8fe49ab3aa20ed28599fe9e6194759e59024bee9654ebdbdba70c381e0fae9eb667744ecc12a2a958e186993d97fbd5053dd69a24ec4f38e96d2210721fb5f1d9121c9569b9f0a6cf145b8b25127f24c7216dac0a1f82af7da29db8b3354de03a5731d51e5eea3675363501736fe612c1529f61e50d171b62d2602fc23d76a148324de0f9af730fb7ae324eafeecd116fac386334e6807ac67b1bea3d2efbc25f5ef6a4e2dc6b908572f90523c5f69cc1917f802e3d0fb3f1a6586cfe8cb660c2d4e89fb7b4db89bcb7012a68fda69716e7a3953db9e5d103c0254c78e1f33e072bcb8eae0db9e5a6d590d0fd8dc32c112e9e993ac80fef381dc36ea62a05a9b4ff761cad171402458dd58da0340f3ea24548094fa44f5cd847e4c271ac0232114c5cda16eed8ad69e3a74de2f6c0004f746c949f7f7c389d773c042fd3c9b150b51537c99a8f0313aeae79e698a2bbc0f132d3c9e1e8459cc7773d09647951e309292a8faa68c268d5138d47f5734adad185bbb68382c4df6ac6c6a8dd6dd22d89b5adcf6aeb03ae82b23c2e73fb259fb5a8edeb40070c1c73fa77f7a6719fb0ed3ec4892ca08a7104508975940e4250272374d30a27ecf0997f3dece84ee8ef90979d1676d0a61d8dbb8bbd5892db64642b58c9f36bd5dc955f3c0368ddaaea8ff490ad929cf79b3cc164273361bf0b98b800132304dd4e817721a80c0fd993dce5391e23178aebb9907ed363d0c427cb29e41a64e675539a51b6e31127668175af34f4392a05942061424bf49d4cf49ccd958a15027b3f423a767c79c0c6fc7b51340854a569aca0d63e164bee49a46fcf7bae16141c8d12cc5100333f7baa0aac6d85c8c47def9b65d8d18ef2d2642ef7bf8f6b863469751d318cf69429a24f2041ce593cebb655f4045e94a2630ff423da8a1e93c470d0a3244bd475d447bc5b12a7dbf6c62067ff2f9a66db48c12e8938d40bcc1e2d1ebd03beb374489981fc41d3bd40ad23259af2add30b104b7f028caa3d9233888dad8db92409db0da24524f84d0323741ed40f1ac08a3d4722e339873e0d5372b7270e831305c10e024daaec7eb39a403786aaf79ea8d16b136d03761dd7192144268efb89d4a399105ad198f5fea32c64b4caa489a83e5e251adcfeea0a3dc5b96cea243f229468b01b6b93440aa940d01337f44fa5d1e58b148bfc1843dd87600f7c682be5a3391a8c7c82c218699a52a07c950f71d1b0e203fc11c5259cb5d46dd784e3b1142eb1090e9e5818f02810b300384cf6d3ae0ed3cfc13a91ca52f26a23e828560328253bed651921a7732f4a89ccfe8036c57a8014f49021839d97a4f89413c8be51fa5918e34cce34f340ac0509320e5f2a2f3da2d556821007f9fc33c00bb52899f12cd1e7853140b63ac9cbf1b4599980b69030750f591f977e86dbb58c604b2a75e77c5627b88e67d3309c92815555e8318720a5146bb423cf7573833677987202b0738a46b3f496eccfd3e78e653907c46924d504cbdb487b90b833723492be42c5c86f8bd1a57a971d841d95fe3e3d20c03e9e9811493ac801cb44041949bedac422af13932f9717eed2e038f01d6e630e96e179377bf3fc19939dbc75f3576016f8254bdac9bd2716b9cc1220a5a0ec469313a0c3583262873f79f913e35eff32ec1476a43e7b2930806fc661fa62e790ea038935aeca4f705accfc6a3a3171d805edb90e012ef370768796e62ced49b9d884698137aa007228fb9d6ba09e4a70fbfc024248760bfe5ad8727eb52ccddbb6e08b49b211696f05a06788a145ebc9480c6bc57987869e213280c53169b3becb781245e5ad14e6ff5016c9fee7e4835addf5b19ee9ceb213468e46c307748f5aa12c7a4c72446a8907e15972db5cf96161d8284fea2c8aab88bdbf7bb5a17c4cf67cef545c91a590971366fc408acbacbd52226170b162f959ece5745d1bee3a30863cc473cda6ea6cb4dc993dc944a79cd01c63d0b8b6be1d45fad428723d05e23f89a0732a014af8feb69965cc57d9d72e5a1428559a8b7f1fdaf97e737b3f0468443bae7aa598bc5579ab14ff5423ac2be2d0016abc056a3ede1b2c456df9db1355c3d59cdaf55a38ab14ede64858309d59a9485d10aa75e27109bf720a42368ddca53ad03fd6732e7596ea68ab40c00232bcd15be32c04309e5e1bd5f0bdd83dff63112c8f22350b3f172bb2cc9208465739265919e0315e65e42e158758b16005c988d602822efbb6e0b4344676dfe26d30773c005c3d618aea297b8d7e60baf7cfbe70f83037f908e9f1ad2dc274af0b47278d3e3821fc795f3dd7ab70b119065630f624f63fd17557771d8f7880f48ad3a133919e68d1edd45d96ee19bc68ab64ef7170fa3041d8b916fe3aac91b3d4f43790ae1ed0e72cf3ba360ae671f86784dc3a10de9f985989d432a62a529797eb539d5d85c1ac72d81e1396359cd3a7d6cc1afe59c1d032358b334d9335a5dd12eafc46a7178aee5bf134796bf8f3e58c1bcf9c8aa389d5dff8f26e2eb8eacc47de7b609facd518e87e7b42bec9f5b10cfc41a6a0286e7adfcff3ebee76e64f2e66919316b92b382c60d59b410b898df149a872058d9d0f042e9f11836b03a88bc58720db049db0e3ae8feb36f219947ea9e641b0c3b602c0c5e2b399da36347f565c923ab10d3a629db06895e4ba84b85c0e8c8e5eebeb5133b132896672a7f014f3097b8486948ccc066830950b30fd180bbca98fc244c93157085ff1d4a895816a2cf9a7ffcd9e5a933b312971183195dd31453237e37d7e75d2b8389459e8364f336acb750cb695b27cd6b08f5c0ba8fa77ca3a9e35b09152cb2315b947888f82d91b9fbca46aa7c8492fc2bf46503cec373f95de144418591e509a43181dd1b65b0baa7e83444374316286fd166ac274041cf516803dd7d2aeeedaacc5b277b85710df068997153dedb6f1ccaa24bb3186fd4f64301602b92dcbde5532c65e5a52e7f7fea6ce8628d1480137b8e35bf56d93f97a249b4c59d0bb3934d675da8d1245f162042ea6c6a09bc7d999459be57ed735f02456255a4270ec3bf3bb0175febdecb4c00976bb19e3e96c3c20d6177528774b7758b1127d3822f24bb8392867ea0b0abc7e34bec5791ae9a45706799a54f2b0d9cf3b7865bfd034c83fbec4155331bb87114529e693c14eea8ade6b45634c40dc83c4252afddb3b530d4f4a98e0ac287293578f7c778bc11e26f9f07d096d6865cb58e264ead3a7b38de0db0b1816c2c1ce7a134f8048f1c7f447f294ea9403f85786f9ae840a1ee86a081009c5b977feae516e183bc2728391cd760218e1113c04da52c1236ccedf9510f1d8ae783db0314a8c2526cfc3e14e95eae4f671cddeafb0e4478a22dd8f875ecc950a791252a3168f089ab0ea31d2b7712d3aa46c31d41282b5177216f80fd73efc37f26e1c853bc0ab4dfa6a3d3d63837b7c5afbb8fea8884e74f791e801b806f279c6282f25e8ac496f51c760e5ae8ad92ba01ddb8250e858afaf4f58faa3a8a45b622d23678fa41e4a7a64ed144e4b52643f2d0ccad277a34d16794f0f7de7e6d9f9e0cda88a2c65bff91c387b08fbe418b2e0e1a3ea5fef6e5c24569f8116fa25093b06c05e84139e5bfbd9596b22204d400a3040445cdb881492da0e437b6d506fa0ba8e19f3d06f13662a81647fea4463ff289ff11c813de509fb0324a68191d5957bd3cd137293e2b31f0c8158316e7c9c71d88a68ecbf69d7d1c304e0f68f64f5121223f256de874948420b52d99a2109403a85b57de34786aca98b0e920c413df347020049a6e42c3ba3316e2c4b9c22842f3e698c89a33d308b97c66b736af1ba4f2779c05fbca085440715aafbf3eac36b7fb95782a4383d3b62b0c0da9db43c7259017420794884e4d0227fda5b868348c1d2250a866e2ffe9a3cf94f290f367385fc6b8cb9529a1526f3105e1561398ebaf76488a234d4719360e5ff236f5f2662bfc8fa48008b5d092b7bfcd5d30a3248b443e3c3143b981d707551f8d71b856a2af09cc70f2db87998eea9913c348eb334f1abaa766369dbfd50866ce682702f6d941cfef320f503a1afff0a3b60c4b6320e564b96310fe78c6058314e5afbfbd9e925a131dc29b599db8a936d5ca91bc28650fd6fa34062052893121fa791989df13065cb187a1f9d27831d7d32cda9d323b675c3c15ca51a1ca4795c63debb53905c5d948bc6667cbced4139a17b236f03f32d3c37d410ac10241e568de9fa8844087cd60af4bc9ffb7536cf984f050e28f63771486c23dc5a7248681bcf197d102f74b3ab937205a9443ae20ddefbc461532ea164522c197cd6863487122b0466c650031a72fc7c9c961cfee1b00ebb5f683990fb3f05ad76de19f94a89e6670ebe58b03879d37fe4b48f0591fe0d1d781706160eab905062d88a6ed4bebb18f4eac7d2e17c65c01603775e9a7cd00ecbf0314582b21c0dc6b93a010bbf58c9d05a4214ef9c2207d9b052719e9f58c7520dc88b301fa512ea3b3b5dfb669cec21a9b717f117b05c499c824abfa8be29cbd64a60ce4d10a13efd1899410fe11c67066994d042a4e6888930eb24fe379802fa342f5780b75d0c21e2535bc56d8a4d8b3c658e3336fa46412d5e81139f687b8b8f198f86034e9c3ca33a169a5f5ea50d12632479da5017f6a4dc974a28a5f6c35ca53f4359ed891435e5212558cc142e03a3f56b67c71560b149a006db72870afe9d4e8d23cd473a4a49713ac182dbd8b0ce85db617587c2649d420c5c0b71852c88aec2b6dccf0dc3b58917ea689a3169a03b25aeb0be7849c3ed9fb62fa1972f9c5484dd4bbf3972d674fd2c98f913f0cca29bdd87faac8c344354739cbd937e7dbd0d1ca769c2877df70"})

15:45:10 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 29)

15:45:10 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 49)

15:45:10 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(r0, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/nfsfs\x00')
sendmsg$NL80211_CMD_SET_REG(r3, 0x0, 0x1)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000040)={0x0, 0x3, 0x3ff, 0x7})
sendfile(r2, r1, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
write$binfmt_script(r4, &(0x7f0000000240)={'#! ', './file0', [{0x20, '.-&'}, {0x20, 'vfat\x00'}, {0x20, '*@,&'}, {0x20, 'vfat\x00'}, {0x20, '\x00'}, {0x20, 'net/nfsfs\x00'}, {0x20, '}!'}, {0x20, 'net/nfsfs\x00'}], 0xa, "d345db913c1df651c6a20bc443bd79b1e3b03ddcac2849738f26b80bb62c370189a25bf20929fbfc765b001a4959507b5a8761a1bb2a1dd142e34191719811e716969d5520f6b64dda37da643083e2925108e0db3c118c334fd59f91787827077a1ea180b04e11"}, 0xa2)

15:45:10 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 30)

[ 2585.806012] loop6: detected capacity change from 0 to 40
[ 2585.834453] bio_check_eod: 5 callbacks suppressed
[ 2585.834465] syz-executor.6: attempt to access beyond end of device
[ 2585.834465] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2585.835738] buffer_io_error: 5 callbacks suppressed
[ 2585.835747] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2585.846263] syz-executor.0: attempt to access beyond end of device
[ 2585.846263] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2585.847117] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2585.850388] loop7: detected capacity change from 0 to 40
[ 2585.851205] syz-executor.4: attempt to access beyond end of device
[ 2585.851205] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2585.852055] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2585.861298] loop5: detected capacity change from 0 to 40
[ 2585.864356] loop1: detected capacity change from 0 to 40
[ 2585.868509] loop2: detected capacity change from 0 to 40
15:45:10 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 53)

15:45:10 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 47)

[ 2585.912604] syz-executor.3: attempt to access beyond end of device
[ 2585.912604] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2585.914146] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:45:10 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_regs={0x4, 0xc12, 0x55, "c8a940c5255f17bdb1eda8794dc857b433f968e504727e24f7d6aaf88f9d1605f55c4315d06944205537a7729904f835a8791d6e5f6488710a51eab9824f8fda8857801cb313e6568b238a1cc55077da456f780d44"}})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = syz_mount_image$nfs4(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x5, 0x2, &(0x7f0000000240)=[{&(0x7f0000000300)="504c5808aae28078bf07ea0872c5dac1b90d6b1637365987fef29d1c0ed22737895b39082175532bc0701c46fcb5f84771eddae40b548ab78b16e39b067f52e0885eb3629cb8afcae360578cde0876662c26bea67dfe2eddc05edeca0befa945db7f5face3acb906fed872db788e4b238b3eb82b35e62e3338467485d564a6512f22a493829c6ca5611a74e2783c8c1f5b2baa07eda84f7a914ca400a2df57e1fce1b26ad0ea7580e5274f7d3211", 0xae, 0x7b}, {&(0x7f0000000640)="d847d385a5c4d7d133e3a185611bbc19017ee39cda94388fa985a7ef1f5ba9a402b3fcf4743ad79f5319a40938286acde0af43a9bab4ffb61b94fe4df27c25e262716a236d6d5f1190845fb6681e2732303b3d794fb557a77adfdd08b3de8010dc66990937c4e797f1149d7e23984142fb61666385bb624277ecf59d179efdd38beb8ca723dc38226abb7711bf95cf207d7289ecd6b23098eb85e717897a4dfa8e218c101de688d172a9f2e7a650eca5b72f778e80671a8712f43bd89552e933ded64511bf0e295d2ba474ffcd4293a9a7c4095c9dce632d0da837deebd75cdb76b8ca8afcc0cabc6f194e2000953c604b07f64e98", 0xf5, 0x2}], 0x80008, &(0x7f0000000580)={[{',$&\xc7,'}, {}, {'syz_tun\x00'}, {'\x00'}, {'S\f\xaf\xaa\n\xb7\x801\xc2\n\xa9\x87J\xc3:\xc4\x8f\xeb\x18s\xfb~\xa1\x98\xd5\x83\xed\xd1\xb4I\xb1/\x92I\x8d'}], [{@dont_hash}, {@subj_type}, {@appraise_type}]})
openat(r3, &(0x7f0000000500)='./file1\x00', 0x40000, 0x12)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r2, {0x1}}, './file0\x00'})
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc020f509, &(0x7f0000000540)={r5, 0x7, 0x7fff, 0xe632})
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2585.949239] syz-executor.5: attempt to access beyond end of device
[ 2585.949239] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2585.950123] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2585.955012] syz-executor.7: attempt to access beyond end of device
[ 2585.955012] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2585.956580] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2585.959275] loop6: detected capacity change from 0 to 40
[ 2585.965981] syz-executor.2: attempt to access beyond end of device
[ 2585.965981] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2585.966933] loop0: detected capacity change from 0 to 40
[ 2585.967564] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2585.972910] loop4: detected capacity change from 0 to 40
[ 2585.998752] FAULT_INJECTION: forcing a failure.
[ 2585.998752] name failslab, interval 1, probability 0, space 0, times 0
[ 2585.999539] CPU: 1 PID: 11055 Comm: syz-executor.0 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2586.000088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2586.000632] Call Trace:
[ 2586.000816]  <TASK>
[ 2586.000976]  dump_stack_lvl+0xc1/0xf0
[ 2586.001266]  should_fail_ex+0x4b4/0x5b0
[ 2586.001555]  should_failslab+0x9/0x20
[ 2586.001835]  __kmem_cache_alloc_node+0x5b/0x310
[ 2586.002175]  ? iter_file_splice_write+0x169/0xcb0
[ 2586.002526]  ? iter_file_splice_write+0x169/0xcb0
[ 2586.002866]  __kmalloc+0x4a/0x160
[ 2586.003123]  iter_file_splice_write+0x169/0xcb0
[ 2586.003468]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2586.003837]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2586.004206]  ? inode_security+0x105/0x140
[ 2586.004510]  ? security_file_permission+0xb5/0xe0
[ 2586.004843]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2586.005218]  direct_splice_actor+0x113/0x180
[ 2586.005532]  splice_direct_to_actor+0x33a/0x8c0
[ 2586.005876]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2586.006231]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2586.006604]  ? security_file_permission+0xb5/0xe0
[ 2586.006947]  do_splice_direct+0x1bc/0x290
[ 2586.007241]  ? __pfx_do_splice_direct+0x10/0x10
[ 2586.007576]  ? lock_is_held_type+0x9f/0x120
[ 2586.007884]  do_sendfile+0xb1d/0x12b0
[ 2586.008168]  ? __pfx_do_sendfile+0x10/0x10
[ 2586.008488]  __x64_sys_sendfile64+0x1d5/0x210
[ 2586.008827]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2586.009182]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2586.009560]  do_syscall_64+0x3f/0x90
[ 2586.009831]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2586.010196] RIP: 0033:0x7fb41b187b19
[ 2586.010466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2586.011747] RSP: 002b:00007fb4186fd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2586.012294] RAX: ffffffffffffffda RBX: 00007fb41b29af60 RCX: 00007fb41b187b19
[ 2586.012797] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2586.013301] RBP: 00007fb4186fd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2586.013805] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2586.014324] R13: 00007ffcd9ca88ff R14: 00007fb4186fd300 R15: 0000000000022000
[ 2586.014844]  </TASK>
15:45:10 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 50)

[ 2586.027610] syz-executor.6: attempt to access beyond end of device
[ 2586.027610] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2586.028556] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2586.042540] syz-executor.4: attempt to access beyond end of device
[ 2586.042540] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2586.043469] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:45:10 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @broadcast, @void, {@llc={0x4, {@snap={0xaa, 0x0, "b5", "dec839", 0x8847, "7bcf63d4cdded403163089ba7a1995c6c9cd94db0a61c246bf5fa09a79bc00d1c5ed880e08576544769de25d570c4504fcc14518117a448491147729487ee1bb199f1d203ec8d177d8e4833120ad131f48e62ee644d62f340329654fff5312f11879e3117c63f6dcb63af72d1b14374ccf09cf5977a1958a229a387680d720a5d1062c84ff1c3daaec29d4463307ed63da26b79b9d667de48384119812500ab918e699e3d32c8e80c136d4763b1133b123cc89abb79d87b1997813429d407cf3492fe7b20e5ad86da9ea08679986893df3eda92f59b1652bd774985e9fad684d6c374aa79e"}}}}}}, 0xfb)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:45:10 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 30)

15:45:10 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 31)

[ 2586.071207] syz-executor.4: attempt to access beyond end of device
[ 2586.071207] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2586.072126] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2586.105075] loop3: detected capacity change from 0 to 40
[ 2586.112618] loop7: detected capacity change from 0 to 40
[ 2586.169518] loop1: detected capacity change from 0 to 40
[ 2586.177019] loop2: detected capacity change from 0 to 40
15:45:25 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 32)

15:45:25 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresuid(0x0, r1, 0x0)
getresgid(&(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000340)=<r2=>0x0)
chown(&(0x7f00000001c0)='./file0\x00', 0xee01, r2)
getresgid(&(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000340)=<r3=>0x0)
chown(&(0x7f00000001c0)='./file0\x00', 0xee01, r3)
lsetxattr$system_posix_acl(&(0x7f0000000040)='./file2\x00', &(0x7f00000000c0)='system.posix_acl_default\x00', &(0x7f0000000240)={{}, {0x1, 0x7}, [{0x2, 0x0, r0}, {0x2, 0x1}, {0x2, 0x4, r1}], {0x4, 0x4}, [{0x8, 0x0, r2}, {0x8, 0x1, r3}], {0x10, 0x4}, {0x20, 0x2}}, 0x4c, 0x2)
chdir(&(0x7f0000000140)='./file0\x00')
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r5, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r5, r4, 0x0, 0xfffffdef)

15:45:25 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 54)

15:45:25 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
sendmsg$NL80211_CMD_GET_MPATH(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x44, 0x0, 0x800, 0x70bd27, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xfffffff9, 0x39}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0xce4a3fb9e9aa61a1)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
syz_open_dev$vcsa(&(0x7f0000000000), 0x2, 0x101000)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000001b40)={<r4=>0x0, <r5=>0x0})
recvmmsg$unix(r3, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)=""/4096, 0x1000}], 0x1, &(0x7f0000000300)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}}, {{&(0x7f0000000380)=@abs, 0x6e, &(0x7f0000001980)=[{&(0x7f0000000400)=""/188, 0xbc}, {&(0x7f00000004c0)=""/106, 0x6a}, {&(0x7f0000001640)=""/245, 0xf5}, {&(0x7f0000000540)=""/73, 0x49}, {&(0x7f00000005c0)=""/50, 0x32}, {&(0x7f0000001740)=""/169, 0xa9}, {&(0x7f0000001800)=""/73, 0x49}, {&(0x7f0000001880)=""/143, 0x8f}, {&(0x7f0000001940)=""/54, 0x36}], 0x9, &(0x7f0000001a40)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x60}}], 0x2, 0x2000, &(0x7f0000001b80)={r4, r5+10000000})
sendfile(r2, r1, 0x0, 0xfffffdef)

15:45:25 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x450400, 0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:45:25 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 48)

15:45:25 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 31)

15:45:25 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 51)

[ 2601.366767] loop6: detected capacity change from 0 to 40
[ 2601.370202] loop0: detected capacity change from 0 to 40
[ 2601.374245] loop3: detected capacity change from 0 to 40
[ 2601.375327] loop4: detected capacity change from 0 to 40
[ 2601.396598] loop2: detected capacity change from 0 to 40
[ 2601.400211] loop7: detected capacity change from 0 to 40
[ 2601.419137] bio_check_eod: 4 callbacks suppressed
[ 2601.419149] syz-executor.3: attempt to access beyond end of device
[ 2601.419149] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2601.420332] buffer_io_error: 4 callbacks suppressed
[ 2601.420341] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2601.424790] syz-executor.0: attempt to access beyond end of device
[ 2601.424790] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2601.425592] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2601.436162] syz-executor.6: attempt to access beyond end of device
[ 2601.436162] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2601.437044] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2601.438053] loop1: detected capacity change from 0 to 40
[ 2601.445433] syz-executor.4: attempt to access beyond end of device
[ 2601.445433] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2601.446353] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:45:26 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 52)

15:45:26 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 49)

[ 2601.478900] loop5: detected capacity change from 0 to 40
15:45:26 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 55)

[ 2601.514854] syz-executor.7: attempt to access beyond end of device
[ 2601.514854] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2601.516486] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2601.519603] loop0: detected capacity change from 0 to 40
[ 2601.520284] loop3: detected capacity change from 0 to 40
15:45:26 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x18000, 0x6, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2601.531060] syz-executor.2: attempt to access beyond end of device
[ 2601.531060] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2601.532786] Buffer I/O error on dev loop2, logical block 10, lost async page write
15:45:26 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 32)

[ 2601.567509] loop4: detected capacity change from 0 to 40
[ 2601.586492] syz-executor.3: attempt to access beyond end of device
[ 2601.586492] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2601.587381] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2601.594824] syz-executor.0: attempt to access beyond end of device
15:45:26 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x80410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x2000020, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2601.594824] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2601.595907] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2601.621549] syz-executor.4: attempt to access beyond end of device
[ 2601.621549] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2601.622544] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:45:26 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 53)

15:45:26 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 33)

[ 2601.642112] loop6: detected capacity change from 0 to 40
[ 2601.648331] loop7: detected capacity change from 0 to 40
[ 2601.689363] loop3: detected capacity change from 0 to 40
[ 2601.690290] loop2: detected capacity change from 0 to 40
[ 2601.707714] syz-executor.6: attempt to access beyond end of device
[ 2601.707714] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2601.708599] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2601.730111] FAULT_INJECTION: forcing a failure.
[ 2601.730111] name failslab, interval 1, probability 0, space 0, times 0
[ 2601.732073] CPU: 0 PID: 11112 Comm: syz-executor.3 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2601.733493] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2601.734912] Call Trace:
[ 2601.735379]  <TASK>
[ 2601.735790]  dump_stack_lvl+0xc1/0xf0
[ 2601.736511]  should_fail_ex+0x4b4/0x5b0
[ 2601.737266]  should_failslab+0x9/0x20
[ 2601.737976]  __kmem_cache_alloc_node+0x5b/0x310
[ 2601.738988]  ? iter_file_splice_write+0x169/0xcb0
[ 2601.739904]  ? iter_file_splice_write+0x169/0xcb0
[ 2601.740823]  __kmalloc+0x4a/0x160
[ 2601.741480]  iter_file_splice_write+0x169/0xcb0
[ 2601.742348]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2601.743145]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2601.743848]  ? inode_security+0x105/0x140
[ 2601.744414]  ? security_file_permission+0xb5/0xe0
[ 2601.745027]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2601.745684]  direct_splice_actor+0x113/0x180
[ 2601.746273]  splice_direct_to_actor+0x33a/0x8c0
[ 2601.746886]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2601.747515]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2601.748174]  ? security_file_permission+0xb5/0xe0
[ 2601.748867]  do_splice_direct+0x1bc/0x290
[ 2601.749448]  ? __pfx_do_splice_direct+0x10/0x10
[ 2601.750189]  ? lock_is_held_type+0x9f/0x120
[ 2601.750784]  do_sendfile+0xb1d/0x12b0
[ 2601.751326]  ? __pfx_do_sendfile+0x10/0x10
[ 2601.751892]  __x64_sys_sendfile64+0x1d5/0x210
[ 2601.752503]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2601.753206]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2601.753883]  do_syscall_64+0x3f/0x90
[ 2601.754414]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2601.755094] RIP: 0033:0x7fe051d4ab19
[ 2601.755564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2601.757822] RSP: 002b:00007fe04f2c0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2601.758761] RAX: ffffffffffffffda RBX: 00007fe051e5df60 RCX: 00007fe051d4ab19
[ 2601.759628] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2601.760509] RBP: 00007fe04f2c01d0 R08: 0000000000000000 R09: 0000000000000000
[ 2601.761379] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2601.762272] R13: 00007ffe399a466f R14: 00007fe04f2c0300 R15: 0000000000022000
[ 2601.763158]  </TASK>
15:45:41 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 50)

[ 2617.409223] loop7: detected capacity change from 0 to 40
[ 2617.415111] loop0: detected capacity change from 0 to 40
[ 2617.416418] loop2: detected capacity change from 0 to 40
[ 2617.418242] loop3: detected capacity change from 0 to 40
15:45:41 executing program 1:
setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000000)={{0xa, 0x4e23, 0x400, @local, 0xfffffffb}, {0xa, 0x4e22, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffff801}, 0xff, [0x8000, 0x2, 0x81, 0x0, 0xcd, 0x100, 0x7, 0x2]}, 0x5c)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x30)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:45:41 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 54)

15:45:41 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 56)

15:45:41 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 33)

15:45:41 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 34)

15:45:41 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x1000080, 0x0)
r2 = dup2(r0, r0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x64000, 0x12)
ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000000000))
sendfile(r1, r0, 0x0, 0xfffffdef)

15:45:41 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
syz_io_uring_setup(0x5dcb, &(0x7f0000000000)={0x0, 0x2922, 0x8, 0x2, 0x353, 0x0, r0}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000180))
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2617.433455] loop1: detected capacity change from 0 to 40
[ 2617.446576] loop6: detected capacity change from 0 to 40
[ 2617.454802] loop4: detected capacity change from 0 to 40
[ 2617.481829] bio_check_eod: 2 callbacks suppressed
[ 2617.481841] syz-executor.3: attempt to access beyond end of device
[ 2617.481841] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2617.483150] buffer_io_error: 2 callbacks suppressed
[ 2617.483158] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2617.483440] loop5: detected capacity change from 0 to 40
[ 2617.484465] syz-executor.0: attempt to access beyond end of device
[ 2617.484465] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2617.484490] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2617.489941] syz-executor.7: attempt to access beyond end of device
[ 2617.489941] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2617.490897] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2617.550784] syz-executor.2: attempt to access beyond end of device
[ 2617.550784] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2617.553413] Buffer I/O error on dev loop2, logical block 10, lost async page write
15:45:42 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 34)

15:45:42 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 55)

15:45:42 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 51)

[ 2617.575515] syz-executor.6: attempt to access beyond end of device
[ 2617.575515] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2617.577252] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:45:42 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000002c0)={0x60, 0x0, &(0x7f0000000240)=[@decrefs={0x40046307, 0x2}, @enter_looper, @increfs={0x40046304, 0x9}, @transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000180)={@fd={0x66642a85, 0x0, r2}, @fd={0x66642a85, 0x0, r3}, @fda={0x66646185, 0x7, 0x0, 0x19}}, &(0x7f0000000040)={0x0, 0x18, 0x30}}}], 0x0, 0x0, &(0x7f00000000c0)})

[ 2617.595692] syz-executor.4: attempt to access beyond end of device
[ 2617.595692] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2617.596551] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2617.606399] syz-executor.5: attempt to access beyond end of device
[ 2617.606399] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2617.607268] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:45:42 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 35)

[ 2617.619454] loop7: detected capacity change from 0 to 40
[ 2617.624596] loop0: detected capacity change from 0 to 40
[ 2617.625166] loop3: detected capacity change from 0 to 40
15:45:42 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 57)

[ 2617.648770] loop1: detected capacity change from 0 to 40
[ 2617.677997] syz-executor.0: attempt to access beyond end of device
[ 2617.677997] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2617.678942] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:45:42 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x16200, 0xe4)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="40fdff60c655a7bc87f27446e4c8fa59ae547d4d78c034e0aface84863d33a7c718c7dc7de850abda98db190d7ef728cb73c39fc97cde885c40183d25afe44c847dd720ddb3dd6b62b3843b1a4c4374c33155d36d615cdc67e35d11ea2719559c988482d800723ef93334dbf268925582287249721c8c87151e771a1b00e03aa9eee3ce05342921e8989340439319d760e1ca16bda7fb7cd41cb54619a73b05b08d3e0379b6bbeaa110dd2defa84f7acb6170aae456c53966dfc6423462149fe1ac23c1079b4b5a3555c67b9178614459aae76f75bdffc386904908c074ab3a5c716829006354e3f48cf5a554a08c93866215ea9865c4462a7e93816b5e82f6287a9b745cf2d0f48e0e34a88c16af48a13d54c91e36bb5a23e5367cfacb9152e61621b1b5caad09cf8cd", @ANYRES16, @ANYRESDEC=r0, @ANYRES16=r1, @ANYRES16, @ANYRESOCT], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2617.706123] syz-executor.1: attempt to access beyond end of device
[ 2617.706123] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2617.706550] loop2: detected capacity change from 0 to 40
[ 2617.707034] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2617.714606] loop6: detected capacity change from 0 to 40
[ 2617.721167] syz-executor.7: attempt to access beyond end of device
[ 2617.721167] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
15:45:42 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 52)

[ 2617.723138] Buffer I/O error on dev loop7, logical block 10, lost async page write
15:45:42 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
pwritev(r2, &(0x7f00000015c0)=[{&(0x7f0000000300)="eb9722b02edf0796336afc1768da627f5fde34c38f00a1fd294c57ba65de8b38293ff332a092a5694fc04f43ad0f503baa0c8528be2997e81903d9059f15462be1751b29f3f7e564f6b8cd8d19b1ab182a49349b65dda32d644370073cbaaddda3fade9e408baa9bf68743cd8f588d20e98226e9e6c765951de0aeab9f039fc8cddbbcc8cd3103951d0a1a06249444a7eeaebd8e2313e02db8fe5337583042955d84f3a4d6666af9e1f7916d4256c7a807913c288f4f630b66f363702ffca5a8c171dbabf75e31d8a43a5855ed4be240e8466868d54377953b", 0xd9}, {&(0x7f0000000000)="d4cb02160677c2d8d7a0d27cc6ee856ea2d3c9e96aa39083c0aa8748c89b401cf408fc51d3e8bb35dec28e1381b0da7f30f943e3e748db7505d53ed11e7ca7a7c530f01d03c36aa7a10740c3f213d9572751713394f52296ed6f15ea8fbbfbe88d339ebe020a41", 0x67}, {&(0x7f0000000140)="995e8f4c4bd2ff08d1e9e4e08bf14e41c178817fdaa60899769b26fe76682d6dd5a3ef2e039cfd52f989293879677b964ca828bacf819557c7ba75be385ad93f9a5dab242c70d5f3", 0x48}, {&(0x7f0000000400)="ef0899d244e5d6211073fd73a65bf0ff071b51674b327271c4086f2b4784f0728cc2504a00c165ff37704545a3298fdafb327ba37fa1a0aa8c899e56b03670b20cf00b5e5b6ca02d731bddeaf54b855a3c3a6a4c8a0903b3cad04e4af3708f247ac3618c30f607cfc364b383ef240867107ae2a9d351cdb52670f3fa5441d7511022632760e08da400ba9507b90f7cbc04555821c08850cf58c8d8f7e8030859af762266af0a705a68a2a0f2", 0xac}, {&(0x7f00000004c0)="0d93395fc3876de2a15c3b07bee00c919a802b409e8b392d995f8f9663b7e1bc810691bad055d7f5e27e9742816b19d57a5ac10668ce6bfef046e9697a898b22c81d6a1afa20009b6877fd7d90e69272c7fbe6f6837128b361852acc851b1f56ddc819fc90b8a9dc8fee9e8daf1fbf863a33a3812e0a7997b6e1cc452ad92528ea502b02dcf59cb8ed4204ff9dd3c3131101e519420915bf80593728a2f679034b6ed4be3c62f189ab48793f712f9c393418ca5d7d2db8c2010601297f8d89cd14181e99c8f62ad8fe6030a6094a972c9aa43909320cdeb7c01896a0f09ffd02492dbc1ac1593985c8fd56a8e0e9f9f7c2256d2a9c9855c4e8eac09ca3f9fe0a7f1c884dc3382cd05ee0d74474bb2565709d16f90a4ad0367de1792f10ba31df7955b609032c9fbbde74dfc08fa69ac9055d7c968f0f27f6718a265c7271881d98e401630ea8925d12c99d10baecbc1f18eab3578a0f0b8f5763608bb02fa4947d0878663e1dcfb8ffac5829d45705033769b9683d52312b5c6995a72625bae584b19cd0ee03ad68c5ba7dc99824624f6064b8a799299dc473bdc49a57658d39d1495bbf59dd67c1e4acc90c1b175e25f35308a702223912991f45ede6cd1f9c414f6a31a9b09f29870a762d70047dfb5ad669699a8a5c29106ea5764932da7227cd20dd89d4ac894349b7ed50270faf0e39381a752dfa67f8e4da409d2b6f5433fd90bab5a69c098fb8390b9013892384427e147eb93ffb93c2935a3399c38d75ea80c0cc5b17855deed57384519283ef9cb9de6ae4ba44bb9809e6799e2357ce5bb69d571860f74e39631d447679e1cc0e0667121818edc6b46a904db5b9cab2514a76def8f1acec926b1f6bbcc03e15a84916f2784a68178f43bbe0b613870ac9238abe154714a9f3ab16123ffa344046b7049f5a029dafae23f85223462a6ccb7eb2c899c5063c713a5580e9d85434b740df308290c8470e794f283b6e3cee0c4f995facffc80138acf50ca6535ad0e4d0983b2347550b534fa006962c674b85d8455e3643496b146e43490d45eb730de663e79f932de27a7259e3c92a5b1ee3f7747d66b6a5af72244c703a65a36cfe5a0de76e689d0f91e1b99819e19d3ba3dc460aa8923e5cc4699ca5cbc55d32aff4b3ccab12d89ef48ec6128154dbb0acb67a38a36982411140e9d07296e57d3c865236acdd48e10fd606164380f9fe545cc9a03fe877cd9df9df4b731a2968c94b54c1af2e6f8d65c27cd99d9c3a94ccb14d43913328dcf64fd2627b7f19e4865fb29ae50bb99fd04f1e889a5c931942a9c5ac31b814674dbfdee40f425e15202208c1d3291c6a9dfcea84257e555dac1e7efdff3a90759f374da62e3ea5a5a8758deb91d75b3196dfd31ac68cd80b6cb5bf9ce98c0d10891de7c469e58dcb032c726ffbfbb6062fafc5a8d6461735cfcc40404e6077daac878e7141ef1eaf268afa97b67950c5f55f0a198fd6a6f3d63004be8698efa785be52bd16143c73a40c77d066d1a2ac023ab2cf7f3ded2a528c7d887934562155e1dfed22316214e8c62ca7320b61661c52de153fc6cae20ef63bf8d2b66c011b1a661a9f66043c7c69da83df3b7c3960f72c790f019013e98917b0d8348b5e63d846ce6c218cd74eab1c31fdd5eec1e5ddc97185d34e749a24b6cbfadc5af302ed9494027c29a120aabcddc51e7ec9d1dd0d939dd9f5b060960100b37f16afd6bc68a7446494fda7c310f647685220b85b1803bab6496ec83333a232a5814fddadf11314fbcc1ec270541a9e863bbc33816f0a0b9452584ab6f40b34013827418430af802b7ace75affdc2d116a78653fbb0c9df7ede2bffbfeaa6967e7a8871ea6bb16deaa68ac46f6c2705dca343f726c5e8ea7d60c14cea6aae13b03db71b4583c0156bb1fb11b5731c1ba716d194afc4a9187e4f450c5d44935ed8bbd38a69c2187ae333c83d1cdda96170c5fde2d4b380fc3da2a718c27482161e9740a3fd9df73e6c333f089c56c2c2b0d380ed29ebc72247d1388dc8e3bf9b7f17ff01cfad3c076b518afaed5a63a842be69c90904d714fb7a7efdea4afcc53cec1bc2b02880aec742befbb557b02f230d7b71529606437ff960aff406a12a7044496f8abe9483d49bcfce7bcd18adec44519ffb358c6fa7140ec8881d86d2b3ed887b11667f4d6aa9727b5378c735516cd6242b08562ed68827edf4acfcfd618b47bda0a2df08852387a08caa7b7ef2b010674405323d45f51340830b55b313ed2c60deeb2ece774964eebe5a66a9cab76c67e1ee5a062ca081c751f6c17d9381c35922200699362d75d006f4fa0cae9db132958352ef21d60af841da644151184bbc3591c99538b147b38f93db54b8cb997a55cd1c352c9786cc8624d0f719d22861cd170ef8855cb9ffba7016cbfde63451e0e4ec02d14e5f8036e62d191443d9843024a33e1937f6e7d86d2a3742764c13ef2937823fdb2b48136530e5bb817054b8210227d056470bcb26047718322a2639fb4368d14836f38546c7f507df463f338f3809994935b88565e2a5517dbf6588a50458421b0a097d532b474b0142928cd34dbbc2d330eafdebf4654f8143a2d6a45d9551f3ecbad32edd2100418dbd5957192d0964b883949daadceecf20aecfe9f7c220d0941ae2ca8e68e2f1f8f197906f8681fb1630c514c7d72419d4bf09ecff8478612c34bbad8b7987370f9b9e46f03c96ab9a796568e041e5940f71811e7b47f5fafd311e3ea78b916fe6dffe16e287e627a93c3fa340770dea67d826762f8c47cb6817434dceee86d1709e13f85fd0369a8c7b5ee0479ddf1226ad38b120e1e0c050b95b5b8348ce82194ab0e768a4b67ee3c89fd628e1b83b6e9a407f4449f808e410ef8bc1838f1834f9d47503afb95b43234ee9ef0ab371a850430ba4348317471f02812b1f916c40708e0954cb9b0116bf602e834e54c67395289317cdb4238324f19f1565a998f1ce606a27313020c26887ecdcc96552e089f3e5c7c142182c40a11b705ec9764a32144f36616c934ce792aaffe0d4b81624faedbe450ea9e80bddc21129636bd77561e9f485a8ff02b9df372c7d2a979f53a0d0833531a9ec1e85ba1bf32e11f4ee5dafedf39159e8bc8b84e87142fed6c7cd591d0f2867effa320120d4f9d04389f82d1066babd9c6f0b3d5a7d8c3704062166e880a64093cd56c22298b52ace5c3f014659922774e04c37af3c1368fc6f17cd1c953c3c4a69ed70cd41b4e19d3bb14e78c9a5b2079e800556be69c46914dec078d5fe19dc790a7c03044e8df5d974e749bd6c7aff208c2cb86d95de80309ac58b93a6c64a292591133ed0c51b2bb62bbae724fc2f4e4af5172e97d4bf2bc9a4d2f979671448af4fe1e3a8ac9113192cee600b77d1b1a584c1c1db89dcd3d719a7797c769cc93abef24be2164ba2f748a981193f93e6f7d22761aba60eae19be7e457894b9d5e7bc582cbeb755f8abbafe8d9aea2c81bc30960ac24fbfc4d854720dc42574cb871aecca633af06e583cdf9e0b3f98b50ffad945eece904d76f8b188c8e6f2571d97b7e1b49bd3a24c11a27e2c41baf8363604072dc59c507abb493b539059921ef3c240abf947fb85fa5403bde5788a0c2ee7da2c1bb9c3b2e1dbc0950ec94aec4ff4dc8fda627d0c3d90ae6f8a943a5a511ae317753b2e8a94c82a7ebc345b7b107587efae293017036a42128a8fe9ff4d72cc7a3e5f5baafa74b3f0090d1eda0c79a646cccd93a0cd538c55bd8a63319e5a955551fcd51ebd6072785396d333d1a3522e1cf96add2ce4437a9336fdf7be0d461155ab74360f165ea49c6385850d38d1fa9c746e1841efaf663bfc41c1c486be7f9e4149de727c40a6c62ace9c2c8e60810d81d4130fb6dea1100c067687fbc083795fea5c1782ee47f44b767720233cb1c643f1376a7d5a88ca9fd18f4914e17953ef7472d047d427185f40b3522a331921b3faff68aeda953c4ce5170665053e82c11555a20a7d6bade0ab8b2d02e1ab70a5b2f0c347957d317ed58846cc811494e083e3f5bd37ef0358eafd7ceacf0ee5d17a2fd1ee5a51f39c81922a4d88efec1e41fd3498a67e5df47c59cc8f27ae177a11aa23c41a65f7a88d2430cbe36ab0e0ab5418a252a5313794df35a2a8224b2b70bc687bcced78732300ec3e3931ae4c933069bf8b09c4bc5b8e0bfcdd0c2d80629ff0f73a5ad3ebae7b9d3bcfa5b9c73e13eb3b69167b83ab90a2a82f6a11b25a76cdd387b87778d0525dee6ae95de159edbb8833553dd947c568d2ddd7ce1b573305989b2ddbda42489e81cee3bf745db0b6b0f6ee419f878ee776d399cf4c9a2f705ee1be54991b704a5cec82d9e58b4e717673000907d40003d1c8402ef01952344115bd0362efa56572f1af3bbe1baba24c0f7b6f899b6d3f28811de7362d958673e978aafb8e2102841895ab364c35790d41eaab85bb74556af98237e8a33b5237568cf7e701aa41a7bb4268db2cf285e359292f4194dd180d5bbdcc2eede9e5c711dc3a6c91e6f918b91d5d79b6058492fa8921d4ee3476732ee75adf63969aabd11698aebca901d8771b6c892b5c14a3e74367f2c5bbf443829b724d680c66779026a1deb54aea38fd8166e6d118d63f4cda4f4baca1f5b01c86e3c8bf85d2fe03c68b3ad105d2afe4338243516649633c379161604f80707c6b582e8d9fa0651732eb82604b15a5f572db192a0dabb104a8e9223648ffaadefa04adf99a045017830c107d5bfbc455419f194d30d42289090879da10c9a124b7f32df58528fcd4d91b4118e48121a2d50c5ba9fddd5a9a02d8eaafe04b359d3948a535b4e453a27e37919dc2da5aa87b434c3d4646d0a3046da2732ead22532be71accf03a1a618aa705cadbaa9921ef9e5012e2a61db71434256a0ed1c9269fefd7a987f3dfe4ed26a2671881fe631b069bdd982f412a2f0a1507893928868f967d334f212e09deebf516f686d8ae327c1ea281aeb91dc25e36beebed935a48acd7a23994a32dc54e724c98e02ee2cbd276f828455e08c783e7c9dd02afbb11b4e4e2425e84be10233fdcfd8b50153633964178da0a7c93b5971303f3440f0624358ff7e033697c21b974933669943cdc5d9bb42338a5545d54d5e62dd99b245df64c52c96f5064e44ac179929784e32c51deab361feb1679a3d0ff5a55bb7121a68a195cbf19ee9bf45bf93d38b8771fd4f3a72a5753ac850b91a093a29ad76c5d9e71875b8da6675c48d8a19fd18fe902c56e3c4a96d01342720a042bb60925cbe5985590966110c3466c92e95ed1d53b0d229435c98f73e117bc827a809a03aad730d086ce21160bc04830f46bee6ac370b8327a58392080d32f04e1967b6069078748c095572eef1cb803a6b1b8c163dc27cb8e2c4e993ca7c20b0f163daa360d93d31774a1754091cab67acb279bdf41f6e645c82602e8fbd1410dec88839ca2a8f06b311e716be1fe3bf1c676ecf64e66372d0eb9c7cd5b6a4453f078049be36db226fe308f2f59a895110c1d67ae5d96b605a7e1c5449942e90e03dd12b9f07e104d51d799daefe5a450c7968a4cb336cb60680210d13d5ba41c33bc25186ff8f842da60bd03668d64e8e33af0b98e739410659520416d117ac557c5bcdf88ee6b1124b2122c26f42ba600c365cec9c3f2ef926e4cbfa491a13023a7760bf0f17637b3002010a3f1172bf6c4e741f01e00738a3bc48a3a6e6b8420520936b3abd39305ff3eeb5c7dc926d134cb734baea4ffd5ca7c", 0x1000}, {&(0x7f00000014c0)="812a46a0906aead006af7c52f1015429c06e2a1cd887ce3dd4fd467fb67dc9caf33d0961a4ce2e6225f024b41b19df81a9ef4068a6251d51610d2d8f543056ce919639724d8f2fe20965f25c2b13663b98261ec2effcc429ccbbed8218580d5c575023c10249f1bb1b7416ca21a2412592fe4437735332cb888de1076eacdee22ab457eccc1a44946935dc89bb856573c538580f1ac0cd92309d9638b492e99467ff0c40303d0c57e3e57549e0e2baffa9ffa983169a8abe0d57279d55e22b8149e718216aefe825820cde2e63a8b9e2c959a7427c6ab31b48cae3390cb2b13793b203632186b378798e1af1980d", 0xee}], 0x6, 0x0, 0x1)

[ 2617.747519] loop5: detected capacity change from 0 to 40
15:45:42 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl(r2, 0x7fffffff, &(0x7f0000000240)="a9118376b197e625b63f269dbc7f59704e6817c7207ba52c0c2ab6b3a1588019d15311966a1ae9f27a6fe31a4f215ea86ed86b1fdda6bac038ad1757fe3bdac0b8fc22aa264ab69e3c7ef7eeab81a4e1d200ebf2bdef0e4340e22f67d7f4d3abf3f0a88dedf7ad255c63e69d030aedb2cc005eb99fec370c37ab9382249dd02567e0e6ad96f4092ce94a4d04160afdf337c91cbbdeee76705113b6f0a533e79cac66915c232c99eb66080db94f")

[ 2617.807379] loop0: detected capacity change from 0 to 40
15:45:42 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 58)

15:45:42 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 35)

[ 2617.848843] loop4: detected capacity change from 0 to 40
[ 2617.854247] loop1: detected capacity change from 0 to 40
[ 2617.883208] loop6: detected capacity change from 0 to 40
[ 2617.895148] loop7: detected capacity change from 0 to 40
15:45:56 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 56)

15:45:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 36)

15:45:56 executing program 4:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000300)={0x0, 0x0, 0x6, 0x0, '\x00', [{0x3, 0xffffff80, 0x8, 0x0, 0x4, 0x2}, {0x20, 0x10001, 0x200, 0x2, 0x100000000, 0x2}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
r3 = getpid()
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
kcmp(r3, 0xffffffffffffffff, 0x3, r4, r5)

15:45:56 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 36)

15:45:56 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 53)

15:45:56 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 59)

15:45:56 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r1 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f00000000c0)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x8}], 0x410, &(0x7f0000000240)=ANY=[@ANYRES16, @ANYRES64=0x0, @ANYRES32=0x0, @ANYRES64=0x0, @ANYRESHEX, @ANYBLOB="02f030221faf110e2f00b724115608b6cac5bba39085f0b063b28af82c75e24ee812c0afb4c087243fd75f7c1bcc1def631e77a523b0fba3b3dda16bb568944d433b30446076ab70517c1ae02d70ca576eaab5dc43", @ANYRESHEX=r0, @ANYRESHEX])
chdir(&(0x7f0000000140)='./file0\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r4 = epoll_create1(0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000440)={0x2013})
write$binfmt_script(r4, &(0x7f0000000300)={'#! ', './file1/file0', [{0x20, 'vfat\x00'}, {0x20, '#-&'}, {0x20, 'ns/user\x00'}, {}], 0xa, "9d77f0382334579aea37c485f6117fc5c155a6a487bd2e811d9863b345c273c0aa76cffce1dfd5d2daefabb1028926c0ecbf40c0d447d8e8264f6acfb1c9c5bc48755d407bd9993538a5d457a7cb2d975b49359b265af5962a43d1df6f4eee0f79d960c1a51a4fd56525885cf1a9b5d5f92ea6312e0443a94bbd0e71b3228ddf55045469957bc7ebcbd16bc12a431e7f05cea3322b5e0dbb28293872ee7f37155b95ec6a4116cda1a422830a589e"}, 0xd3)
r5 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000))
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r6=>r5, {0x3}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r6, 0xc0189379, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r7=>r1}, './file2\x00'})
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
setresuid(0x0, r8, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0, <r9=>0x0}, &(0x7f0000000200)=0xc)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r7, 0xc018937b, &(0x7f0000000400)={{0x1, 0x1, 0x18, r4, {r8, r9}}, './file0\x00'})
sendfile(r3, r2, 0x0, 0xfffffdef)

15:45:56 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2000, 0x4)

[ 2632.421555] loop2: detected capacity change from 0 to 40
[ 2632.439322] loop0: detected capacity change from 0 to 40
[ 2632.456121] bio_check_eod: 10 callbacks suppressed
[ 2632.456132] syz-executor.2: attempt to access beyond end of device
[ 2632.456132] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2632.457294] buffer_io_error: 10 callbacks suppressed
[ 2632.457302] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2632.462587] FAULT_INJECTION: forcing a failure.
[ 2632.462587] name failslab, interval 1, probability 0, space 0, times 0
[ 2632.463342] CPU: 0 PID: 11195 Comm: syz-executor.0 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2632.463888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2632.464431] Call Trace:
[ 2632.464611]  <TASK>
[ 2632.464773]  dump_stack_lvl+0xc1/0xf0
[ 2632.465056]  should_fail_ex+0x4b4/0x5b0
[ 2632.465353]  should_failslab+0x9/0x20
[ 2632.465631]  __kmem_cache_alloc_node+0x5b/0x310
[ 2632.465961]  ? iter_file_splice_write+0x169/0xcb0
[ 2632.466307]  ? iter_file_splice_write+0x169/0xcb0
[ 2632.466660]  __kmalloc+0x4a/0x160
[ 2632.466916]  iter_file_splice_write+0x169/0xcb0
[ 2632.467257]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2632.467626]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2632.468011]  ? inode_security+0x105/0x140
[ 2632.468322]  ? security_file_permission+0xb5/0xe0
[ 2632.468663]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2632.469022]  direct_splice_actor+0x113/0x180
[ 2632.469341]  splice_direct_to_actor+0x33a/0x8c0
[ 2632.469679]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2632.470022]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2632.470388]  ? security_file_permission+0xb5/0xe0
[ 2632.470738]  do_splice_direct+0x1bc/0x290
[ 2632.471034]  ? __pfx_do_splice_direct+0x10/0x10
[ 2632.471362]  ? lock_is_held_type+0x9f/0x120
[ 2632.471679]  do_sendfile+0xb1d/0x12b0
[ 2632.471973]  ? __pfx_do_sendfile+0x10/0x10
[ 2632.472281]  __x64_sys_sendfile64+0x1d5/0x210
[ 2632.472602]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2632.472962]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2632.473326]  do_syscall_64+0x3f/0x90
[ 2632.473606]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2632.473678] loop4: detected capacity change from 0 to 40
[ 2632.473957] RIP: 0033:0x7fb41b187b19
[ 2632.473971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2632.476184] RSP: 002b:00007fb4186fd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2632.476725] RAX: ffffffffffffffda RBX: 00007fb41b29af60 RCX: 00007fb41b187b19
[ 2632.477228] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2632.477725] RBP: 00007fb4186fd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2632.478225] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2632.478731] R13: 00007ffcd9ca88ff R14: 00007fb4186fd300 R15: 0000000000022000
[ 2632.479245]  </TASK>
[ 2632.480142] loop3: detected capacity change from 0 to 40
[ 2632.498953] FAT-fs (loop1): Unrecognized mount option "ÿÿ" or missing value
[ 2632.510468] loop6: detected capacity change from 0 to 40
[ 2632.512430] loop7: detected capacity change from 0 to 40
[ 2632.517519] loop5: detected capacity change from 0 to 40
15:45:57 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 37)

[ 2632.570089] syz-executor.3: attempt to access beyond end of device
[ 2632.570089] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2632.571775] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2632.584823] FAULT_INJECTION: forcing a failure.
[ 2632.584823] name failslab, interval 1, probability 0, space 0, times 0
[ 2632.586898] CPU: 1 PID: 11204 Comm: syz-executor.6 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2632.588215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2632.589520] Call Trace:
[ 2632.589950]  <TASK>
[ 2632.590333]  dump_stack_lvl+0xc1/0xf0
[ 2632.591019]  should_fail_ex+0x4b4/0x5b0
[ 2632.591729]  should_failslab+0x9/0x20
[ 2632.592376]  __kmem_cache_alloc_node+0x5b/0x310
[ 2632.593160]  ? iter_file_splice_write+0x169/0xcb0
[ 2632.593988]  ? iter_file_splice_write+0x169/0xcb0
[ 2632.594834]  __kmalloc+0x4a/0x160
[ 2632.595352]  iter_file_splice_write+0x169/0xcb0
[ 2632.596048]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2632.596778]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2632.597531]  ? inode_security+0x105/0x140
[ 2632.598140]  ? security_file_permission+0xb5/0xe0
[ 2632.598838]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2632.599562]  direct_splice_actor+0x113/0x180
[ 2632.600191]  splice_direct_to_actor+0x33a/0x8c0
[ 2632.600852]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2632.601545]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2632.602269]  ? security_file_permission+0xb5/0xe0
[ 2632.602962]  do_splice_direct+0x1bc/0x290
[ 2632.603558]  ? __pfx_do_splice_direct+0x10/0x10
[ 2632.604243]  ? lock_is_held_type+0x9f/0x120
[ 2632.604870]  do_sendfile+0xb1d/0x12b0
[ 2632.605424]  ? __pfx_do_sendfile+0x10/0x10
[ 2632.606043]  __x64_sys_sendfile64+0x1d5/0x210
[ 2632.606708]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2632.607418]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2632.608167]  do_syscall_64+0x3f/0x90
[ 2632.608703]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2632.609391] RIP: 0033:0x7f746e5b1b19
[ 2632.609913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2632.612334] RSP: 002b:00007f746bb27188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2632.613345] RAX: ffffffffffffffda RBX: 00007f746e6c4f60 RCX: 00007f746e5b1b19
[ 2632.614291] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2632.615263] RBP: 00007f746bb271d0 R08: 0000000000000000 R09: 0000000000000000
[ 2632.616207] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2632.617158] R13: 00007ffcd6c9647f R14: 00007f746bb27300 R15: 0000000000022000
[ 2632.618131]  </TASK>
[ 2632.643850] syz-executor.4: attempt to access beyond end of device
[ 2632.643850] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2632.645732] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2632.658249] syz-executor.7: attempt to access beyond end of device
[ 2632.658249] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2632.659899] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2632.681589] syz-executor.5: attempt to access beyond end of device
[ 2632.681589] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2632.683727] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:45:57 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 54)

[ 2632.731195] syz-executor.4: attempt to access beyond end of device
[ 2632.731195] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2632.733055] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2632.733365] syz-executor.5: attempt to access beyond end of device
[ 2632.733365] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2632.735811] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:45:57 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 37)

15:45:57 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 57)

[ 2632.769559] loop2: detected capacity change from 0 to 40
15:45:57 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x501042, 0x45)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
quotactl(0x5, &(0x7f0000000000)='./file1\x00', 0xffffffffffffffff, &(0x7f0000000300)="fb7a997c2f0f3fc9f2359f577cf16b0150e63a6c91dc5d93d3ad3cfdf5a8faf2197741c093a321e3fc3c3b3c42c58e55eae1952a0cda9d5d03521ef248854ff0f043fa073365bb505b6fd63ee89444a22f2115f01e6bf94dc0243dfa57cbd2690abd73dd8e5082ecbc8cce71c1df1263d19007f198a29b7979fb3a171bc9c156cd2b5997c13789e5ef941bd8a42e454b8a8af7e0356da03a04bcf43c646eb5aa03f5254b2e0e07ca7aaa6692f45b50888df0a1779f9d7c")
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
lsetxattr$security_selinux(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000180)='system_u:object_r:unconfined_exec_t:s0\x00', 0x27, 0x2)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x10000}, 0x0, 0x2, r1, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2632.883584] loop0: detected capacity change from 0 to 40
[ 2632.929118] loop4: detected capacity change from 0 to 40
[ 2632.931472] FAULT_INJECTION: forcing a failure.
[ 2632.931472] name failslab, interval 1, probability 0, space 0, times 0
[ 2632.933325] CPU: 0 PID: 11213 Comm: syz-executor.0 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2632.934428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2632.935484] Call Trace:
[ 2632.935836]  <TASK>
[ 2632.936157]  dump_stack_lvl+0xc1/0xf0
[ 2632.936714]  should_fail_ex+0x4b4/0x5b0
[ 2632.937301]  should_failslab+0x9/0x20
[ 2632.937861]  __kmem_cache_alloc_node+0x5b/0x310
[ 2632.938524]  ? iter_file_splice_write+0x169/0xcb0
[ 2632.939234]  ? iter_file_splice_write+0x169/0xcb0
[ 2632.939926]  __kmalloc+0x4a/0x160
[ 2632.940443]  iter_file_splice_write+0x169/0xcb0
[ 2632.941163]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2632.941934]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2632.942733]  ? inode_security+0x105/0x140
[ 2632.943301]  ? security_file_permission+0xb5/0xe0
[ 2632.943975]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2632.944760]  direct_splice_actor+0x113/0x180
[ 2632.945417]  splice_direct_to_actor+0x33a/0x8c0
[ 2632.946135]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2632.946927]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2632.947701]  ? security_file_permission+0xb5/0xe0
[ 2632.948435]  do_splice_direct+0x1bc/0x290
[ 2632.949074]  ? __pfx_do_splice_direct+0x10/0x10
[ 2632.949201] loop7: detected capacity change from 0 to 40
[ 2632.949784]  ? lock_is_held_type+0x9f/0x120
[ 2632.951139]  do_sendfile+0xb1d/0x12b0
[ 2632.951742]  ? __pfx_do_sendfile+0x10/0x10
[ 2632.952401]  __x64_sys_sendfile64+0x1d5/0x210
[ 2632.953101]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2632.953863]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2632.954659]  do_syscall_64+0x3f/0x90
[ 2632.955230]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2632.956019] RIP: 0033:0x7fb41b187b19
[ 2632.956279] loop3: detected capacity change from 0 to 40
[ 2632.956565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2632.959893] RSP: 002b:00007fb4186fd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2632.960993] RAX: ffffffffffffffda RBX: 00007fb41b29af60 RCX: 00007fb41b187b19
[ 2632.962020] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2632.963006] RBP: 00007fb4186fd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2632.963947] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2632.964911] R13: 00007ffcd9ca88ff R14: 00007fb4186fd300 R15: 0000000000022000
[ 2632.965897]  </TASK>
[ 2632.970227] syz-executor.2: attempt to access beyond end of device
[ 2632.970227] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2632.971889] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2633.068476] syz-executor.3: attempt to access beyond end of device
[ 2633.068476] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2633.070416] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2633.077542] syz-executor.7: attempt to access beyond end of device
[ 2633.077542] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2633.079220] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2633.344086] FAT-fs (loop1): Unrecognized mount option "ÿÿ" or missing value
15:46:10 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 60)

15:46:10 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0xffff, 0x2, &(0x7f0000000200)=[{&(0x7f0000000000)="00c30000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:46:10 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x410, &(0x7f0000000180)=ANY=[@ANYRESOCT, @ANYRESDEC, @ANYRESHEX, @ANYRESHEX=r0])
chdir(&(0x7f0000000140)='./file1\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r1, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r3=>r2, {0x5}}, './file1\x00'})
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8, 0x30, r3, 0x8000000)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8c900, 0x111)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000340)={0x0, 0x1, 0x2000002, 0x8})
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r8=>0x0})
sendmsg$inet(r6, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @remote, @broadcast}}}], 0x20}, 0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x3, 0x0, r5, 0x80, &(0x7f0000000200)=@can={0x1d, r8}, 0x0, 0x0, 0x1, {0x0, r9}}, 0x9)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:46:10 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 38)

15:46:10 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000640))
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$EVIOCGMTSLOTS(r0, 0x8040450a, &(0x7f0000000340)=""/201)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = accept4(r2, &(0x7f0000000180)=@l2tp={0x2, 0x0, @multicast2}, &(0x7f0000000240)=0x80, 0x80000)
connect$unix(r3, &(0x7f0000000280)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
setxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f00000000c0)={'U+', 0x39bd}, 0x16, 0x7)
r4 = openat$cgroup_ro(r0, &(0x7f0000000300)='memory.current\x00', 0x0, 0x0)
r5 = openat$cgroup_procs(r2, &(0x7f0000000440)='tasks\x00', 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r4, 0xc0189379, &(0x7f0000000480)={{0x1, 0x1, 0x18, r5}, './file0/file0\x00'})
sendfile(r2, r1, 0x0, 0xfffffdef)

15:46:10 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 55)

15:46:10 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 38)

15:46:10 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 58)

[ 2646.408411] loop6: detected capacity change from 0 to 40
[ 2646.409519] loop0: detected capacity change from 0 to 40
[ 2646.414841] loop2: detected capacity change from 0 to 40
[ 2646.416594] loop3: detected capacity change from 0 to 40
[ 2646.426191] loop5: detected capacity change from 0 to 40
[ 2646.447583] loop7: detected capacity change from 0 to 40
[ 2646.458571] FAT-fs (loop4): Unrecognized mount option "01777777777777777777777184467440737095516150xffffffffffffffff0x0000000000000003" or missing value
[ 2646.459512] loop1: detected capacity change from 0 to 127
[ 2646.504067] syz-executor.0: attempt to access beyond end of device
[ 2646.504067] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2646.505704] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2646.550374] syz-executor.6: attempt to access beyond end of device
[ 2646.550374] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2646.552046] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2646.570517] syz-executor.2: attempt to access beyond end of device
[ 2646.570517] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2646.572326] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2646.579157] syz-executor.5: attempt to access beyond end of device
[ 2646.579157] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2646.580987] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2646.583021] syz-executor.3: attempt to access beyond end of device
[ 2646.583021] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2646.584666] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2646.600622] syz-executor.7: attempt to access beyond end of device
[ 2646.600622] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2646.602353] Buffer I/O error on dev loop7, logical block 10, lost async page write
15:46:11 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 56)

15:46:11 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 61)

15:46:11 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffd, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
openat(r0, &(0x7f0000000000)='./file2\x00', 0x101203, 0x3e)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x80, 0x11, 0x10}, 0x18)
unlinkat(r1, &(0x7f0000000180)='./file2\x00', 0x200)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0xfffffdef)

15:46:11 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 39)

15:46:11 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 59)

15:46:11 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 39)

[ 2646.803411] loop2: detected capacity change from 0 to 40
[ 2646.803791] loop0: detected capacity change from 0 to 40
[ 2646.857852] loop6: detected capacity change from 0 to 40
[ 2646.884925] syz-executor.0: attempt to access beyond end of device
[ 2646.884925] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2646.886701] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2646.912985] loop3: detected capacity change from 0 to 40
[ 2646.916210] loop5: detected capacity change from 0 to 264192
[ 2646.950277] loop7: detected capacity change from 0 to 40
[ 2646.962482] FAULT_INJECTION: forcing a failure.
[ 2646.962482] name failslab, interval 1, probability 0, space 0, times 0
[ 2646.963895] CPU: 1 PID: 11251 Comm: syz-executor.2 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2646.964893] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2646.965886] Call Trace:
[ 2646.966215]  <TASK>
[ 2646.966507]  dump_stack_lvl+0xc1/0xf0
[ 2646.967026]  should_fail_ex+0x4b4/0x5b0
[ 2646.967558]  ? fat_cache_add.part.0+0x5b4/0xb50
[ 2646.968146]  should_failslab+0x9/0x20
[ 2646.968651]  kmem_cache_alloc+0x5a/0x390
[ 2646.969187]  fat_cache_add.part.0+0x5b4/0xb50
[ 2646.969781]  fat_get_cluster+0x922/0xd40
[ 2646.970316]  ? __pfx_fat_get_cluster+0x10/0x10
[ 2646.970936]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 2646.971750]  fat_get_mapped_cluster+0x216/0x4a0
[ 2646.972392]  ? __pfx_fat_get_mapped_cluster+0x10/0x10
[ 2646.973089]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2646.973799]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2646.974542]  fat_bmap+0x1fc/0x460
[ 2646.975032]  fat_get_block+0x33e/0x9f0
[ 2646.975598]  ? __pfx_fat_get_block+0x10/0x10
[ 2646.976245]  __block_write_begin_int+0x3f5/0x1530
[ 2646.976919]  ? __pfx_fat_get_block+0x10/0x10
[ 2646.977501]  ? folio_wait_stable+0x96/0xe0
[ 2646.978092]  ? __pfx___block_write_begin_int+0x10/0x10
[ 2646.978836]  ? __pfx_fat_get_block+0x10/0x10
[ 2646.979457]  block_write_begin+0xb9/0x450
[ 2646.980027]  cont_write_begin+0x4fe/0x700
[ 2646.980590]  ? wb_wakeup_delayed+0x66/0xf0
[ 2646.981184]  ? __pfx_fat_get_block+0x10/0x10
[ 2646.981795]  ? __pfx_cont_write_begin+0x10/0x10
[ 2646.982417]  ? lock_release+0x1e3/0x680
[ 2646.982995]  fat_write_begin+0x89/0x180
[ 2646.983550]  ? __pfx_fat_get_block+0x10/0x10
[ 2646.984161]  generic_perform_write+0x25a/0x580
[ 2646.984754]  ? __pfx_generic_perform_write+0x10/0x10
[ 2646.985438]  ? __pfx_fat_update_time+0x10/0x10
[ 2646.986070]  ? __pfx_file_update_time+0x10/0x10
[ 2646.986705]  ? generic_write_checks+0x2c0/0x400
[ 2646.987339]  __generic_file_write_iter+0x308/0x4b0
[ 2646.988004]  ? do_sendfile+0xb1d/0x12b0
[ 2646.988545]  ? __x64_sys_sendfile64+0x1d5/0x210
[ 2646.989184]  ? do_syscall_64+0x3f/0x90
[ 2646.989723]  generic_file_write_iter+0xe7/0x350
[ 2646.990373]  do_iter_readv_writev+0x211/0x3c0
[ 2646.990999]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 2646.991676]  ? avc_policy_seqno+0x9/0x20
[ 2646.992237]  ? security_file_permission+0xb5/0xe0
[ 2646.992867]  do_iter_write+0x189/0x7e0
[ 2646.993381]  ? __kmem_cache_alloc_node+0x1bc/0x310
[ 2646.994036]  ? kasan_set_track+0x25/0x30
[ 2646.994611]  vfs_iter_write+0x74/0xb0
[ 2646.995156]  iter_file_splice_write+0x73f/0xcb0
[ 2646.995820]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2646.996527]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2646.997255]  ? inode_security+0x105/0x140
[ 2646.997838]  ? security_file_permission+0xb5/0xe0
[ 2646.998494]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2646.999204]  direct_splice_actor+0x113/0x180
[ 2646.999809]  splice_direct_to_actor+0x33a/0x8c0
[ 2647.000433]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2647.001098]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2647.001783]  ? security_file_permission+0xb5/0xe0
[ 2647.002447]  do_splice_direct+0x1bc/0x290
[ 2647.003041]  ? __pfx_do_splice_direct+0x10/0x10
[ 2647.003688]  ? lock_is_held_type+0x9f/0x120
[ 2647.004284]  do_sendfile+0xb1d/0x12b0
[ 2647.004822]  ? __pfx_do_sendfile+0x10/0x10
[ 2647.005388]  __x64_sys_sendfile64+0x1d5/0x210
[ 2647.006006]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2647.006641]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2647.007352]  do_syscall_64+0x3f/0x90
[ 2647.007862]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2647.008535] RIP: 0033:0x7fe077f6cb19
[ 2647.009004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2647.011325] RSP: 002b:00007fe0754e2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2647.012279] RAX: ffffffffffffffda RBX: 00007fe07807ff60 RCX: 00007fe077f6cb19
[ 2647.013200] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2647.014117] RBP: 00007fe0754e21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2647.015055] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2647.015978] R13: 00007ffda5f9e29f R14: 00007fe0754e2300 R15: 0000000000022000
[ 2647.016917]  </TASK>
[ 2647.066410] FAULT_INJECTION: forcing a failure.
[ 2647.066410] name failslab, interval 1, probability 0, space 0, times 0
[ 2647.067982] CPU: 0 PID: 11260 Comm: syz-executor.3 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2647.069033] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2647.070080] Call Trace:
[ 2647.070434]  <TASK>
[ 2647.070745]  dump_stack_lvl+0xc1/0xf0
[ 2647.071314]  should_fail_ex+0x4b4/0x5b0
[ 2647.071873]  should_failslab+0x9/0x20
[ 2647.072400]  __kmem_cache_alloc_node+0x5b/0x310
[ 2647.073028]  ? iter_file_splice_write+0x169/0xcb0
[ 2647.073692]  ? iter_file_splice_write+0x169/0xcb0
[ 2647.074348]  __kmalloc+0x4a/0x160
[ 2647.074826]  iter_file_splice_write+0x169/0xcb0
[ 2647.075481]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2647.076180]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2647.076835] loop1: detected capacity change from 0 to 40
[ 2647.076890]  ? inode_security+0x105/0x140
[ 2647.078148]  ? security_file_permission+0xb5/0xe0
[ 2647.078799]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2647.079504]  direct_splice_actor+0x113/0x180
[ 2647.080111]  splice_direct_to_actor+0x33a/0x8c0
[ 2647.080750]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2647.081422]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2647.082118]  ? security_file_permission+0xb5/0xe0
[ 2647.082795]  do_splice_direct+0x1bc/0x290
15:46:11 executing program 1:
sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000040)={&(0x7f0000000240)={0xa8, 0x0, 0x20, 0x70bd29, 0x3, {}, [@IPVS_CMD_ATTR_DAEMON={0x68, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vlan0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth1\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x100}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e21}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x9}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x10001}]}, 0xa8}, 0x1, 0x0, 0x0, 0x8081}, 0x4008000)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
lsetxattr$trusted_overlay_nlink(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000300)={'U+'}, 0x16, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000023c0)='./file0\x00', 0x100, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000002440)={{{@in6=@local, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@private2}, 0x0, @in6=@local}}, &(0x7f0000002540)=0xe8)
fchownat(r2, &(0x7f0000002400)='./file0\x00', r3, 0xee01, 0x400)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000016c0)={{0x1, 0x1, 0x18, r0, {<r4=>r3}}, './file0\x00'})
syz_mount_image$nfs(&(0x7f0000000340), &(0x7f0000000380)='./file0\x00', 0x80000000, 0x5, &(0x7f0000001640)=[{&(0x7f00000003c0)="ad771b46cf265d6a6fd39c70a08a96cf3ead5dc6dabf66e562f36b293b1f0b65e5c9ac8d7686d85f80b2ca6af0793dd2ecd4fbb381dcbc510810a26a1eb3b5616c6131203043b612246c52e31a4b44d4887da8391d363ed889127a4e9cc961349896ee645d5df22332b1ebb6687115d8043fbc521dbbd954393b", 0x7a, 0x40}, {&(0x7f0000001800)="4370c7707dc05803927d269a2c21289658dc863b5e95d05510a252a0ef03522b3811c40086b5323103740531449daef3982cd165d4fe7e04a7fdb2a8de0ec58986e58be0ff21ee346708d81de4b9534ef09aa0d873a8d1aa5732391a877939f5a12fb08a0b9ccd1987c73ba284771bad0f1fc190716e6f71374eca7888d41581b9ec01b16e649266e8708d76dbd1ad97b7aa1b5962e8d3a76caf9125fd815836f3289240f6b95547b8462cfaccc414af9f9eb89779bd19590f0e23c9ea98ae499c7eed08cf360769d2e6deb994549f7399a9b9fa9e7883977673bc3d624c0fa8e18f1f0b27d8f3293ef67109c84ca958377bd8093cd60e4ef7bb6f9124f633339f9bb476baa1e6c496c36dcc134affa5fa03601c0f4b84f834020dea61f8a4d39d6c24ccb8bc5f0594cbec3831b42ab0058cd1e14344592d9b58f5b65e950a3f34f1a532ad0d13ef52141ea7612d7068a7fa5470519dc519e03138474891666ba9592c4494d6e038a6b176b3e34db61ea720bf046e90f2800f3b9efe6861e2f9ef2c79a9429064b3ecbcabdd8ef5423dff6bba56d7e6f49bbccbe6b8929bd8484ca39b17de", 0x1a5, 0x50}, {&(0x7f00000004c0)="adf4125704aed93cda03c1878f5da7fffe5bd3f8bb8d3b1144351e4cacff6e3025a63fea9fcbcc104a6dac3ad50f0909cb312a1ac4a46939e830ca77e110d354e44529561136b8715a9d063ba9fb89fbf0bfe6277ce2790e3eeac11294fae3dbee60fc5a18cb4f92e4f19d3a29c6ed712369cc0c454c6eb87186a240d3a789db7e2fb982c909d89fe458721f5dee7a0837e9769c612f64826faab82724da0e03e27172d722a32537bdba1074f6746932c128ff15192e87088dcb0fb263c9bdb199686eec2db8658d04418df91fac0b154805914e48663808e3115d608ae5e95c0316fbb1fca72bc38cd1f17527937a023f9166070e00aa9af5777352891f0a3192cb465fdf6eb21ef46f0d5a4732423572b501e84baf95567417a9bb4d9f1b262ea055eb4c9adff2aa420f0405716844bc16592cfc66bf678a81555771274177d69f34bbcd97e33dd79490e91a2b9823abdce60fe0bf4ac32c0e32b6fe24a90116368e0c85e6514daaaf8a4ca864389039b43abcc1fd2d43fe0d2dbd468eabb71db1df53e4a4cc2183dc771b7da5935ed631b0963f1b12e8414f7726d5bf5adc3a581ab9527454d0d552c5046bf9638bab1b8ea815fb2c38b10c56dad52a0d002026865d073d6138f3433380c83bcefd6eec8629c582f2a0624ae15da6438c7a8a8c7558bfc526910b758e83fab70712f25bf281ec5a3cfc189c7343151797cc2e78a32b0995b5dcccf9086e82cdbcb9442af817c4b46d30229b6cbf0326401ebff9948dc84ad1848bdc2082d831586f751e95f61afd24eb8e778b96cb4013ecbcd7c4684bbdf630d5f9f38ca63ba0ca4ceb50a32060d55bb1c2583ff64a1f4517be34eabdbafc24c6ed96c214a523a75dea2e4a9ac0f89682c9fb374b17945d37789fd9878e0d78b1aa4802cc509876e848cca4f74eddb5514d54592b51fa77a40088c2cdf78d6c86488a21215ebb4a9b207f969ccb8393ba976559fe4fd551eba875a673658d102a4e4780a0c29b3169ed32cbaa76f6d3bf9584072752174c2c286f50339e21d6f9d5693e4c204cc3640128d6882348953bc49cb35e09bae983643314251292fab6291069b87e4959f52e8dbd59909d42a8dbac6b38407f5622b21626d02a417272af958b6b0e3b89235047ddf30153b495e93cab67c28d5c8570cf919e45c0b0bd7fedb22a4543537e22ded368f658eca7494c7cabb16d3295924a3012d27ecacabe1da071388092fb18a67f9a5311703b70a9e36130cc5247b3d57be479b2a2d991cd01a8b35b517490a49b4047f698f90601b92a0ec86f161d049a3cdb8bb549e1376e84c474a6548a0f688217bbba7bb9ff8845cb60d181292d057dee192d4245e30ebd37e00e06266437a4a1a98b1d570c8e0f4b79b9e34940166f779779af36b102adbbb0ee7eddbeae6c4686632571fb3efea7fc861b7ebb7b4bdcf41de800c808adc2956604110d4810514b44070d03e594c57e6a7f7b8b95fabbc99186dc5b74a7063eed42a8dcdca8c2cba4bc530d3bcff889c61598a906a21a925f2a246d37626ed480b877f2bcecdb41d84d30c202c9c11271cb214de8681dd224e5b0b8ce49686ab15d8daa0fe57f03a165377d20c7b2563f8b8fa66eca6bd79c4c5cf28114b99f4170ddaaf0790965411a64279942bca0172839f8ef593777cc91ed92a8f5cad8145a66c124fb11363c78a2212db8a40a8b648874cd227e3c82a8117b132e6972bdbcb073c7c575849bf73e7c2f2552951786a500ecc5b21a5a366659d8dea8c26201afed38644d2ce8c7038fdd53a73254ee069f8ca6f9b30dabb0921d9db9f197a79b155847ce6faeb54e5ac7578214810e7ab881ae9e6175924e8ea3a730f7e857b146360bf18e88270ae383c6be536a15b1f9107ac999c47926925a5c1bbbedc83e6f312aebafcd23c7d8cc411c5857e5eb8c17cf7fd6f8025d9a7a81131a089f58dea77906607bff911bf00fc8be8d6473b37a3a27f27551fbc3e92f023c798fd26d99701d1f6c8589075a44a21625b1406f483639ba22c0071652df85101f3a070c60e5b1231f15dd693e5962fc6da7a597d3f679db01fa95429265383605a40b080f2033ef78f351f4dc43fabbba70922b584178185e2cc54025e381a309a72a414034bb4a1361371f83e6a617d880054a2913f00275cafe7114a1c74e87defe6e21a461b32ec7aa38d8e8fd8b73c1d5a0924660fcb2f4995c17fe37901aa773b25d23582a7fcc9edd9def21e9da3197c8b6ada26a3dbfd80c903e77acd147d4606556012cbf357565910159a2d76b84b9ba0e1e0898ceebcf858ed6835d69f3349d681ac3dd0605422e40007e99832bedd9634297e6575b06c3f74db6013641505c3c05cbaec95f3792e1b8c9511238d90fb3027c4a91f2c169c81822ce9da3fd5c2477120753830ae013f1f7db4188ef747eb8d509cfceacb3a7c4145afb51b57c53f91b413978b50945bc77c2954a7ad27af7d03cd4e6d30996e33c2c981a82a461a7ba32c2545e82e18499cc42a01a9b78ab87dc01f3e0144ebebb723f412a453b4a2c7b17eb2c2ab8ac53b31053cc91a0e0e35c4042be66425bbb4723359c6608cbfbf4f170c8826a934f17c0a86077103db260e62677bb45b184eb891fcf2d04d98b31414fb6603871cb9bd7e761065e090fd86fc892024af3f1497380dc01897eccbee628b32707a25792d82274e23bca8f562c94a9ea5e38e8d54bca61f9caf1cbbff13adfcd824ab8ccb32f51ca25d6ca44d55cb993ae9da59290826903fa63d09f116abe0286216f08b929bbccdbfb701564edfe8bf42ef997341f30687adf33d59bebbfbc7c665179cdaecbefa3456f6c3cfc61e40c8136079502e4eaf0996455c5db4017abac08ed6d0763b8de1bc97b3ad9a63d08f1a3d3d34f00004c9bca9db96a3239774b2c6217d71520bf174c27105a7e9163efb1f8be1862edc58f58d6ad341f0261fe162bd94f8ddedf202928b93195ac030e9df64202e894335a51139805aa5d625c8a05f1d349e21d074e562fb264572887f9aa9a460805681238d682a7a07b00d566b21e141323618530c1574240b15f98bdfe058a7f973b654a5bf40931980c4812196d14810e9c352f8b98fecb1e442e1c00a11495a8cb529500b93aedbbec50751117493d772103fb9e8be1ef4cd8097ed9fbeec723e69ed8761aa71c3f8b72c77dc322f993ab12c68b30a2aeb609326787ba1d0a08f56ff438cb738e429cd6d3483f6e1297ed6de4f64887450930ce7ba5916a648830f1231dfe44baba2f00cde45bc3c47fb922a5996b661dd9fd8ba527b3cc53681ada58859fc564c44edab2474338ebdde495cb2cbc813eb6e59d2aae465cf4ee859953eb7d18b477309ddadf965d9d6140bb375207781af81c1dcec9461b19842c4a8266425cdd1d047c3a09fe66d8a9e54b6f7819400ee3d7bb1c8ae7bb7b1bee5d79223120c4aa45afb07ea666028fd5edc630826cc5774a90339c393d4185e8286670db4e5f048f10caf4e7021af3b2da2a04c84c3d37aedd99e891f34bc6f5eec2e1c63e09f7ef309b56fb6fd102ee75f4050ac3927b7774481348241bc48477d2b7c60f6f3001c2ff1bb70ce830debfb3c99485073ddf416963caa9720dfabd0cf560068acb2a9fd634cf4c363f83a006880afdd0aee8299701048b2c3e5eedf741852b22993f4e0572d67fbcf7ad8a47948201aa714684e247492723db7749eb9108fd99e963ee8b98b6a915d30a4f148ec52356bc69d370ad2f975eeafd0a59f1bc39b191434980e6a05c3cd89b787292c1c1ee400cb574f92161539d383e221dad38426fe1ede7f6da749a5a3b18863353c7ccc8b8e2a5f2818ffb35ea26015e362cca28d4d5952470821f5f8c377e96233fa6878b89bb643af0078206ebb1adac69c73d0c1590b8fda417ad4c26af192407f06990ad2fa1e07b070c6839d1e90f3c5c9ec3898eb527c933b8f9b4026ab6912db45f1dc2a02f4cb5b38373c06d038240f38d555280ad07219411f55c98d74f5362d5a879d12297701cde5c17212f273c5c21b0a75a24fe1ed751257828e333e12ccca7d6bf90e188b166a2c213081144464719cd21b65cbe10485b3f33184d06c9b8de941d021a3146c42e6c13d37fdd85bd36b8cb71f317170ca2a4c457da13ae1de87034b3f4c456b2f4fe115825853c1bbffcb7310c3e3832036adf9eebee280d0c9c2d53ce6320f48f03034b083ffd6592c23c501ef13bf1217809d65024e646a29edc4089074ca90f9dc1f2005caa03c692bacb1299edce7663caeeba4c9ff929a0787478c0050ac648e139e9b13518402bd607e20adcfa2e6a5355d4b3a72ff725c7f2684e1be06024ddb91596bdc42a11a9a24a40678eae7788b940b9efd1273de474f8ce1782d3d723d7e147439370ff7441f3995f92d26121e4c1a2b3d069c3ef7f40c2a34f23dd3f385264e3eecbc28dcc781266711a6b57980f4e2488b17d97ca2969b9cd5551a03aa21930698e13646a395ab4e7cbb67710a32dc6af5538bc579d32760504e329f0797452fd225b47b46fec72e0f98980130297cbc0fd0746de54e8b5811d9473dc38d5521698a453d669a16e6f091dc827a1c5a8d1d640f1d4ae09ee464a12354388e26830c6893f387c61a3c51ba15f82e040696078bfb31b1eb0d12bf1931102302a2d8ce0207aec0ed2fb1e91f99ca906b16a17be33ac650318f503fb8da07f20fc877cc51b954a12c8db525ff7471c5f9d2246808e4c99aacd47533f5c24f2817ec60462df3b898ba51a3d32ecfb2ac74ad7f0c212dff04900029863bc705d4160663d5e1feab8b3f8bc57518e93d16506c401b06bf2da812c96da31876edad903db79db312a9febbd7aaf2aee28f08e05efd9e26036fbda553810feece59f4c004e7657af5dba7675839b7e2cc65dd2a541fad4e2ec293c215314a30c91915749dfe58e1ebea29d653111c151adc0e3018d30aab5a76e08af669cdc1df048042782df89a2b1e4ecc61590eb0f6a105637ff51a1fa3c34fdd31497c42dfa85081d5b285c30f1c05a56e2d496d032fcf159373a290d7449502fc78b229444a4e80317fdd9fb83cb563e0a177c0463f0a406422a1ba15c1e515f71eaf020ea47790aa1e9d93a5a5f33989bbdb6094ade3e2077f0a4da54b34991b0e1861426e4dcfd62181c981ac2fa25fa3102b7114410e88f5d6326125307cfd81d7b2f47a96723cbee12590e3c1ae9bb4452ba41af93c8d402b7c0a5236e02404d864dc60a37d19860d857a12a953ae70a7220d1a74100d0b839462f9d7d19c4a778bd6419c2b5940dbd62ae643ba2936d7ffba5a0df7bd2906226e9e70b56338662628b4fda136a1b440e1fe0c8bc963152542d9475cad7d71846f94f1662cc1a7415ffe485a93421ade8aeac206fb40d204440fd1cd4dd5930a30f46a910d8006909ad6ad1436fcfde7de3ddebbf9fd1a9ebbbe66991d4ee3dcacf32d44585542ab147ecd20d3709b35bdad880f5258d8c50a2ca87e26a19a88d56780f04c38d50c80c7b086cad57111fc6638645af41da23bd2c964614214bc9fe1ddbef28f5bea337314198655478f870251ce2213814c24ca7478a6a4b7d5ff3b909623cfba176acc32d5acd36e2f24930c88940733a81778d540fc25a72b847ea2a97d34bc7e27d1207a83e2fd724fee2953a7115360c8eca1f87b64479af3c2f91d27dc5f5eed57ea3baf4aec18dc6d5a586065d758b521955c9ed4d7c7a09fa3500cd951d38f37a94c4412e877501", 0x1000, 0x8001}, {&(0x7f00000014c0)="8ac6a309049912ebce7484581ab1d69847fbb96c78ee45acabda219a5116ca906b5e741a8585ebeb8d515b7bee9933c00eec705d90efafbbf8ead5706394c29e23d25ed803f08fd7ab948ceaba87d5abe7e30bc74a9a4db0cff2d9595d82c4fed440a6d764866817924dd0d1d61fc8a62fae43ee1ccf95555ce507a5fa2293db3884c280f6d517c2858dcc1258fe0ac5b1e8734386d8be2651a51ff305eb55ebe3a54b711136a593c1796ac7876066538bb727dff38c7b421024c8d602d8278efb9705a156ea7806b16e57ec457eb6f6ed", 0xd1, 0x1}, {&(0x7f00000015c0)="184c16cf7f379e694778bdac6e66b034d8e5d48cab3b9589ebee2ac6a51da59e341d0b3fb5efdf357b657d7a74b6137e8988427608ab5335871ed3606bb2fe4d8e62e20453c052b614198b1c9261d65103de6183fcdd66", 0x57, 0x5}], 0x1040004, &(0x7f0000001780)={[{'trusted.overlay.nlink\x00'}, {'/{'}, {'vlan0\x00'}, {'vfat\x00'}], [{@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@uid_gt={'uid>', r4}}, {@uid_lt={'uid<', r3}}]})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r5, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r5, r1, 0x0, 0xfffffdef)

[ 2647.083462]  ? __pfx_do_splice_direct+0x10/0x10
[ 2647.084290]  ? lock_is_held_type+0x9f/0x120
[ 2647.084892]  do_sendfile+0xb1d/0x12b0
[ 2647.085430]  ? __pfx_do_sendfile+0x10/0x10
[ 2647.086036]  __x64_sys_sendfile64+0x1d5/0x210
[ 2647.086666]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2647.087370]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2647.088070]  do_syscall_64+0x3f/0x90
[ 2647.088565]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2647.089247] RIP: 0033:0x7fe051d4ab19
[ 2647.089741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2647.092071] RSP: 002b:00007fe04f2c0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2647.093072] RAX: ffffffffffffffda RBX: 00007fe051e5df60 RCX: 00007fe051d4ab19
[ 2647.093994] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2647.094938] RBP: 00007fe04f2c01d0 R08: 0000000000000000 R09: 0000000000000000
[ 2647.095853] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2647.096773] R13: 00007ffe399a466f R14: 00007fe04f2c0300 R15: 0000000000022000
[ 2647.097726]  </TASK>
[ 2647.114013] syz-executor.2: attempt to access beyond end of device
[ 2647.114013] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2647.115915] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2647.117535] syz-executor.6: attempt to access beyond end of device
[ 2647.117535] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2647.119250] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2647.129949] FAULT_INJECTION: forcing a failure.
[ 2647.129949] name failslab, interval 1, probability 0, space 0, times 0
[ 2647.131215] CPU: 1 PID: 11262 Comm: syz-executor.7 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2647.131886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2647.132558] Call Trace:
[ 2647.132781]  <TASK>
[ 2647.132981]  dump_stack_lvl+0xc1/0xf0
[ 2647.133325]  should_fail_ex+0x4b4/0x5b0
[ 2647.133682]  ? fat_cache_add.part.0+0x5b4/0xb50
[ 2647.134079]  should_failslab+0x9/0x20
[ 2647.134414]  kmem_cache_alloc+0x5a/0x390
[ 2647.134783]  fat_cache_add.part.0+0x5b4/0xb50
[ 2647.135178]  fat_get_cluster+0x922/0xd40
[ 2647.135523]  ? __pfx_fat_get_cluster+0x10/0x10
[ 2647.135948]  fat_get_mapped_cluster+0x216/0x4a0
[ 2647.136347]  ? __pfx_fat_get_mapped_cluster+0x10/0x10
[ 2647.136781]  ? finish_task_switch.isra.0+0x1fe/0x830
[ 2647.137225]  ? lock_release+0x1e3/0x680
[ 2647.137577]  fat_bmap+0x1fc/0x460
[ 2647.137889]  fat_get_block+0x33e/0x9f0
[ 2647.138260]  ? __pfx_fat_get_block+0x10/0x10
[ 2647.138662]  ? __pfx___schedule+0x10/0x10
[ 2647.139041]  __block_write_begin_int+0x3f5/0x1530
[ 2647.139467]  ? __pfx_fat_get_block+0x10/0x10
[ 2647.139852]  ? folio_wait_stable+0x96/0xe0
[ 2647.140216]  ? __pfx___block_write_begin_int+0x10/0x10
[ 2647.140685]  ? __pfx_fat_get_block+0x10/0x10
[ 2647.141080]  block_write_begin+0xb9/0x450
[ 2647.141446]  cont_write_begin+0x4fe/0x700
[ 2647.141815]  ? wb_wakeup_delayed+0x66/0xf0
[ 2647.142180]  ? __pfx_fat_get_block+0x10/0x10
[ 2647.142570]  ? __pfx_cont_write_begin+0x10/0x10
[ 2647.142980]  ? lock_release+0x1e3/0x680
[ 2647.143336]  fat_write_begin+0x89/0x180
[ 2647.143706]  ? __pfx_fat_get_block+0x10/0x10
[ 2647.144108]  generic_perform_write+0x25a/0x580
[ 2647.144530]  ? __pfx_generic_perform_write+0x10/0x10
[ 2647.144952]  ? __pfx_fat_update_time+0x10/0x10
[ 2647.145364]  ? __pfx_file_update_time+0x10/0x10
[ 2647.145773]  ? generic_write_checks+0x2c0/0x400
[ 2647.146185]  __generic_file_write_iter+0x308/0x4b0
[ 2647.146607]  ? do_sendfile+0xb1d/0x12b0
[ 2647.146964]  ? __x64_sys_sendfile64+0x1d5/0x210
[ 2647.147355]  ? do_syscall_64+0x3f/0x90
[ 2647.147703]  generic_file_write_iter+0xe7/0x350
[ 2647.148103]  do_iter_readv_writev+0x211/0x3c0
[ 2647.148494]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 2647.148927]  ? avc_policy_seqno+0x9/0x20
[ 2647.149278]  ? security_file_permission+0xb5/0xe0
[ 2647.149702]  do_iter_write+0x189/0x7e0
[ 2647.150048]  ? __kmem_cache_alloc_node+0x1bc/0x310
[ 2647.150458]  ? kasan_set_track+0x25/0x30
[ 2647.150829]  vfs_iter_write+0x74/0xb0
[ 2647.151174]  iter_file_splice_write+0x73f/0xcb0
[ 2647.151611]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2647.152065]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2647.152524]  ? inode_security+0x105/0x140
[ 2647.152899]  ? security_file_permission+0xb5/0xe0
[ 2647.153317]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2647.153761]  direct_splice_actor+0x113/0x180
[ 2647.154143]  splice_direct_to_actor+0x33a/0x8c0
[ 2647.154542]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2647.154993]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2647.155435]  ? security_file_permission+0xb5/0xe0
[ 2647.155862]  do_splice_direct+0x1bc/0x290
[ 2647.156232]  ? __pfx_do_splice_direct+0x10/0x10
[ 2647.156647]  ? lock_is_held_type+0x9f/0x120
[ 2647.157025]  do_sendfile+0xb1d/0x12b0
[ 2647.157369]  ? __pfx_do_sendfile+0x10/0x10
[ 2647.157750]  __x64_sys_sendfile64+0x1d5/0x210
[ 2647.158134]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2647.158569]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2647.159024]  do_syscall_64+0x3f/0x90
[ 2647.159348]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2647.159777] RIP: 0033:0x7f7050f93b19
[ 2647.160092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2647.161570] RSP: 002b:00007f704e509188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2647.162192] RAX: ffffffffffffffda RBX: 00007f70510a6f60 RCX: 00007f7050f93b19
[ 2647.162789] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2647.163351] RBP: 00007f704e5091d0 R08: 0000000000000000 R09: 0000000000000000
[ 2647.163940] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2647.164526] R13: 00007ffeb40769df R14: 00007f704e509300 R15: 0000000000022000
[ 2647.165120]  </TASK>
[ 2647.208439] syz-executor.1: attempt to access beyond end of device
[ 2647.208439] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2647.209513] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2647.273055] FAT-fs (loop4): Unrecognized mount option "01777777777777777777777184467440737095516150xffffffffffffffff0x0000000000000003" or missing value
[ 2662.163656] loop3: detected capacity change from 0 to 40
[ 2662.180336] loop2: detected capacity change from 0 to 40
[ 2662.181423] loop6: detected capacity change from 0 to 40
[ 2662.208862] loop0: detected capacity change from 0 to 40
[ 2662.210591] loop1: detected capacity change from 0 to 40
[ 2662.213758] bio_check_eod: 1 callbacks suppressed
[ 2662.213768] syz-executor.6: attempt to access beyond end of device
[ 2662.213768] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2662.215081] buffer_io_error: 1 callbacks suppressed
[ 2662.215090] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:46:26 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 57)

15:46:26 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
setxattr$trusted_overlay_redirect(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0x8, 0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:46:26 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 40)

15:46:26 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
[ 2662.219010] syz-executor.2: attempt to access beyond end of device
[ 2662.219010] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2662.219932] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2662.225860] loop5: detected capacity change from 0 to 40
[ 2662.248771] loop7: detected capacity change from 0 to 40
[ 2662.250165] loop4: detected capacity change from 0 to 40
pwritev(r0, &(0x7f00000024c0)=[{&(0x7f00000003c0)="7f45a8ba1a7ec1b919f4fd878996df5a8df5ab2144953bc5da0983f3d3f430fff8ad46470ae1e9ab0c5539854d099457f84e54aaffeddb97d4da729503997e862a", 0x41}, {&(0x7f00000000c0)="416dc3682f72f67c69ee233898bd5577cc12b6e1d97d5957331006e05cdacb6d65073d4ebdb936841e0866b4580a2b019d78b2cd73932b53200c222a06ab48d8", 0x40}, {&(0x7f0000000440)="dac97f91c10824c9f6bf13bd8a665c3fd172bc44c338ab5eefee22594c593ae21a2217402ce7cdbf21a846690765186c068d5a17a52cc3c1eba06dfc5148c8f8ad355af527ba5be7e85948bc030b8106d5ea9f11", 0x54}, {&(0x7f00000004c0)="0c6160f1d59ceb70ba1cd185a8d4264d6678ee9e05af4984a7a90b7314dd5ee611ce30241a0b51cca9a5595d0cc037b436eeb18132a2901a056a8a0303a43734cecf1fdd5bc03ba2baf0d132306562eee8665a31e43e8218510a10bc3baa6b35d65323bee5a5f066397ad171b101cee7a679c300ff58c8364e23e28828b135a57f30d6f2f40be1b763b7da40ae9f88f8381e978e073b18993bc7f7642240001a4ba1244e90c408709164173b506abaae0002d94ecfd30ae85ddcbebc7d9cd2994b7525f8dd831e508302ca3c8c5ee8899c01a065c9de76e2d0a5729a0dba8219d8f17b7f8b5dae32d8cd1f0cc2f589582d803fe47798a54908556bc656bf0ebe7fbb7bcc8327aae48ea72730b9ed2535ef326ef53d71917811faeaa7297883a83e46b0d91f5fd35395732553960ebe75d88bb5c25a8db577aa4e83130a1d95987ecf9ea0bc6f4a65a19c90df8f17d230bf3409eb96b0f2b1e7f26f3c97e0f5b02d53ef2abf9931a0dbe68abe659f28610487835ae9c970716429414704defd452825be6cba19d789f06817df10b24714ff0c25811438a11d7d3ec15d348193b8f731ccded5121d0245471d31ea6f4a957243ef78f990b2e308663e89d1530339352b03668e1141ce518d4eb438e78bf6d1e3337b70aa96d4315d802394c06eef69f9db6bd22ee5b3318d5ea91f2bc2e9cd30fca68029d661ff4c614a5fe301ac83342b88bdb3a3f924d2d4fc885fe4d7b43fce3956ea83e9b500636bf3f2988324dd55c74296ab739234112bd4104542cae78d19e085773f5a22ce3cf8c3d1806079f8b213a255ad24dfa8793ac4787d80d8175ba4c7f1503b8b3ca1aa76a1df912025de878220accdb9781711bd2e5c291cf1f4da091ed84ae75a9e9cc486392f34ab9e663a961a16bd874e073c923434daa7f10e4b34ddf47a6b1b8348e616e41fe9804150db5c0e4e70f2c296707b1f5262b01d582a6e0c550358db55a420e99501d51deaf6ec5edad7ef8b9f3aaab2f82b02bf574790f2331677656d8c0a27a7d527865261fa8b0b9d2ec21cb8a70d0188e2a7ebc8217b28f281ea20460e8af17f8c6b889a67c51687b1b51a9102ae5c82fa5bc89c01d6e38e52995bf82f4dda37acbc753a06ec803df0c9dc7c3585c4431ea6b9797c1905ce1fe5562a1e34456619778fb7500c792e9132821cfe00a05d704ab9ec5e038fa6ff394883f838fca49b824eac7ff762bcf68fcfab91110016625019fa31a7b861a29094666ca2d9f61154ad5cb34b6f3af1ac5b3a5fc5e4f7052b1bb141689ad0916b9dd51103d27b636158b1d57a845afb325678a64aed0a80313301c34e7d8b08d3b8469dce0f7d224a4ef90655971469f804b7a9a86cf0eb9f8e5b5a15a021dcce89e563d07064e61c97e138f80913272aad828c174d29ea60286fde384d69d2b056d5b0d9d9df5ef5c4ed0d689959ddf034b6b8527a69791c1d6ca2cd04a05904b953c62eb1c3110c9d96ed8f2597c7392451c9128155a856534a6c636da3d1b038cbe52e6030164d8c6daa0978afed4aa83ff74f30ebe6424df1b69c6dc48e74342e9f332b281b24edb31130d78c2e5e1d2037370735fb85053862805aceb0e92753cf6f66c759f9fb8c8d66b9e435b3d6d730542ff2d696cbedb7d61aac33b47edb9ad8be960ba881c8d62011140b56e41a56ea1b2d1f2b52a8ec61b6250472d4350ac670cc920351e0cf7cc6959cc6011470bac003572c682743edaf36b12e7e3ee6de530a562536a871189dee291961bd193e776173315174d5b36425966f10c366ac01ce6a3a3c847e2da93f2c6920d2f4033c8afdb61f33fa636cf2353295559f4d53508763130aca7da5f42cf93e6305bf59b48368542d8821a59cfd35c62f7971e7a8dcfab84dd678019b66ed69dfd9e7b643d70115ade9d3fcf9990d91b7cae8cfbd576fdcb5b6cd241f79a80637dcfcb52684e3c0ef89f4be2a2589564c6e116fb4f271c00c25e2bd4b988d655cd894b2856e127377a69334d8ca8cddf40b75ba486a654d1cfa3005abdfb5d07ddc3a362ee1c495dfcb66c6104e54d9dc53528fb6af6ed7d2a04f1eadb5d41d65470addd31cabfe838788de6926302c6eb649b0d25705891c73b228a1e30c68dd03cbd6593671d777110ce92f5ac6ee72c0ebb9dac3cbe326ee590d6057ede8b70e54b782ff9e3bffd3fbb8b112e4b0bea103805fd44baf26889277d6ea3ae93ffd0c3e3ef015be6d206a9f81c2b6dea233762440d11a4a8c269234ccc7aab75346c69ad209046a978523e1d34bbcc21ab8b3c714389bef2316822ddae9cec34a09455248d975db7f83bb6e7d2332fccd658ec0c7322179ae7eae8c85634adb205eef67170b46bb2c7092868efbd0584b8a39c4c8d2fa7f1d811e42222273cbd4443c61a18ab75604b868f4941f13e370b007635153cf78a60fa3f3f56f6b7511135a888b3cb5a63952fb1ecf96dc28edd4aed236cd18388ce9406c131cfc085cc2e63c876823f340f28d5f5b5561e803b6c162e101b73aae982221f4853ee0445ddc18d9051574cf87a57f12d22c22f37e7e204985517f0a7c9991547713f820786107d88b3d73f21438c829046978d01d5116946426be3086bd58c89a2373f7e0aad89772228e1f3f8bb7cb3cd76e1dff4894050c4589e8c42f620d3d6b8eb71df53dc4cb58cfe9868374630c7f2363985d96d9acec7fa5fc28af9b776296028cbf424330864f02cf234b8abb2a79549146984312c49391a4722dec7b64b03132417d9ccae8a868f07e17dc30b42a96bd13f9b810676d0dd2dd876d3c254bbf6c662ee73513be029bcecd187ec6b8e323830f7afcfcc1cc1c0f46b65cfc380181873341484090de1f1e18379ff9f114d27c2fa6ecb63fed70f8383e1026dfc43eecf043a6979605145e336f485f1a3396ec92c747dde7141fa65234e6f0926afd5b523df584d406925a02b785a381af6929335fde1459e6a53cd9ab356c477b9cf4aa4c053b9dcf3d6fecb28f899634e39a859b6355497c794ceb0fb8258f7d71b6ca93a448455ce47de074f1ed292fbb9e5412107b7f577cfe595f9df6be216fd69c86ef6b5a9f109baa72515504c979b1ff145e7a12759504f01235727dc01b2b18a2487d5b19b4864679a83e7f69e4fa56b638b90cbfeb1e5801aaf4fe33dc105cd22eebe6f0c8405aaba039f2b04e2d2d6109afc13cb02854316359e616d28a9a1bc0b728325ea29d4186b448c33b464f063bc85d12fc62413baa6bce3650331eba5e43bbf856648c5752f4968fcca13e43121e3da6a90753a2dabe712e8e1e77ce7cee1739103d75e9110fdd6718d0911f562e10be47ff6d1fb48e004395a5b09c82d1544c7305972f0d1e70fd3dfed5ac043fea35f25e6471f170cdf311fb738bb1d825d122f95ebe3cdb180efc920050e52353c1f675d25888ea0da291c276df4f836e939044275dc915c7dc73866a00acae9ce05c69644596c54de57451497236ec9a52014ccf2deaa3907c09b03025e8d1652048179383e437f69c5e22be210f07a3934260816580ce58969173ea08bfad91e21878dbd20d363c7f7090705de758b19160fcb20f5bddae785d6bceaddf5449cda48c8f19a637e67b05b8e31aefe4314e91143f72efd5028c4949ec2e21cb508dd5ddd2c97d9db303f6fb897457d120d9757720d26992a194b19e9973cb3eba334956f3d1e64a105fee4c11da5fe70c30dd60360d18a6a2d2c0c44c9d53c2bfc544ac44a755ece2aeea2d427b439b45fe9425cdacd10ba363e0a3c3bb6899ed4477742e45aece4516694ed0f6d5b92ae61bf92d57fc0a9976ccc42155f4a96a14cf6af05dca109063d01ed3703c4a7ed94f481cf3ce2cfa307ffaedacc77f69149eec5c88527a210133d444d46d2d2e4a9d298c85700e66b13bb234cf9c8e5f1f919bc01e5c3ef0c76c2df9d974194ca27ec2ea2c271200b5306fa5cfd8face4696510ee782d99dcaa3760d162a3a6dfd53ea05385825a0cb755b6f1bd3fba31c6ce915e966ee09de9ca51c1a1a07bb19cd30887302704d0130245c9223190ed101c9a8832c50a9741f4cb95a2bf47018d6e6987a862e0e4ba63e534da2bdf909921e9be178e7dcf206de7eaae00eba152ad104969cec7caf4f287155998141ee06e8c8a86a423a3282587240a97fd3fd82ec5d3f548c355ee7fb6d2624e57871e58818e2e5fc4e2e1c7d61a42649f5dd19669afd7b3a0dce62a5cad7af267f7037b3ba0d639b200b2cf3859f85ed508b0dfdab98646b881d94332429f8c1ee24bf6f81146f7db1f773b29283530a21ef64b9f88933241a634dd62ea68810faa90be20880f275f7750779e2dbbc724dcf93657ff98b1256a77ad49cf5e8905ab615e76dea6f4ec2feee337d7e23778ee57cee4f95b8be849a5287addcc8acead491a90296aa3eefbe92a18144ead5ab6fcdb4d90460dac806dfedfa99ae74c115a466003fb16da9130489584231d30c8a1dd2908bb67a73253cf30d9f76319c90f3fc9a81334ff072aad89dc926ba5ab76626ba313a0cd7ecd01bcc3e7f63b31c5476bd438a65ec24abf8d6cd0d311555d21c95318888cf0ff3681ab567e50e3a895d0eefe95ee8f7fba5210e72f525149605608c1907ff01afefaeee387231c7003c425967aa82f26b6429fae322a7091dedc67d1f08f37dbc9507862dbd1ff15a5416c299c488ea8221466af006e94af227d6d6adeca6776ff426a95b2686ebbcf0eed273ac14897bbea90a2316daf8dfa16cdef8d5fffdb022031a0d829620803d0cabd4a986f0c74b6121f6144e68977cd62aa8aaf41f2d37705a3fb91c41c0dc9b5cdefea46c7ded0324d41c7215ffaa9e586551381e6f73a52c3ed4f0797433bbf779bf5910cb590d27a7324a6ac17c709df181512196066bc0e2348b5c810faae681e480f6388a75f732f07c8a02ecf0447298b09362fe45798a073aa8746dfd0e18657ad5ed7112fbc422fa380b8ef4aadc650d38206dfaba8fb4e42bfc5eadcbce533981592130576e0b70b4b45e7c97e69d0869edd98b4ddf5b948d9235d0ac7a6d3610fa1e3a2dcf229a3858f45192fda792ea904cf8f691707621fead343971cef7d26af594ab96acb294e96789523dfbc9a8bda0e8a1cb113a9a6761b6db5ba9cd73af43a656252f72fada79c640d0ef0dd4c7f5f2e932f1be594b9ffcc89fa020fb9910132dcc8c89b0a63fd5276e34a51e4119e3ebb52fd387fc6d940da627502652ecf2c8a3cdba6d67c3c974b6fd59ac977936d5d49106dc13c3121adce13fe4c3184a55968da459105a130bc14aeb60e33224246cf40520f0032ca2b11babb51cba41774d9791587a05f8b4898c8bb7c9fb11892c60b2ed35a60f27faccd8b711bd362175ea6b4a52b790e8d8a63f0a9d2560afbb2227c42a72a206fcd2c1b361c4a6997ef5b166a928665835497c2a7815d3a112de5d249666e43bf0e69e8e8fb15a6becb6840d265f394e4171cfa6c218e3cc1dc874b2d02cc1f0fcbfed350de69acbc4721b58872eded5e44f278909b7c9d3134420cc4ff03c5f0458d98ff50e60e3ef1b3bb0802175aab445178ff0bfb96f53537845a0951249d382bd21ddea2306028f27b228684b8de3a52501495506ff4b3aee3aaa736f9d1e3cee21f8f89b2cea22fa9e58e9eebbc5d0016d1c34728a0fb2ce6435acb6f20a65b6684ee757f841df0905cb8f5b91f4e9391a28c2e6804c3d10068c36fc7273e39c5611d723b9bb76ca736aa54301a94cee6ebe", 0x1000}, {&(0x7f00000014c0)="550146ec59fd9e12cc599c7895131d929f37ac2ab11bb6149ead6523b2a73d31a0b99d26d4a7377fbeaf1f6a9b8b1097c30d1669b38a11c0a0fd1ebffc8a6cea1fd0e2816bd42b08a17bf329c8f27051d88d7d28104dc3a88d0529db0f99347a2659ffae8d58db58421b5f21a743e499f6ae7c78c1a083390696426adcee04f253663d395db55be778ac188284846a501b05e861ad29e74f449d2b7bc1c58cee183c298e13de44a737b019d544f0ac2b2ebd34c8b370b33f8c2b10b616eae2cd1da97b453d55b28d5be5cb9a7d2f613f16986275a40bd32526b084f88231d30c27146605725f9d01b945108c071b8b894d06aa77c955abb270cd8f34cf47adf74bc253dd377cbf1fe3e930b18708d214a6fa5a57476d085f5cb8b980abb9378a87a4589d2dddbe672f4a6282def31e8ac93212182bcd5bc00b4967e865ad143df776fb4c10c2b20c8d78b52f7d32abe1d48b1b3538fbbc03aee185904f28a22b73ff52a79ab253bf7b4fb98a9fb633b36fd8bfa9d6f4b110a2be45d7377ae5f77754d312dfa5db731fa525d21c3759f0a8d873639997039c594853da9b685188198fb7b98d6f1ae40f32d339625c9050613394b1bcf2b328f65e39228c0dc4bf704e8a84b9efd0b89766bb06c477ced1e9595afc67b3ff66d37374bb5a379eb4938ede030ab654a7a8e4d162e2a538d59c4ec78f6ebeec80a7df465ae10d1ad6c33c4155eb39f2c9ef5eee872c6a7497194560abc7263884f0e4574de5f992e1c6755e8f03fe5f13c51320086802b2786990aa232d886fb35169658b45c4746ac8d9399e4e283fcfa3a89f79bf8966cfb4c1ea65f153c45b587be773acfb4c01e31b787432d60e895c4b591ba36cbb4162202a03c350c6f16ce1726b32dde8d46d0dfe94510d746fc0c128e1624812a9048ebe869cf0667c713e65215c882179c18b5adf38c49fa5174c711bcd0bb9291696b7c8065017a8e9380ee2d396d6b7aa61e22209974bf6435580e16671a6ba6eecc74c243c29d74fdad197f4c96921382693b7b2c29b7813ebf6f940c588bab97cef8c2df2069844d45f93286f945112c5dcdb6eb2652431c1b58a4a8d394994f804f4c69f797ff5ff1505720f379241958b9e0079b39369bb7fd57c4639a97929eb039bd62386c34a0ba23a3b0fd98dcf961d83ca8a29f862f56ca6d04ec171725103f3fadaaf9c33dc6ec06c80b291079f22e2b173a745892d6e7c7e0ff3fb3d72bfe23b366b4116cb04d5dbf742e6bbbe57e181b8f63ccf63505f5067b1077f252961adce7fb827aa8e8e7785092000dace494efdf4f5276ee254086af604dcc192dbf4c74d869ddcc0446f362d29683e527a591092f7a2c3ae98064a4590690bb817baa7edb4882db75b4c681e0f41ffa6f200b0487d74adedce4dba12faac8a2c4fb55ef4c066c69161914da14970357dfb47d616cb180dc1efb9c0f585a67799cd21da5b826be442980e4da9971f7cbde4965711e5b006da7c40e120eb9b91f25200e08707de77d90d1bfacd37582cf6baef7dcb6a95acee487311ac27545f04db704a32083ebcd77ac0a612fdb2c83d3ce6c3ca0e8aba09d935049af8f2b267481a36648c9dd612680f5fd6685acd76bd424efb7e611f3407875460d390deebe05034095fa15aa915d3bb2f8a401d7451a07c712857a06a17f54639cb0a65cc220daa5570dd9a1adea0094d127c51f369e97d2499e0b8802d00b0994d546c01a3414b7d736a0ef58b81dab8528efd5cc68b2a67afdd6990ff6ef56daccdc79c97587d2287e2950a75f0c77c9e548cc2f0ee5b76403281939c1bbb643801383cce13f0c04ed9fbe158c5716a5767c9813018171db1034c4ab33fc9bb965f6ba1f90e6ea6ebb747faa4e66219477e5343b5ed78f373fdd8b89e95d6b34927e45ae8c188c29fca28d45dddc42371042fcdb640947cf3bdc80765b3093b0b02a78edcb665b8ca238f2c1811c7462f8390b3e1fcada0200b725358a2b8d900535e684de0c812458a04596f1760e13069ad61b56b792c6c550d007964952da2dc43116e2c4f18a504c661d798a7d8406b2d487e96b5f0df9d4b1798ee93058b843c332f9f54be3a65e58d5b244297540cab4d825b38874cd7bb6e46f332e13778b85f09940be28f596bf8078577166e869b11eb944d7349f5c5e912e0e6cc585fe767b6b83ce1131df2c602d348e5cd7654b396dea6e863118794e7a30b01d4621fe03cd806cca5dfbaa8961c5dd8fd96065da2aa57eb1b99a415485ef85cc6d1aba2f913e23959398e394aec371f247fa5dfa2bfd753daad8c178e1dd349cae99dfcef909c16e7d7ff6116b35da15a87bf8c2534c74b68d0fd0c6cf931b3e1c076e3b4c283b57f98e47f6f536ff0312c491958caac33a7f2784dcc81c388368f6d89d1009d826a292c87c1207693df6a1980f732f75ea35f0e9f97dc329fcbf3d27562b4fa418db5afb426f8c4fc5f58fbf9767e9bd3205a99ec15b085152833f78c9eb7659829a680d1420223bc2255ec0aff8606333a30c483ed4ebe4320d453be1e96eabd50e40fa3891c2ef849aa53505134dcd5c2cb9d20c6b36d96393977f7f5e15b1a5371071215c25b5d8fd2bfe66c6640b5aa0f70ba168c8a09a6c4329db520ccdeceb0a31a050fdb96b153949b905489236bdbcd2b55065070215dbb73f39280262dd58ee5ddff872ab0936bce1507ae4e193322b3a0df6ef401c529b99a93dbb302b0caa2f2ce13793134042bd02db5f7b2575083154506b818158632dae08d4bfecfc6d62a91a4358c655d23ca657c913f3330923bcb5b819587f9f5365debc182328c26b05e2261235ca7b47110551a4d00080856dfd1c44fbdc148da3f90e05d25b308047592b67fd694adf717e4d2ed37a7fa35d72fc59865665b364f9eab3801929b1b9527ffae4e1cd154d486c95a9cfba8911d21b97d85de82f0a6f3173aa759f944094bc1a2e587fa532e69a8f20fe04d0647a493d54731c87a7748cf0f150777408da3f89042d51e32029316d4939ab6faecdb33f598ba4a54cd369d405ea2d0fe9deb1ee675105152997be338b4697689e8005c8cd073a7a71bd3542ed4dbb9cffdb86b8a0722cc64f17ff64ca7c61200ea2bda4bdcd7fd3fb3660f3041919a6f4d652b37bdf529f2b23468f98be755f3fdda6e1f2a624cb4667c63693f944645996db50955131e2afda95491803ff920e21103229a3f5b76f5c5d4b23180785bc6cf03f199d71913867238d2d6738089c8fec845ec5f66ad95994ffb1abf691aac6b0f30b2e55e8d2dad410b46a029774d35f2f381c37e864f16147f095122a055198012787e54008b7a1371d3946fa9ca1f73f49a7125b2b9c6934f72e0224f2904c6e9c251304e81ab8300d399f4c6fed1c3cce400f4b41dc0e4fae33623d229e424de48e90c7f31a3f869dd7e68846c3424575e6d0633aeb3ce553fc77f39e546902e4cb7e00de7d17d639e8ff1465a075e30bda5d8ec30d04da7f0c1cb22dc81dc2ddf786751c9d6d2eafe6ce6a0c0bd8688f330e8bb72d8613e8870c5547b288b018af8785362b596978cf23526b48d6e7a330faeb106b0ac045b2231c7335c433826c510882ced782c03b595bd627ee71878ccb1faa0d2710899ac9e112efd8b2da20f29cc2a27d9822bacfa34752d01962aa81bbc79ee2f74976c518899af594f9b36358edb6963148711a702721a693ed4c15993916bd73925dc98e53c809e498947693c968bb3caf66c16f97fef9d2c501e8880ed2de384926fb48aedfe7f11e9b555c93be61a81f68cc741f4e362a9bccbdab37249dda0c2d7c372cf2dd709de59c1349d56a6dd358dcdc6de781cd75f14315856b7e0936a16cf7fe95298a106dcd8db8046a4e041a6bcb8fd107775e82acc35886616308cce6b848cdea4fb9944828237551116a8fef9ad55d7b55c75319f9326b6e36b7245c233df2018769dff73a030fdfd53ca6e231cf30da7200f2305c3ef3b1eb9be9e25e3228db6a40ea1be642e08cbfcefeea09bec9c1cb590efc390488e90191772f294a22b3756aa48d21965cd80b0b3918d349a9dd1f38ef6ac2b54b01c9594006d6ed1750c0315eed4df06c93eaeaca56661e304c68aa8f0f4fed6e586ce895f87c2658e1f4f11aeacb62e2f382a25bce602c0e0f201d5673ca4df506524d2192d1d5a74f5da2810cb652d86bbb13432818d914222717b030c7afa30a518be57ddf6caa462de299063b303d9b7b42c5fdcce50ad1f7ca1fb91f59b644188176579e59c22eec05ff4a9fed880d0f4aef552d7b9b13603699f78303605aa50dd2738def4e5050113563e8765a41981fa648c1c3b3e50d51b76eca4707ea4ed149690ff9ed03a86997775cf9ac1261c25a43fe6a1a915aad5f75d313c8f46536db5431cc3779ea6ae08422645df251c0c4d99a62211a66a6658fad8c911d1dbd2e559c091ded5f7b99e7fd818ccdd204a2abdcfecb98e85cfc7e874b177d1d75b4ab6945e6e32699ad2bc1f26b068b27b8494fdf066254af72d6b25a55ea3d097764480b1192f8d370bf6180d4364ed367a1b9f38c3b3ca9b81a35dd105bfe08ecd17bd0d308cacb8e540a206aefa9c85d4515ce668d0b2fdb21051e0e75d4a23e1eacacdd0bf0932f6c4ccdbb6e53714dfa66dc8ffccaa8b39a81b47b62192cc7168210590bb155d2ad41587dce3e0deabed165710bd651645ae953e46388497cae4756fd3df57b1f3516cea145fe693d04e8e0f154523b166acfd36b1f1b3ea9129cbc545a5aeee587994864ea5ef52676398f478d414d84e9c68dc284a9862ce8078c63a874469d9f82bd6c7649c4af5014cce38fee41abe626e1436869bbe700de05ca35e9d278e2b167d7c74c1c6fbe6a3317b23c2585e6205adb6c980246d18362827bccf92ca46d0f2250e576124abdf1d820cbe84e3364bc82ad9f9eda3e8ec1545c6c9b87061aa2610b36c86f42efac1d4bb359cade417888c7d84fc0d97b6eb05b7e261a9683e80191182070ae4aaabbfd194706e9aa41d41dab75042fc01e2bed9f5ba579fd5a1026755c54dfefa642802361869a4ce452df5a238bba2b8bbb9efe6f579f8b16ef6fa65e4749835238f50805342e8edd12b9c764b0db5ebb0fdd5a5175a64847e06a6a0a93d68e27cfb490e4e6789b09a319e83168a46577dfa7ae76a16d5010df6aa45fdeeebbbb61710a3ba557d69a97ab47933daf49f1c09bf985b8f8efd303a52ac3ffd56ae89714d349484bf68a6c4d0e1760918aa1ad021d1ca9a84a7e5d3d3d5cdbd133a47cf9123288ca210e1c401e03cbae53dbdf27ac55d03bc4e18a64a2324ab72d5a6a4ca9691a1e41221f7e80eb63d898d68f33d560759cd0ac7f13ff808910a871d104faf0fccce0e9c23e9a8f94b8a95c3db4d089f6786a8e8812f10326be135c5958875775eb471da61e3f523dc0a0c2af1d5ba1b590cab7d40c97b778a1788218b6bec9805cbd999cb411e46ce3f6605e2988377180fc4a3b663b155f27a7dea7da761dec076ab3a9f997211115f6e723710a638227c108c7d127c2e04a09d673a5f902d18ab1448457b4210e1645b8f956ec1960bc2687d09604849816903b5622c70fe078dc4ae21ed3d3d69c91bf42e203c8c0e1846b64cb32248daa10c23efe4f920670361d02f6b36a44e35d975cf13fbfc21b879d746614bd53e07b375bcd69484c072d0859e410994318cce790441f124bdb8618f96b9ae0a9de0bb088cb696b46a5e7ac19072646521c733afdae0", 0x1000}], 0x5, 0x6, 0x10001)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(0x0, r2, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000001280)={<r3=>0x0, 0x0, "6a108927c7da5da87ef207c086ee932001c4c58949b41fa4e9606abb43ad6437c4d685a86f8bb04dabf6be0e8187b43f6a0ba23317623c7acd3ccca8199ab233db37b73372193c61ddc3e7e3b581d377feea90f3bd5b18350d968b0f559a3b2b85711f362e0be2a54884ad2e38335e0d9889741b24796f84f25814910d4037d609bd2136948e611d366c294e477d3ae10ea50529954ef2103af336052ff433032c903066a12e4dfa12aabb4969e76f90f8fafeabd9b15b20342968ecfb18238dcff9bcbd5c7dd8d07f7371393e9e6c693d8c43ea01f6aa33a91a7ef250d79ba777bba40750b6479d745229e83033764e4742baa0be86d3f3ce376e5114d265bc", "83a8a501a3298c050c28e76bbe641e2c18a6c539e52c9e3250b08949d59401e0c517bc002bc3fb78a3965136688ae19d4a14515b4335dcf032899de52fa54596fdd3a81125c4cf9970cee093f786fa56eb6dadc6ebb198f0c1ada52133592979505492e8a0016b28068cc19e9d472c49e2dfe4858b30551b2950e4ac2436a37e0b1357af7a28ef8d645c158c0f74c605ae9ef33d7316f000e85eb03f4b0bb6284415ed17e91dc97581b4ec8a39adf6d8e0e20c50711b3498f900b7d8a984bebaf138969bf43f1f1f4302348123e6276e0e693ba282aef1f3dc40dce32bd59b6f179071357edd061536ebc4d2bc3b11a7e01a3aadb7d4ce8a94de4794ca9dd86ac911a54cb6063da0a88ee2c13159e72a4345219b075347d09f68881926815333e21701c812faf9dac9153a76369d806bdc1aacbf3fb1e75ba9b740a6f65ac5be0984fc3dbd0b2b269296a3e71e700c7c5e70690090d4e17467ddb04bfe080f211ec5ca5644ddb95977b041c623f71eb2c2047336d2016c276cb3f0f96373cdd5b96e90313082ef639cb10523172fd8d6966e50d17db6f598a7ff0f4867472bfa78c7db541a36fed3b66a32283d369ca9e69f2e222480a9d8ca1bef1810abcd2c06ebc5b299f6c863d12d5fc47133f9dade6ba71b8e4d53b12c843a0b8ae0075d029dcb59d9efd83f3b597bbef1d1dac5046683827072130c442a1ec8fe4c6b78490e6835c0629018f47b4ed78cc59c83437b6dc581df6e299cc1b16f912b16a586c11df21a7bc4810f3ed5f256b3c53e34d9c134722c78eb2aa1b1e2eef14187bc9261493392dbd08bdc2e8eee3815657d9057f00bf57a7c3a65fc5f5548de8f2503720d2a1cd9ee9d4e486eaf1c3527c8e4ffb082e2100a0a00fa165a24d7e4c97f059eface7a10bdbdea5883441117e90bcad4670c7221ec399634c85cc6d6aa3e7f76954d506566879206ce629e1767258dc606b327c0805b8c658167afedfd7887cf2490a9af648bba8d603df4af0ceb7050e2ee12f2b3b6d983fa15b205ee351b22437edab80d42104a7f51e6b5fcf6da3f6fc9efc09deb98c6caa7fa1edbf17d6ca039e795c031b55875f5244c5a555fd950f4fb8918ab54f75c4b7f8dbcda166105a0feb12cd042d556b899250ec164a0a00b6fa0c1ec2101c7f222dccea60e40127942aed7ee736d1e009921a2f640191e021d6fafd371f92cc6a2de7722dd0df64895220b1d262db93c7221d5479e7a6072ed795625686ff0034f173ec9ad12aa7cbcda1f447731b3da90b4fe763e4450e22923c8fd64e0b348031a9ce64887e0933305b89021b5a5d5d92446143f0f4a77c2b74217d2900fde84bddd327cd1a4bf0d9f70c222af5da01971f270af59d090b7156355851d012e13ae1d9d1ca1d2d152aea3b9d9f1b3d3ec48733e0698d8381682b71c8b7891ab4b5e7dd74bf5766d9ca62ad014d6fd6650e0bd0914a2ed4911b1b0b049c50342212b372008f9cf1858cdb77870c62a55265ef963f5a4ae59512b3566dccdb55d169cc2da1b3d90784baaf93daa13d2a1b7264351287eb2258586d9f5b672b98978e2300a2c007bae1b11ebfdaafebec84ae659e4e85eed647132e4bd8cb759d0e2f8e3f239b9f524f3fcb72c17bf22b64183f000fe1f3f2367e67bd1276523f5624c475fc072d62bb2b500f68c5318c8ad80abf3d6537d5a106d6ab4f076fd8365ff28b9216a2c24665f068b8682ac44064ca2dce2feb4b4ca179f6bd97dd43584e3f0f70faa284ba075d34dae08621246fcb9e77184ae45f33ee83aeda24d79a99687f3b59ce5299e7d0949235ada30c2b3840b9e52a89d2e1d01b635953dac534e5944d9383296f9753d6b3eaa02f8f22e16a870eae7e10a0b8391fb6adbdc5a15931485382389115f6e46b05b1f9c1312929c198b068039e996920475bacdc09218c0bec9b799bb46b78e4e2b67ded5d33890e37cf5773834bd40f4074a3d5607c07046edfeeb169d032692e370f2f5f1b94793dac564c5b5e8d92ddfb145931029fe40109881d13fd5ee3e4565bc1704428779df75f39b618871efb91abba625a28801cd9b137d1b8a90e2aab270a53a46c63382dd199ebd856efa7785fb5b44164fee8d7b708ee95c179c8c5864e9835a2f3b5f8c516e6873372d6151652de2e3016f5117e14aabce09f09378279ef0abc7020014a8e0e194dcd933385fee9fe600dc4212b63d9ee024669236571e45be099ea9c8eaac5ccac2883fd815a70fcb334a43bc3990aec45d82af3dc725ce549aad5e71390bc87cf9be42066bfa91e9de928ff9a32664b9aa6801dc0bad7d9c2c63ab13c84b6bf60154526e89090df34089b3954d44efac2d061f5d719b506ab615f54750174b04dff44740868eb8cbd5842353100ebff293ec0080696bd661527df3361d07ab348b60f8cfde9f480e6f87f58d9005865e3370ad8164a200098ae6ee310d4561d817483b7a9568882d808029a7d01656e99d2e1d2dc67f4c45156e2db0e35709bb847cbf82bab030e31ba1128b3f076e5f008b4629fee6d8d6ba55ecab274fb460bf80ee16dd26c6a9cc322f247a08e76c1b5e86783eab907cc8ff91f6dccddc09b9a13ac7bb3b0e3ccdb3c6f4696080aa79cbea521e1261f73db7f889af7879e9b2ffd029e75eadc10937938810b61512a0539973c91f7e9c87303a2d27c1281aee40a5ad2f5907c2756496420c3e88d634ab574a60b720b6642b7195a058c780a898e2fbb8862f64f0ef387f58af8592b43a14e454982154e5608ba38cf9a551f609a7cd41fc8497201b348df164bf3983b7c8d6a4b1d8d8f2eb7c6cc6c4c2c6533bbaebd86b63705078e5da47ab48886afab92d708622cfc05a458d6c85ff2f167cdf62c0d7a84a852607af81222cf8f9c9e27c99bff3b75cfa160526a090e04eb9a502d0248861d787f1ff2842d9454269335ebb186d8ddd4f0f49c2388d566792e481d483c2df6b557a0285c629f3a646f99eb13e953e782d3f1863d2d4b8d8da1c4f8001f662678ecfd9d35b4783da4577f7c7d70975c4094c3b69f14bf2ecd38cf86169057e79c942f16ac6a14c808176fdcb751810611f2d80ee69094a5f74846cf270835300a8e8aa264f1d240257d6a92186daca114f60718a212c7f51f7417fdee58100e674592fc9f0b24fb9f7e5b27abe98b0facb2efcd85d5ac08dd52551e0b2a51961a681c9b0b570efcd72982b8628d6198645bf35f293af277cb23b3fbc2852f754e3ad559c2c77931c17fd49ce9738fac7795c25b62d57b859f199c01ce1cd623f5188a60aacffc450fc3b0aa4d02d1348c6b9fe458a1bf18e7ee3c8c64345ed0d06f6e06018212b8485bfab0120c8d74e99065d5a8f81ad7065c8b34fe121b1e08ab87f20d131d4431e041b3558d7b1b8543af62888bb0603c85c551e8d81d6a7f32ec643505e6650724ccaa4f1e5ce7d0ac01ebe47d05aedbb493138dab2e6c3271496e16e14821649c6a37f5368c00bf83198239f38d024d280bd08ce48e401a4d87128a034ccd2ea6a0b9e5d81093021a280f0f10ba18f5fa5150c81810e15900e3b3b61348f6be520860800680945d23b222278361888af6e50b2b58dc708bec418e57726646290968fd7de7d3757e0873a4e417d6d9cc3e43e45522e5816fc074e897566da7021c83d71f4bac04ebbbd4e6bcd7353ff0be7137608417d8c2da001aa8d1285eb47ac544fe8130647529463655f4838a864e78082a96b4efe5548877f87887b7752e2627242997eabf68fde20b1b27f8ee821d43fbebaaf38a954633902cefe6f3627176d8b1a5e25b73df1ffd1a6c6f835f4204e67d15123f80c45e5e83b76a1e65afa70cd182a1403407768b627ec5c329947a476b6cf4edad204f36a2212169bca489411440ced4ddf4163739220a05fe3cb74a4dbfbd273130c46913e8c22055c708a2592e22d4211fda544ac9403f05113f68c5468b12d7d6171409d38705e598fd78d809e1769304f3a11f6775ba410757559de64acb00f512b0190376582765ffdde03282445f9e0ace336f4b09673a9ef160d1c66cf856e04dbbd41c597376d3c4c21c8c34c6392945ab58e382786687da1df68eaf5a7318fddf3654fa6adb617baa432c85a7bfeb5d63fe16c1012fe4440a5d8cf349d9a8b1f75027bc9f2c6a56dd20275f2a899ed54f35d7c53feed5bb37828651c979d0920fc2b4bb8e0f540163f20ea2a5566d56696abdc6a9aa9db917ef8b5cc826049998b6a0b604dcf9f7b276e2489d0fb8daf7126db72f1e8d615e8ec001c142391c1d9e392ec2987bd5a7259059392d15416ec2b476b37944b3d0c550a42d9f36cb9c6c2ddca93d1665e4c5f61e3c5a101aa10c10bf11b615e1f718143efda59ef6edec961c6afafd2f7620f864e31ff4336a220970a9783e17eed18b932803441e172a2d9d01c7caa572052efa1f1a7e63af445f033e8e923c9142a868764490ababf181fceb75e47fad937487230f6720d4a8f2833e4f3094513bb2ecfa904741bb0b003354e84f2fe00f3938d820968ff73740e62dd68cee6eb5e3016f35327ffdadfa428a74dd66fbac07afa7ffdfd5259a58f3338629eab653d7632b1d4ee5de10dfebecc0dec740f2aef44aba211fc1919532c358d8e5a2a5f1879ec0afd5bade05c028a5e74f0740ea33d0d13f43888d218860c78ee8fab965112d977ba8f8c8d11a265a762646820594aba42a993a523f4771137471c2d9b3933e8b90c24bd275dd639b073a22b5fcf23303dcd828e7e2845912353aef23582995b779181c2c525f37b22a873611b5bca2f2678ed7576922be31208fec0d2806d0363e8837364a34ac3bf76a3682c93b7d79f5b01321bbc2f432cb7255f85e758c35bf70344b0119f92e2d20c6e380028af56e8aa10614677de3d9b001b66c319fb86e42540380c45d019b5f0aeaeab94a887addd8e12062b9125efb6d7a4b6222b0fdaf0b7a84b3dea501d43de2d98f13166aa2d3f4e1e11bc114d924ddf5e8ddf37c287fe94e245f3dafa605da051c012d95ff1b82a345af0e512ed18da2a3bdb1734f063d48bf97b4d8e2daf95c0a679aedd503b68f7ac4c4139e15d1deddcab04db34fdb0834246b1b36f8b52250a2e75687d4a98994ebe0fc65c8e2c7be446c2ffa766206a52cc4f7dc508f8c8156baf8e7dac0a305d88c65fb5c96b5d34bd9cdf3eaf534025fd4a70555e22b5450e050df9457e55bfac21dfe825ab1b6e11c70d39ca93e16cdf16231935e5d3185806919a23dcbaa9227361bf25276b815cf0375a4cea3162f38995bb530a08b5c0e2c0d96a316cf42ff3e3ca1a35360fddb3426cf5ade1be89d81fc8ed2016e6199d1c2580e0dc3030f39531fe0dfc41f5a6825bde42846c95af104d85"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, <r4=>0x0})
r5 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r5, 0xd000943d, &(0x7f0000056fc0)={0x9f8, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r6=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r7=>0x0}], 0x4, "63a4c51b3af037"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000700)={<r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000018c0)={0x1a96, [{}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}], 0x0, "83b12698cb4026"})
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000002540)={{r8, 0x4, 0x1f, 0x1, 0x6, 0x9, 0x2, 0xf0000000, 0x1, 0x101, 0x5, 0x5, 0x2, 0x6, 0x8000}})
mount$cgroup2(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x280008, &(0x7f0000000300)={[{}], [{@defcontext={'defcontext', 0x3d, 'user_u'}}, {@fowner_lt={'fowner<', r2}}, {@measure}, {@appraise_type}, {@obj_type={'obj_type', 0x3d, '/\\'}}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@appraise}, {@smackfshat={'smackfshat', 0x3d, 'vfat\x00\xb3\x1aX\xf7z\x8b_A\xe5\xd8\b\xdb\x81\x8e\xcdi\xeaQ\xd6\xcc\xe1\xe6&qh\xffp\x957\x04\xc4\xc6'}}, {@seclabel}]})
sendfile(r1, r0, 0x0, 0xfffffdef)

15:46:26 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 60)

15:46:26 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
[ 2662.275117] syz-executor.5: attempt to access beyond end of device
[ 2662.275117] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2662.276108] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2662.288261] syz-executor.3: attempt to access beyond end of device
[ 2662.288261] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2662.289898] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2662.320310] syz-executor.0: attempt to access beyond end of device
[ 2662.320310] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2662.321922] Buffer I/O error on dev loop0, logical block 10, lost async page write
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 40)

15:46:26 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 62)

15:46:26 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = socket$inet(0x2, 0x800, 0xffff)
ioctl$BTRFS_IOC_ADD_DEV(r1, 0x5000940a, &(0x7f0000000240)={{r0}, "36dba60f9193866f2eb537b35a8c0f60ad96e711a3d8e2a99958c914d8d2d4b9c0b56f90c5fa1128ea4788011223848ca29318f7d82dbc20e14bcdaaa2212bce07d10b7cb2bba8e57855c3160002096b32643f22bfd23f2f6f6e873b70f3dd1628e07e294298def9e13105b8af2ec6bf59b9d6013e60288a2d530943041cf1b9cef1c3d264292676b2ef4ea697154cc8b247d19bdf16517fae83bcaa464cc65d9823fe226ae523c0485e47e144a7e0e8776a3557b773feb37a5fbcb40049413f3d0e49fb344cfef3e9116b981cb4e4a6ce48045e0af96f6f6e6c1798706f24c9ad6dcb26fd7111f47a33352dd45161520e8657a5b6b2e95e6a61f4b14eac621fbf7d97751c370fbc95262f9215f2b95023ee21d20a5e579a1fce53ef4ad34a28babca40ada8e7191f235d7b61da708dc2293d8a391acd8cbbd3fe6fc9abcdd7f2b1b16b06d4be9fa832d5b758c324137f5dfc435bba82cb1adc5fe1b4d7bdb13a708738e197b41d15366a1badb0ca853d0c9c642bf0505aa0d2c30aab2b38ee2cfa43ece35416e13eb25f7dde17141bd718a51c96630165ea86719ffac23e62e0cf7a1fe36370c07dd448efcde38f1f80ba537ee757f03cb2275cfaf893efb503914304f38e9ac46fc0bc6285d5a7585d414ef81a2e5c2b2d736c789253d74e8155f3b846d45976dd7d04e10889ce9ce0c3dd27e12ba1cee836f757374db8e9b31232f64bbfa9fd23f4db4a53be3ce1706bfe952cbf41e045751f2164ba78e92997092bceae8d06721e0a4983ba3c572099b2c19812f2f321e2f5fd1e6369b07ba8e3f21658f2abc25a87efe76e6d4ee670f12503fd1aa1b0184025775870d78129cee56c841185b66e47859a85ddc88a98f1a1767fc25da291d7a798cafc6690940598b3dd12df0f2952d42ce373f3175e89c16fcf261505eb9cf9afe0d3f488e7d0703840e168fb36c7e1901b68e18924b1961d176667c76657ffff0bb4e1ad889ce79865378e5fc272d7fdd4ffe540a10156eb06073d999064fcb444f13447798e654abc85c75a125dd5e9e71052730e6fa1a9bbfc545f0947a955d4efa81f20b603c64367b644dca51ba1a55c30505677be7d8baae1a32fc01b5ef7c230c264fbb1e9ecae70815c2ea0ecb2f4e5ddb9dce9db659573ed338781407606d72e0d4c22a8a9224aa65545c33234889aa8e1134f6d44fed941d195acdaad805936cff842f884f8d3f413117174a2ed73167346ff8b420dc3729bad4c32cf38596444d99f5a5d98d181001d39821958ce8fde1e3eb37169ceb2fd891c8ffabb76a4c8c980a62e5ece57eb92e5bcc4044352753b2c3abb1c0c454b288cb94dcc9362106da32dc1248bae2181f5a0b980f1fe39fcc8d7f8cfe85112cd2e0326c31cdf949df4baf1f745fff91e3313c850d84cfc8614c85c22705ddbb24898285a0111ed1e53152a7c7a28a7f9158cd4f47062729f9d5bb67019dda1d7adaf816a5fd1a35b6b3d08500aa26f9255f0f6501f82016d15d03617cbe3fdd4c0f4b3f1863bc16223ce34dc72f0f224901b1f12f79b0b253d4e4a781a71adbc7d00eb1e3bacdbd75f0f074222de2d2bf95b179f00c5355515023a753e591334863bed8c170a1faf15ae08487fd17ce521067f2668e3171661b24d50bab476fd2bacebd9d46773c03497b62d2c293aed607aed39a1e7a5fddd8db0c01ed698011a4e3dab857d116a97b05c30d27a8cd0c3128706472c53b1d422f02ed72d75d92ac0ad102195f3d2a095fad7cf01b3e6fa118729da7b59560db3d116fd218ce2be23e7bcd9c02d6cbe65b9b51db725bd4263f109d325d3832b7a8b9233d07097e81141c6a1f8ff5a38028344dfdc5089d5829f76ab00d30a46614445f99b075c469af23a97990076a7c2660d71ee41c3ceb815166484ab631bdfba893b8c489b7a74fac73218511efb70b5f0ccf726b95e226d1b7e92249a44dab9f8e542ae487af11d486175b0e73ef1a0baf69a87b4213920c359c0e6f97a7b338c35a3690e35a71d4644663f39bf1ae487f7000a4a2f60258672b57ac32d79868f7efdced7b81e0b467071dfe8e6627694c421e81975bd2ba0b1f8b410e5e9be1fb36e27d913824ae07a9c05f30c21bbc1afd73abf5b34296bafffa4329621ffc98acc8ac076e4dcfdde9344e9fc2c129f6ed8b472af82283b1f4efb49a77981b5fa58efa2769020946bf38386a0fcaf073055527648a1a243b4dbf5c83220c27ba5e2a98e8d0c55bc463f9ed7b538588a45e2a94a600eebca87841f253ef3e4d66b5d909a6be702163851a30e88364c34b1e3755e285f797b29a4a7ee7ab1f0cfde6eded468ef8cbced11fd8fd75d2ab49b54d4f43971413cca72d2c6c775197caef46f48b8e53ab70f1b330ac7af57b68d27c7f91944ca04e15f9b6c8809830f09a4cc775b1a7e51335e9cd9d234cbb96d9c29b832dfad1c0ba5d6e4fb20d7a4fdd7666e45633942bad197c9befe322df1304348df82a8a3d381b267a55972768626d4665c471dfdd323cfd8ca4c5f2be2c5b9fb4b642e7ed574911267bcfc217606d9deb0dd3dada830b99309f3ba54308739a2b50da677b0cfb567a9911b7634b63e7d46f5b1d3d9b8be965e2cf8917d59d99390142620279f95ac9b965f55bbd2d5676e57cbc58aa4f0cd8af8a8f28d811ae2fe6cf0e54c1bd4de7903d88005227b5d7f7a261b7428feefe10e06c0ac3ee8b466f85627cdc01c33f11ba3145fa2a12b8f3babd8c5dae98a892d829b6ae0b83e00de0baf4bba8e4eda82389332c5c3427e140bfc1d327e86ed3e0a4006205e1aa9b835ece357e8d1a48c2db0fc0bd4a4a940180e81cc9d05e69bdbde4f759b97a77626930391db1234f28a67c15a3e78ffecd8fd0a02cb617299e17976806103c671dd90a35df6fd5250dbce19a1ad720956ba9ee0b56d8774de51b0536e105f8bec8defa66c419f7cb8036db258504d24fffe1113b6b2c1896562cb5d7f7599b1606161c38deb44c85de6736df82a50886d01f4c36c7991c8ae35ce2e704574f99692db1475fe98370cbea35b6d3381732ef16cd8df9285cb281b18e567a8c3ff11bdeae769e13100b379acb345bd75b0bca4ac676ca7d17c59a5e90708fd112a7af6235ce4f0287e7df3fde8fb8b241502f433f0eeb9068526b6ea76a823eba1e78f3590c520e948de0de8bee4f4c70a2675130ed0e7c03edf30c905d0f01e15ea8ce2716493548b00187ac2aece548cd22d35be369c92b19ca9079f995357cdb9f1ca5c957f437b05a8eb1e4307bc1e44c300ef3027c9222e1a395a3359d041b662c644b79a58a85c834f97c9dc65b2b52f48c14e25f09daed6049e05a13fcfdda3c1a2c62e681b0bdbe8e231d5c1d0cf5e34958366b5911779d93917f365b4a6dbd779548ee14ec4cfbbc5084f065227444b0bce08f88be160ef2a851ff89f19a6b22c8e374c26e69e4fcf13d4efb9b0f59793a5f04f6df954e6f69ce94d89d6dcdc3c0d093377cbaf61bbdc706b78e63070d85da27b112760818ef3de898115e8405fd5bd321a6da6bc1cf2059365c7f2f35e8fa511e74faeaa17a7996bbf605e32e31b14e8dbe1f3907bb6fc8f49c1c342bd6aef1c721d9b836b7adccf22887168e03c857714ea2febcd62dbc16bd9a60efccb2c5c817555af1b7c6da1744431b668d811dc455fdf06452ee8031059b4e482d1cd80f4842ac2c5236173dbe95832da9c506af32816a75edc8ea12ca8caadd46e37a0f1fc8552695335ac33ae5001828c70b9166cd5937ad689fcbc6f35cc9cd6dc03bfa0851319e557cae2e016eaa75d6d85a09f5f23477ad244f88d2aca68ef4fc0a189b1fbbf34ad96402b22b9158efac8ad547cc2ef10ed71aa9bdb9048b59ed1d1bd89ddd2014169f20bc154f6c6e5e987cfcacbfeb28551b88282c12fe25b885a25769c13b5b604b523b2ea5d3fc0a5d550ec61ffc51d4a18640cc59f8afc813281cafaa978c8270a3ff52027ad835d9a760b847ef6aef1d226cc7257a9431aadcbd49683e15e7da8fb0f46d42da4752a8f6e0484103367d7e9673097409850bb8628d4e7454cfdfd9d3c3649163658810d0eed618377ee45f91f0679772f12079c2fb640b2244c5b1e63274343a1a2b69ae79395711f53e106bf4f41ba55a2d720a63fd6d4b6cba31f258a84372f846032e01cece65b0a801228d838dd5e0b348693fd28e8baa2129c5ecd8097476adc8d72a42d95068e65ae5fc84c7c348be0172db5dad286a218867354f4d796ed9691695ed61107a3813646cd130fbf61daf8bee5410eab146b6f34af4f673e727ef87545aff8a57fc5aabb46805d8f2eaf2a47e2fed902a720e54048d2a8be645ce1e386c719d4310d4ab0cd7dda2894850af79a785d703017ca771c4804eb5d785487e1889984b445abee5dd6893f9bb4d93975ac2d7bf2c8261c5a5bac297432af26949be3d486cfb0eff9912832a8662c806a684e52aa76c7620f32fefe440c2777fd191c839016012d6fe27f9023280c49f310032283a812cd18276386aaf2b636fb6ebed7c7256803b85c51b814088af5a5404e6a26e3d8450364894841234b3df2c9a789d74aed4a233bb848496751efebf753314a3cb5afe244cd355ae8c5ba988c64df43115e53002bd0eb568e2bb483443debfa93a820ee1a80856ff13a1bf6601343a3a19629ad9e9f27e00c20e4248a5d8ef59ae853d0d57b262c731bed26f3ec5abd330c8588fe617a9021d6bfc5981873c64cce9fa79453c3b0544fc6e64cfdbf38b29a8b970e939d3572eee0aba74eae39d7f8864b9d973f04fca13b293ac9678456d4fbbbd5483d6c060da9c00d540adec6c4e117972485cd1e71a10f61074034d13339b9b876099c0fd0ce0bee679a3c8b2558018d96e4cab28600de13436afa6d0f435458cfb432212b9b2e30abbcd56461ae5cce92aa492107686738c82ca02002debe8a93ab4fed53017ea4fdf3e4f5ae049d66dd6afee44ef5755d06b71250ec04f19caa601c7b9ef5916d4330826246d8e7375b654b897e38a1699f386c0ccc7059cb688bb9f6952734df1ab5663ff063aa44d5fa046d7ec511c980ebf493faa0a04d19f7063390c1c7f98a9e6343a6518a50955f11318b3595d6afcc050c839ba2b743c5aea9033517f4f8121a97f749dafe3d160c3de83490944cce63d4934f16a91cb5de3f34843a024d609879971dce5493bc8a4df99470d9d195181977825ef1cfb91ac8060c296ce14767ff485f71ce93c381e097c246a5632befd879832e8acd32a9a3ebfbbcfb8f46332079699f008233f6e157b0270205228c86545b4f85013b1075b171d0b59b62a377921211bd88d7a76755401a9b388e19f6230df70d070082fb2e4205787f8a5f351e042c55234562c2b28a5440451a65ea65ff3538ef6f6dc68f2378efc3b62c3441dfe4e303a9af053487f0ec68e200437a239f628d1f51564d5abc64fadb28aa43ecf56d8264efcbfe395e3cd8cdafc196a67d5b3bfbed3cf60e79c3b29a6fad3d71b6333cb3b6e8b509953b389bc3b0b1a4d86a261d222d121cbefe2332595c38641481cf4928fa1c5b88265d0aa394ff201c3fcf33de610dbf3c895da7d1e6a92f16b2b5701d6a9efc59171c1a09f28adf6e155bd94660d133699543ad03e85eb510b5b9c22f4adf15367663039d081c354ed74dee4a048b17cd7b1ce3f941677bf2640ade599216b0e2e805c043d6b14bca87c724e78825613e823565093f4e249b9df1d1c318fbfc5558e"})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)

15:46:26 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 41)

15:46:26 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 63)

15:46:26 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
faccessat(r0, &(0x7f0000000000)='./file1\x00', 0x15a)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2662.340494] loop2: detected capacity change from 0 to 40
[ 2662.342980] loop6: detected capacity change from 0 to 40
[ 2662.361080] loop1: detected capacity change from 0 to 40
15:46:26 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x8c40, 0x2)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
r3 = io_uring_setup(0x3ab7, &(0x7f0000000180)={0x0, 0x9c65, 0x2, 0x1, 0x398, 0x0, r2})
fcntl$dupfd(r1, 0x0, r3)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r0, 0x0, 0xfffffdef)

[ 2662.385068] syz-executor.7: attempt to access beyond end of device
[ 2662.385068] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2662.386726] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2662.392804] syz-executor.2: attempt to access beyond end of device
[ 2662.392804] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2662.393652] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2662.394750] syz-executor.6: attempt to access beyond end of device
[ 2662.394750] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2662.395579] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:46:26 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 61)

[ 2662.413858] syz-executor.1: attempt to access beyond end of device
[ 2662.413858] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2662.414696] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:46:26 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 58)

[ 2662.469156] loop5: detected capacity change from 0 to 40
[ 2662.481179] loop3: detected capacity change from 0 to 40
[ 2662.483456] syz-executor.4: attempt to access beyond end of device
[ 2662.483456] loop4: rw=2049, sector=44, nr_sectors = 4 limit=40
[ 2662.516373] loop0: detected capacity change from 0 to 40
[ 2662.518033] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:46:40 executing program 1:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:46:40 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 64)

15:46:40 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 59)

15:46:40 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r2 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000240)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000280)=ANY=[@ANYRES16=r0, @ANYRES32, @ANYBLOB="ee418de8e80f6a235829815a14fe8cdeb8228cf6a4bc784975bac6a84b17dd71234302c5ec280cfd06c8d2df30d7ae2a9f0c5c67ae1c344d90086d4df3706acb895f641efb2b461abc6835fa3df2098b0e8cf5642e0812b089c01fd70b497c978e2f18e3345727825f9c4234119d0f32af8b08c61399e20421c34574ae51d45955ee42ebcc3d9a57c13374f12d78e2a2740fd9519045118a8addc0b88b0343b6c75b5451a449884aeb98030bc693edeb3bab346bdbcdb1d886b7de59", @ANYRESHEX=r0, @ANYRESOCT, @ANYRES64=r0, @ANYBLOB="742272714fd3c67f16b03bb49b5a6f458e34c651d3f9e5be08494e60ae24d53e8b77728cae2e6f92002054f0317a25aa3164583f847cdb9a2ef3cf26b8febe602bfd3d1e0aa19ce3abef48dc3b8d2f4359058b7c8441f40c675fda2431a49d613792b63647debaf57eaf0726db0ae33a1585b7d82a936463f079ffc79db730d3dc681f5e9f76629b2226a7ad1fa9c6628743a5f62b238b6bce50f6c53ad19c6f224fd33238b05c13e03485c8595fb00507302c616f1481811f8d04df10984694c48dad5eb1cb3d711692c663c28c9d7431fe1584b4", @ANYRESDEC=r1, @ANYRES32=r0])
chdir(&(0x7f0000000140)='./file0\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000480)={<r5=>0xffffffffffffffff})
sendfile(r5, r0, &(0x7f00000004c0)=0x1f, 0x80000000)
clock_gettime(0x0, &(0x7f00000000c0)={<r6=>0x0, <r7=>0x0})
write$binfmt_aout(r2, &(0x7f0000000640)={{0x108, 0x2, 0x33, 0x152, 0x2b2, 0x0, 0x109, 0x1}, "9e2c6f3378a8f1adf71310038172a6bc23683c24fc250d0df5cd1e95241332b585958d66833fb7326346a0107b1f443257ba5d0c9f96dd7df907d439a0d3b7ec50dd90deb441e382983ad2bb7f1f9a05e925fc5e004feacb55182b5e69a2cd382fd068165ea54c9bd97a99501ec5740874e9b6c1581971", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xa97)
utimes(&(0x7f0000000040)='./file3\x00', &(0x7f0000000180)={{r6, r7/1000+10000}, {0x0, 0xea60}})
write$binfmt_aout(r4, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
clock_gettime(0x7, &(0x7f00000001c0))
sendfile(r4, r3, 0x0, 0xfffffdef)
openat(r2, &(0x7f0000000000)='./file2\x00', 0x40c2, 0x9a)

15:46:40 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 41)

15:46:40 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 62)

[ 2675.648927] loop3: detected capacity change from 0 to 40
15:46:40 executing program 4:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(r0, &(0x7f0000000000)='./file1/file0\x00', 0x109042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:46:40 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 42)

[ 2675.665444] loop4: detected capacity change from 0 to 40
[ 2675.669309] loop1: detected capacity change from 0 to 40
[ 2675.672269] loop0: detected capacity change from 0 to 40
[ 2675.693481] bio_check_eod: 3 callbacks suppressed
[ 2675.693493] syz-executor.3: attempt to access beyond end of device
[ 2675.693493] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2675.694735] buffer_io_error: 2 callbacks suppressed
[ 2675.694744] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2675.721300] loop6: detected capacity change from 0 to 40
[ 2675.728466] loop2: detected capacity change from 0 to 40
[ 2675.728732] loop5: detected capacity change from 0 to 40
[ 2675.730447] FAT-fs (loop5): Unrecognized mount option "" or missing value
[ 2675.734261] loop7: detected capacity change from 0 to 40
[ 2675.738973] syz-executor.1: attempt to access beyond end of device
[ 2675.738973] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2675.739861] Buffer I/O error on dev loop1, logical block 10, lost async page write
15:46:40 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 63)

15:46:40 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
r2 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0x60, 0xa, &(0x7f0000001840)=[{&(0x7f0000000180)="a13cc65f6239b455047a0f2c4d77b3166761ea224e689334a7dd9a0f18635a49eecdb895faaba3c454af57a8bc0154615f41b6", 0x33, 0xfffffffffffffff8}, {&(0x7f0000000300)="87a311850868e9d7b695cdf36c1d97f3a06e1db7ea162a9b4114f165f3d310d9aa8d161919b439eacbb7791f1ba280b6b87432697435ce7cca3c4ad09605eae3c2ff0978510f5088672de228541a1557a64b10b0f5a7a60759a528ccc1d26c9df43d54105b6b204bfd9594be30608b33f4cef14990ab63837597f6bb0f3aea0f128eadbdd543f43f3f957da21b07d1a5434bea356638889d1a586a0cddfaa1ff28410c865c93d77f475e9e15ccae4f70446d71ae212b7ae1e42f3b192a22eaa692dbaf42efb220918983c51a12683ea7fb0577e15d009e733653a3896ce47bf1a2763ff09b7a01bd9df2b971f820eb1856823c30d5c3fcd037e11d0c116365cd2e817b7df9833567631a3058410fd4a493711890a9c2b50e39dc690e410a921ebcd5e874963a88ff48b76f507dc8dca2054e1fe60723e00c7e15504613fe7a7aa1a6487ce77041df0eecae364fa07776cd8f2da88b5ba31fcff57f1b0b7e972051941f93c50a1e0e245553baefa4e05387671c9b2170f4c4778b0cdd2f14cdf23a35f484383f4d6ba9c3f69ee64c1fd84fe4137c81c9a4b5b52e7725519ff4cc9d27fa84857a122252e4bfe09e7e46fc00ef5500c626620cc7bf334042b5cf03cd4512e7ab2fd6d1c198c6aa34d90593814c713dc41752f289b3f640ad57a6536785ebe6d5c2483affafbf058315935c41eca2226ff1a732ddb978095521420718faa43dff6cd03820c06528c512760161e485f825e2115a97882e027885d0f3d799744c31e58815717290be12bb1abf6c3389fedbf825ab4eb04aa3f85b63ecbb68a969d5d4db750729b9149bc3562336a3faa9db2826ec4dd4396c5b4debfe19de153611753359b59ce9ec39a271378f6f4b0aaaefa5602316ba468dff7d8be19e81364f5b5bc07bf1aa2880b0cb86666c9f68b907bb18a8f3938ca4d130e1d7595c648bd2520be39757cc4066f69b17add8f02b2c826bc87bb181b20a1b3a395400b06ce67160a15b7e64a0cee9c4d2be8ea3930fb24b68b854d5e51ee918212f0a4780b9579188075511477ffcea9e51bb521e5d60629269bb9d002415bc9e4e73ffb54771ee907ccf45b8a491867489a8c6687a4db4675bd9904bb0b808dc102774ab46749ade5ca2416ab72dcbf94e7bd14cd059bf6814fcfca28eadbc35ab232579dcb6c29e082142c4e373ba6ff7997e2cd2a513572435cb78019084a5b121f42d11908a077e2c7a7b30f17e70326fbff8c6846c351eab2af6ccc12e0d77e3e24433efee179366370f6aa283d9018588592f67d9d5cc37be26fa2a6c2caee986d8fae6ca045629e22c1c48fd710501e8c02ef2210163b3624ad787483037419dfa4a3ba6c11b35a025925ea3a255ef212160abe8ebae38ae796ec024f9c642c7e2e17b5b0e5e563a2204f738fc35ab8c10246f0cc0002ca6b13c4b9a1198d541cd317fb2475249591b462115acf34e3a25185339aec3bc12fa88a85ecb877154f53e4b0e4d2e060e6a51433a554e4dec8cfd38fe4ed49d5098110a9451e4355094940a586f271a7f1236eaefa9d8ce9317200e937c1612776407eb8cb4143598eafd0ac5d3bc4dfbddee02f1692aa947d63e6c27123580a5004c24c818e47ea1a481dbf5dec6ddbee6118b2d629676bfda6adf3e9e61375f9272575dec826a5a5c35a46e028fe0d2827d1e60102658c5aeffe7349f3dc3852f171a62dc863b125ef387a8beeb4fed05bc0f16b77b41eb8da0aa5ebc7c62c3a0a31d4041238c3f7c7c2027da95d6b95e44f42791992efcce9df9234fa2eafb0c52e5ce91599a365f623053a417cc6c0ca7d86348ea89016e4f9c472ef8d4fc6437815a6aaca4ba219778f5942d275de1e44c7b1d5a2b0563a78ab3c7a103eb2d536965695f95cda5e38fc105a3e6e5cf95fba9e50d3654adf4f69dc22ac51aa427f2893d1dd784da880f9f0f4b5bca1cf58d5f155cda9d1338b27221ad4d98ab96f7df02909f558d4ad94a84b576eb5c2d171d1793b6cb71fd414309dbc2804c94cec0d985bbef9c902c7d46c0a4fc43062cc6558501962c0248fc93375a59d41202c311311b85d63f89eeb2ccb73eb521968b944c4634d9e25fbdc6691646b9c7ea1c8e9b5d861e7d8ec2f223b4712d4227f741c6abe56ee355f6f31154fdb488b121d67a1f07f7b568fd7978851717545057d393425a65518431b7577a174394f0089a8988834ca9f55e636399fa8ec3da23b059cec51bcc8063a3cddba0cca208464160210de6df0399111edc26ef248c669a15eba6f215f050c2324a97211b2f0d42bb4e04852da73ef00c84e161c53c9e7c8c57fd9c2ec1be62cc5d5652c45459e787b1cfdc5e46ffa027bbb7eaefd04c2d507c2c53c649271f22050ffd67c269024ce44a607c56b16b245ad5b637837899a819d210ab24a893583708032e92e1da8a1eec9437c71bb9e0333847d6046bedbb78f1c443679c233271b88ad9e9ae7013edeab6b5d83e83a427fd5845f54cb2055a38f0fdbb2c24298347e4849f137aab21081b13525886d3e4d67ad2e9c1482e3fce07dee9073a3cfeb42f32b72dde0fa6a14dedf9421d064480d352aba883dc751623f708b2dac526399dac031c463c994a423bf35af97a863ae4c1c999df6f5cf0abdf02523bfc19e879d5f31ec0344b4b08226994688f9e563ffa7f78f8cbbdbc532275d536c408e818e21fa64b21477994142456ec8a2a3e3a9e3f71b3128c157766110ea1a412e80a535439acc21e2210e3874ecb0507d5a4f810a77639a0923e561918dc313efefca9c0c195702cf45a204a34f4ef2253fe918ea83db527312446a9e8c90679dece3fb507fb8d10053c9d8deb519a1ecee6a2f7014226df5fe8f8f9e219462474912606cfd26df4f7c91c7a01edc825c64d104bf4997b424d0a640fe590e02cb8e97c95faf263b3150d91cc9bd3f27bb3d5c6bd4b7924447f84adaac0ac334dfe47bd6f3943e1629393b2b9fad58e36547cc5a345e3f222072e9832e66c4e773ac396e29f13fe7753a513dc7bcac014303dca2dc7b1028fb19c8d5420ece2a6e2eb2f021a02804e09664980d839d0be97acf206d00019e762451578c823c72af6e042e481d2d52072f47aff232c7dcb020d96baef4e9868103800334980159c29f1d4065363c53d26bfe6950a246012a0c439473d4ded6dc8231cdeac005246751852ea7530ef8404906b46491084bd63cd9e8ce25778b964cb85c5ac0d57aa1b36a80bf94e27703fdb3fa96406741bdbab159e9f77eb4005a2edc50e5924d028f4e0f1267fb868d684d280c8c6c319748eeee883b66b557858742df0ce44aa068dbf742d5f670ffb345cec2e65d330a5433c0a213e9e1a52914edfdd2459d51ad81bd81df004fa3e1b81f0b8ba5024f20dac572bcd52cd7e318f1a17b8c9754463f4f70bd657a3dd9e96d071273163793596d886f6779672006efb5b9e5f095c43af0e4c0c9964299e386f7242aa020fb8aadcc4f12ec5cc52f6cc3b20456644d800b47a249ae37133a1959bd91f6cdb23704dff1e2082904834bccbce2d492a83e4df935e956602dd4772ca372b91801458c49e88bd04fc6aa179e7ee226dc8b722d838a5769bc94753d490b2152c4e14464f8233efb9af96f5578696457317846bd6330fa3e09a25ec21bafe7c78cfb983892fdba7ea8d1d2ebb49cf40a2e8b444f5e311c7709115e6607f8aec1290a884c1b7533ec7f8f32d3e06748947c2cb490cdc8f3396e36f0c50cca6491f232b24107299335205a22b668199e7090e6ea2a74a8e8168da0ffe2aed0a347c4b0a204071301bd6278a49577ca5752fab37a4d01c68580b2a24b969d1ead4b48521e7f4f23e2fa193c1d01fdbc0bae5c5a59a49efc268816adf2f7297fb3476a40f05c7667db34b80ff87c1817e7f01570b268a4f7f6d29e8d9c90df59b8dc4f51d89b4e0ac45f7ac1756109692612172c3f8d99673a930f8766ac5a665b9257b5e721127d00e87d3ca7a9d55a54e3e1e231b9ab347701579962bff7ce6a8e53751cca824217d6c03b70499220c44f19021a4f9ba1e60ab7af96378cbcd8ca46f8740274d5cca2b3c17da936ed635074939b47e0fdec47ea2379d92457a8f64f3d76ae983c8cf3938d0341baaf0777214041d4b8f2b020ad6d822f42c44b25c98fc56265db5e3f9c14f3ceef932b53a0a0a7f4ea0d93f160b847777bc50d51a73e842c50fbb82aa9d7804978d2ac0ef8da1fa05e5f6396dbd14b289d92ce5acf271fdc6174290e6b3fafa472b607079da9807119ebd2091ea17cff8e9b3e2f937eee3ac81c616e02a56d525ab55a5e907a52cd6c17a116f96e587c952409571da1c9fbccac4387582ef43a5e5ecccfefd7b13ed35c1b37fba755f167674112a618e701ab8d3c9015eae52f7cea930d3681c305f07b98880494b2acfd04e9dc505e9e6438177235c151c734b66ee3b555c915f78cdc3f7947290ec6b458303831b908936b1fe987314988e23288aeea7e85eae9ef926a96a5f25f2ee192669462c978e4d2736168f2705946cc36ce69b10ddf13a372426750fa8b0bc79e54546e38fcc36a2dfa0370a39c27dec469898e6bdf41f5443516519a9c9d03dd74ae41bb1b26d9e19483e10e87a3322c036f31a9518485499aa6bf6b124e8515fddbb83fbd97841ba94481c346e4b9d5ee38d31dbbe0014d9d24005e3bfa60f80092b0bee9a1e15f01ca431660463890c265a1775668f7f3346a354b261daa11a63700d0343796ae80d337e4137e195f67668368719bf9a25fdb2db27bb48935b6d26f0f2d0110c4db135989f5bc06232700f89fec27cb62ba71bd380e219b02014b6b3cea28649db4acb5eed2d411094c121a7362a3c7e2113110a3f980b0ad16f26f8b507d3bf7692ac2163bf15fb5e18f967d190486b87e291888b7d603a5010562250043f970250638dea3b1e92aeed8e7f970ddb15665d436ea8cb07f87cab8b6f50a677e7247c8a364ec473c0b4495ee838fd4298a0231f1733dda778d51cceef71bb76fe38936cba339f1e1a0699e8c60349795281d0a0cc93ac2b9c7379567573a1cebb97846fb9097b4dd1cf7096cd05f37f154e5ed9b8e3efde906fb818cc153b7dd10f1af99d4ff98d3b11933d081414e2368a7af84b4e39209477efad571a349a86b0052708b04c679d384575cb1cc8928b1ebc471a1f68ae01f7a34a2c29bb8d41efa02a0b1626c8057c1e1232c7bbd848fc5b0440bd04a4b521be23b01751e210482371bf5c3667b43aa4d84229140f8d48f7dcf74b338f6398241ee24e1412bf8ee4f8aefbd6e34f75a56ce781c9d1038f96c3f3795580a19531091e08cebfd9aeda71dcfdcbf491e62494ea1eef9f9e908edbaf283dde9a29fa76f677862479af304b24ab9fa0145e702dabe1acf39b25aea2146aef18045f4c7c779239ec58f2b8dbd98f109872340b60146992f6110cfc9e1882d9b8241bb38c487f7392995d8d6ec23317129fc663d3ade45d90167c7a10abc2374aec19cd1738e28d569ccbd3962cba99d77f78042088151a497459f10a0bc8575ce8a7645063653bdd83a7c2edae1f82f2ba2751bbbf92b83bc08893f5dc6cf1c7e268ec2b15764025c15530d946789f999a2b8af5abcad7eb080efafe997ba4c9c3226094cb133b215c3e7d8f7c530c95c2d3a8ad1da5cacb3d67aab77890158604632c593b8a0812ac4e5af4b121ba651463b7d94048444ce1edbfe4b17409d6c5010c1c49f2f1ae16303db03f6e3e383db223624887bff1ab", 0x1000}, {&(0x7f0000001300)="f125b4927eb02143f6eb883b8d4f8882c6f1edcb14856e4f52b6362783a49608151dbf7bb1bbe07a1a8d9632edddf59a6d6e7a9cc545c10b33bc7da4a19fdb8fe7bc945345695b5cc8a9e835444ae151518601941a815bdfd76d6b9f29d8e5354af8ce79942ae3d5e0f8c8ab138615292b593e315657e5502ce1817bd19efd126273401dd0fa0f8a4bda823144d5fa2cd976a6f5402a5977b03b4e7b277f9833108ad9e10fdf655e9c0d3502afe6e3420208972cb193a5c63f188698aee5010e8c651ed4d7d9330cbade91b5ce9e581b0322755f20f763500f", 0xd9, 0x3}, {&(0x7f0000001400)="87d38668f0912a5494045f7f41e8dbbd1069da4f465e017ef70d0d35fb73fea2d161d106b05c9a7f809053eeb5ac855a4f97929c14488124d28caf7cb5e2d02a17f8fb0cd3e24448fd2d2812254f9828ef39b1aa99a05a7f0ba869465b2abc90c468e570134b693bba6307a1504040ef", 0x70, 0xffffffffffff8001}, {&(0x7f0000001480)="4cfd9f3363e5b19d037827546eb4d29049442e3971586a5658e3e32720f4e2dd97e12ded3f3a44dfe587b1c9ea7eaeba5043afe8b09cd8c547ed022e8a2606c6eb2df37b1fe645a68eded7ce80f54283d17b35c15717ab15ab61f72929d9b88d1841cb0742cbea6759fb91ed71286e020634b731d8bc", 0x76, 0x5}, {&(0x7f0000001500)="4ed36d22bf663b84ef4e8bd5601c24a640e19913514e609b12c83232c87c32628f03f9fbe6b29ee071fea562817f5dbc759d89880809c076790fefac7b27d7e62b48cc7eca338abd7bf0cd271d5a2e722d81609d7048e58ecfd13b54182f2535bd12da862e255e2afb56fa9c8a4e71b04958a9b49a63f943e7ca2df7d33d1596fb1dde435b1a3114a3eb68f0553453e10ab2d94d", 0x94, 0xfffffffffffffffb}, {&(0x7f00000015c0)="95a4c16b08b7cce9c542867529d2099ec4a23a82791084bf2387ada9be7caacc73d51d3b2b5ef2e28a7898596d188c565d8a53d0effb2f78d5cd706c473ba86033ae5763ad22fa531bf7a2107a8f3f8bdbff0ad280382cc8e1306e242899af52773d9e0aef7dd7d2b5443a3076fcf1d7761a5fce167f18421cec3fb12ae58fb52ed7cd5ff5bb0919ac855fea75f4d812972718409892b2dfde28b4a7779db0390848bf76430d4b6f8a169526944de7c8df88e2b678e1166ad6e536ac33da11c48a6d6a36c5c8341563e0d0b91537c2cd7f6dc42a953d54c262ec35c7044b9c589d09467fbd7e541db33c345b14ee7b899153bda6e9e9d28ac9b669c9a7", 0xfd, 0x29e3e4aa}, {&(0x7f00000016c0)="1d53cd22d2ab3dfa42dda1ee931add1b82ee31bf26d36ca9f943ade3ecbf6baf7bb34b158e2f90f536ae908143cdaf32237967f042ae4d7eb3530cca1cec9b63dbba7e0e70bf62fdcee780e8acf25134c57361f9685e7267acd0e1e769626619081c754e0aaf4a793df6eb585a332dc083521c007763fe1f629c2026ba447393620332e63f08bd5d36241a513070f1cb70c4317495d6eb013b71dfa659d95db922aa121c00722f9daa31b7c17c78c57d47464c744771b377dcd31c", 0xbb, 0x1}, {&(0x7f00000001c0)="6926fbbfb072e1ae14aa175fdc8564c37c", 0x11, 0x6426780}, {&(0x7f0000001780)="383a7401cca7c6aaad1ed8fbc5bb1c47075d2673b2ad6a039af7b1693ae9eeb5689cbd5374e5ba74671c0aa1ec3461f124d80403e19df40eff552968125f016da10b41e0182d162170f7f86bf3f63c9674051274f732e0bb2663324c448b9e21110a4d548e0adbaa9fa3b20635177cf539c41806921d7787bdf7a18f52899f79db16764ce98bcb72fc3609e7535a", 0x8e, 0x77}], 0x320020, &(0x7f0000001940)=ANY=[@ANYBLOB='discard,fmask=00000000000000000000003,nodots,dots,dont_hash,fscontext=sysadm_u,uid>', @ANYRESDEC=0x0, @ANYBLOB=',uid<', @ANYRESDEC=0x0, @ANYBLOB="2c0000776e652820c111c3930b8a75de4aaf0e", @ANYRESDEC=0xee00, @ANYBLOB=',\x00'])
renameat(r1, &(0x7f0000000000)='./file0\x00', r2, &(0x7f0000000240)='./file1\x00')
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
setxattr$trusted_overlay_nlink(&(0x7f0000001a00)='./file0\x00', &(0x7f0000001a40), &(0x7f0000001a80)={'U-', 0x2}, 0x16, 0x0)

[ 2675.780977] syz-executor.0: attempt to access beyond end of device
[ 2675.780977] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2675.782679] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2675.835355] loop3: detected capacity change from 0 to 40
[ 2675.852238] syz-executor.6: attempt to access beyond end of device
[ 2675.852238] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2675.853882] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2675.858294] syz-executor.2: attempt to access beyond end of device
[ 2675.858294] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2675.859910] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2675.867866] loop4: detected capacity change from 0 to 40
[ 2675.881728] syz-executor.7: attempt to access beyond end of device
[ 2675.881728] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2675.883462] Buffer I/O error on dev loop7, logical block 10, lost async page write
15:46:40 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f00000017c0), 0xa2600, 0x0)
statx(r3, &(0x7f0000001800)='./file1/file0\x00', 0x2000, 0x80, &(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001a40)={&(0x7f0000000180)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000001640)=[{&(0x7f0000000040)="7485d182002ea33b3dd8dc39f4198e3b", 0x10}, {&(0x7f0000000240)="1e4aafb275c0e3e1c35b5e87c8cb263f05599ea188c23e36b619c4ba84898e08963ce66b92039880e26122fdacc821ff269b6c00becc30d3b60c25e8b95f9dcfef3119312a6746a165395a22274c010426efd6077357bef4ad35955158075bd4bca9ca02d1eab90a4ab07be002f295650019122826882261e73ad1e3f556c24ad4fe91f96e59fe684a6348d0e0e9c57f86a86f9d95a5185d8c6e47f9f785dadacff9e77d8c0c92f0f5e652a19d8c32ec62a5c692c63b1a3e7565ff2d7200ad454c94570db7e959198860f4771af4f07ad76ade97021199d76157596bbb06ffa75adbcb3d7789cb0f28ddee41a1800d2e64ac712ba32bd3bd92", 0xf9}, {&(0x7f0000000340)="8e227b3d9f69f721e3aa3e0123ad5bb202db0b5eedb0d445be4de44b91a973d7de06de20a06a932fd84be4f8b809d01e375966dd247b3b36aec7dfe77612f6c990672192549bcbfb592856ae4a91a3faa2fed9e2335454a07c9986949b6147a4ff1358cd64f584d9a94f77f3f9a24a28c54fabe25ff1751770bf7877736691e548dc242c0370944c3adbbdb9e1811cfd13d412eddf4a5b7f0ec7cd8d06e3fbead356550789926f9c6c92227bbba0d263222a41aff5508025d0e5a74d05b548f2b967eda831209b3268647bf4b9311927b7efa86c21986f0c0590010cdf7cb041b4a837", 0xe3}, {&(0x7f0000000640)="92be8a1bb2cee28a0086ae4b4511c22b2463ad29a9c4cc47a7f4cd586f9fbd4fb995a0f8b1331e9558fe36343b52f299669f35e2b80d26ad830dd221b9afc454ee75ce988ba10be8960e1a7221d5b0f1073959c53512d728ab5a86444394b2383983f52a9b0a00661b073d1638a393833f073831048fa2631fdf2102f7f82ce206c960607b49f0f9e8106f26525e2702960c9ce7862e0dbe5dceb25457421e465d081a08405ad995633eae69db4ac8707053186aaf73c5066ad65db0a3011ff87b85e6556932c761052237d45a7cf65f9ae3f32a86cfb150f12b6b7efefe58bf53520f89f0f1fd81964be54fccedc14449c2ba8ac6622f8b140f7e793a7d6bb391dd6604f84b70274c912a7927bd2274f42863a2793f3d2983f70b8826140aa9a8b1703f199fab1ee944810045d24583e27fd0ba3727981dc2cbfee37988e749a61d888efb416e1b249e01c39c901aa2ecf1876770edf8655352141a197bb17c2e7fc225d55df0c6694cdb9372a7412463ddafc9e72d1d644aa929b854d80d8ba422b17733283dfe1622ba2c60e5a80028c51744ac0cf364d0c7164e46f2c8ba326f5881e03e37dddc942718317cbd5a7c0bcffaf0b76dd05ff4a6cffc30e6946bc97b6f18f90469010cd43792d6557399f81e6cea05940e0505358fa2bf717a3943326b1e7f72fb79b77a16605eefced7c312880163578f66de270a7cd05d5690839d7744a7e44c8928e3906619c7c632a0a53392ff2f6b1220e77f81b150911060ba861e34df108da5214d371b658bcf7996178d1f55f311a3ac6ea876f3e1b64be44baff158b24579baa7509b205656abae899bdbbd1f5cd846393ca0e7ac61770c3a365277f8eb019e5a2bdca7d5dfdba86ce9a1a598bb37a54a332ff7fab903d560fc05c3756380de650b4671742ad905698459d5c00be94474db243a9676f65ea2e5b7f58a72eb3a3823f6e4d0f38b358e94b767e33762d96aade4b4f6dd72356a04f11e88d79c0ade738fb3269ba4fb80ffbb5c2448220ecc2fbfb95c3df95899b6daff7c1e742b87edc9c20787d52bb9992b3ecfc92b0cd2597ea44cd6f2cc52e3daf9bbce144802544440cea9a9ed4ceb0aae4e22e6d886918612434b18f60f665960358d49f442fc7811ea74038b4056cf85d03bf823204b90dbb8dedf0287098ba0ec3ef7f2795c6aba3ca370d6aaaede7c6dc1c3f3f525bb4eb234bcb0a6d50c0209b087526ef65e14dbd4c51a8579737cfaeff68ac46e36855087501bc10c95c08fdc3c37ea1c78b3da798abe0c8795238540616457edf2901792b36801aaf374f95e0dace005f5c72788fd5ece90de1c48dc870553b3d572124fb5b00aec847dd13012f64b12ee0917d38c3b1d982156683201545fb6811a57494c1b2fa83cb97346034e6eb2d7bfe121543e04a6aa3fcf4434c37179b683f477e0560cf7d1091a64f1433e4e16d82058a6ecbd0a50aa58af74e444333bd8ac9825190645ef73b05bf71d6b5de7faab3b6a85e014fa67653ac2d897016df24a2ea76faac0c8cbfe88b50f837e3b5fb27cf06703eb601a06cb66016e49bac04bc041e81a51932a0596a454590eed818052daf042a60477142a9707d31f47f0253c8f4b38ba5883099f1143c1e0d3c255c91e67a8e06288d23289abe0610f5a69255ed66dfde04769fffb09b4f20d49e6c3403c04dc6712d1d2a446e981eca2289f9437942007d608497be1312f5baa52eef8229aac911c3908d55d297b0ae9c21ba9ed38235b96b9e8106660a528f545314eb6a0897efdc45c8a772a93ed6e35d77ff724bc9b34b1bb7e6de6685d86777fac6eeac35eb4417d3d5cf122020cb6928d11f0ae28d981f5ba5258d3e661745194a619c1a213bcd269c44d2a164437a493043cbb137785da664ac661c4757a205a6108d5fe97942a94876802228736a449424adde51be91b136956b38a886af5ad8dd32400e14dec6f2be6e02030cd9948e9569b063a055e1fda034b31316529c8d0a1084029bf02c3318e52bb8ca034cba57034804ec7ca2502074a1c4cfddafb08854c7a4e082df2f02f7040bf7da274e71210df71c25825133d4896c777edb91ab0089d02c6fed33f4f67b5ab31a20aba2e2f6c21f97540c07aa12fe4634dd9b574ce47e1d71b4d685352354088f89a506093fe785cd1096b7c205a15f633364d8702d9e41139c1d121bbdb70d62d30b75b6f4130e55473896ee02b1ae042ceaba91104900b824a1909d9ee3eabc16cc34f557a1659bf21d87624eaf8658ce398abe6fae3bbba9dd8c47de5b8ec5b766658dadf19fb866ed2d67fdb43e0dc90074d9a883dcb5d00579c928c3721900eb3d3c398b03c440ada88cedacc6b371e29fe51036c74c837b6db703e7b600d98729069d33fb1741247b0c9b16d09909bcf90d14f87192ecb934bc10b680c3ec3155a18777fe4ad814cff1cf1c1125893b68d1788f39c595ff9328439bb040639f2d5098ca7a2d7419520232a0a744f09b39b90b83f548220202289fc9809c12347b35515b0e1d324015b619c1b04c8359f2cc8a5cf4a0117f3ec68c283b48b6aca6e8fd9e12e8c1af2017c662d5fcf4fca63ed8b7a38bbb19c0578c9ee36892f07ce05a8be791ce9aabe32cf3370fa770c4ccd533e73e4364c6c649320cfe5840855471bac9f3927844022045c3898c9612ab78f209639e25ff5d98b91d66eed80b67573093385b0582b83f40088b536287476d75483a60857059f121271ff3c5ae412c88847db12fd17a0e5b99cba6ea1488f01686945fc7b49d351e81252d3e6ad75ed38a32d972246d64a755dbacc97395af9c46c53d8672c204cbe5a5b42e95293518d51bb33634563b59ee4ccd6dafb15324baa6509d0e8dcafca3e40f57ae71bdf80097984286a3ed6f97204c9a8932da31eddd3c353719c2119be78af47b00b3a67287014543b82303a716da61bd30c919fdf02cc6a5ab62798cf69897ef9d00e85f0797b2b3e345d2d3b103fa4d515e780d9c6843dfdf472572c0b4ad89f4a45af107c4fb36cc7798a5306330b0a2e2b2ce5600a48401c92da89685025d06ce7747409c2513f20f46cd4a4199792bb067f8c7d9fb93219c19fc1f478867def8c3113a57f7f7cf097789f5497e741dff68343e5b3d67bfc58d1141321c77c27a9fdefd818d2fa251632c4a259208035b3b895a38433b4d20d6b066c6e9f5ad10b3609762e613507ecb8f67984403a5500c65588710fd383df15ac7d3e6744ce55e3c0bcacb99a9a49b95ada10864c36a3f9aed40dd0e976a7e338351a23c00aad88cb5e20c270635d3472512f3c5f38ffd6c1886947d8743d3540aa607b245fb333772197ec8e84c19ce8d91c240fb20f620811999eb53acc66ee5f57f2f9eac5c853fec8df9e990f761f61aa76a1451a90b028703b1c2f4a2d16bed1a29be41059b900530cc5a749f2aad932b3125ce7202f25a6c7ca090f2af504abe79d3b797f9c76275dec014d32993801c554d12dff154af1ebe30f10675e235cec2e5c8b95bc6b6af4f87f59916ade744b7f0b473f36d1370dab86b7eda0b2221095f43fe73e45fcafb6a8d395203d94e31531268fdd11ce3400481a5db732d3695302de48a1678689b0b93d7cd01a1f87f74537bf29bc38f68ceb825b0b2ec0bdfc396e472645f753a633ec049e04cc547ebacf1adba4c64de3bd21b88fb43b81d0b0c65191f5ebaeaa8e13220117855b9157ab5d9980f180c83e4e00dddd540440ef3218dc8d3904dd8c343f6bb807ea209c09a39c16513a7cbfb3ceefcfa95b81dbac4200c57cabbe4c6abc9bbcd9a4ae2c83f05b856aaec3ec40195b33572c8320e2d799ab51e5fb27364b3a34a981fd84bb524521b324515e59793de311a1109a813e7c65fd5eb25c9a636d912f671b598970f6c7b4ab108b5ae2f9ba0345b76680bb49f823772da0f38c91b949b5cb9c74cc64ddff2ec97848948a98c312d2a2623a345c914a2498c0bab24e1915484985212d543e0186088a518ff1e29baea0432697418f331ba31d47fe654e41f2aff104ebaa79ab26b49ff2710da427268af1d8910a05fc55cf75183114f475d6d1771bda0305be328aa4bf9f407ec92ae63a6b1a45398c1a12f7a9daed64a03ae4e8e0ede95d227a846f6c7585dcc8f5ce24d502bdd9c29dd9f325201e0b089380b26ecb6a0c5520fb81aa67fb38fe046260fa11f372f932848928f3785866de9383eae83349061fc88e25aa9127a26cc34d0e500e0151be61d578dbe85ab2e62b2a3266eca1198efd8ab0213e34ca4b2bb342704ad379525a7d04bb2c6e15a29e87afe1f0c0ed813dcae8903da1e7f0441b10428b3aeb2f17aae1cd8b5e17e400a278842648745a34ff1edd0e3b4871d4de428d98493681df99f530033d61a6f5df79f8cf4e3bb9d390bef92175e43531962f4ae75a2f54f94abf3006f0ba594c19cfea5f3f06446f2d2d4a047d4778b5191883608db5786f0674dabfc7760f61a66428523cc6789c6e02d89baa60daa92b0e26e53d045667890e7142da5a83c5e80079c90abd7fbf9183d95b9fdcb959d14463b618b7e4331e83c2ec56c955afbff97b03733b3781856706477d985511ab6078213827925407f9deb27c483f7566ea25a2487d117130c5488444db8e936e2bf7e3985f66f9b9256cfbe3e3f7cf1b0ec8dbf896659273d9381358f2368476215b32d5bc14b888051d39bf9e6bac976131f5b08c4a8891e8c5de2d6eb1653e1ede8285fbd1f4986db00d7656a2fa45d509414359c2dbc293b03349f4c827b129721c467cdbac5f227743d64180aafdfb0d491523a89d8ed458f319c35cbc864e2c7ba9639f0529df7c6419c691fed7476dc16213bd02c19666bc5a751652883da5b785576a95e36c6827dc9d0fccad16b99f9163b8f559fa1b166900e5749d790b7fc55f8cf5d7c297ced176ad3075ab4868754a4288f3bec341b680b0901bd93fb48f8e4e2e2b60546ae8b77c3ef19949d544b2ab02c17d7fba7a7216644a69a7ff65e656059651e3538dd75c400139960338b85be8a32020a4fae74557ca2d023bd42b1befbb6652907a3785ba6f5f54a539f584a2de339645dc2b62b9bbe76f32466eee20016cd11f911399dc97a50b7f9c14f85ba4baace4d7c182553db61fddba95b33fe07dbf1e49eb934fd792193309c8baa595ef60192ac7859cba3f864735453b537f5c60b60bfdc4ff340b7574ef03989e2307eeb7ad8b9b6f4064dfb6f8e4f357f8f199a31d016bf6cc810cf4f23f2afa54dd8ede0b12cea6fbf7fe14cfe55d03b589010bd0c34cfe4388d84a850acfba2222c715164a2bc749f80cd51dedba49fdcd7d8bb7c6e256f4432c7b7b072abd3103fbffcac261a84d177e86da9b1a341033bf5915fd37fe65c332b2bce4a5e88870ac833046312e8464efaeba1dec7a6b660d766e4f970451453175760cada056c2aecf29cf48301ae7818dcccb498c9cbce5138d1ba0c9a3e08ab8af58df1fe549f115fb1fa607088e88a4de030db28011b68fc7cf909e640691177320282719189018107f6f0a7132c5efef1e8042aab3291fb895731dfdec3437d480cecc3c453a8d25bd62031d138efa6fc0f7300cd314650e4f86e0454aa5220fbabfb5eba925e298e6281d1f3e9d5370cdec8a1dcb20641f8cbccca1084113387783ecd70d7d1acf2d7fd34d6f0382ae240ff99a9e87e1dca748020eb6b96fe9dbf07bdf648ad800cd186a949afab2d3e59d0e2a992bd89dda8e0ebf07b70fea9391732f2b49", 0x1000}, {&(0x7f0000000440)="72d5787043f81249da7dab203e7ef9de77a7dacccd65f8fda6df382fa7c3f71edfb2de90fac003c53ad800ab2d9687a60e3aca63bdc54078ce0a0a1c765f86a37fea324ae0ef9e065d7670c99d7eed575fa8409e92c15c3aebb1d2a0b5b0760c265bcb664166438e0fe48e6ba80b509639de69c6d8fee474c15e7541f9054a1a4e2e046d1e7ba5c3a0d0380d64cba1bf9afaa829922a0f671c9cebb8b8ec2690a4c496642760b8c3fa9f33aac76ece2c35ffb03971a71c2b7282797ee54a2ba529770c2850775973cb024838c48917932cb4dec2e4f38546c333018956346c77178967ed6db254dc33e86d7908a7d96cc3e4eca18eecf2fee0f1", 0xfa}, {&(0x7f0000000540)="37ea6c818a06bd1b86f5489646fd30371aeca6f9b55d50bbc802e204fc9f723655c825a5c09fe7a2eb52b246a4adb6ba5e89d975d4f50b0b75c82e826bdcfbabf758e84e5b5248ea98615aacde3dc9758c5dbea2e4ae65fc9cd443efe6e61d4ccec41f86e40d304d4dde49b45717e01724ff0e1177a0fc", 0x77}], 0x6, &(0x7f0000001940)=[@rights={{0x14, 0x1, 0x1, [r0]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x20, 0x1, 0x1, [r4, 0xffffffffffffffff, r0, r0]}}, @rights={{0x18, 0x1, 0x1, [r5, r6]}}, @rights={{0x1c, 0x1, 0x1, [r3, r1, r0]}}, @rights={{0x1c, 0x1, 0x1, [r2, r7, r1]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xffffffffffffffff, r8}}}], 0xf0, 0x40}, 0x4000)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r9 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendfile(r2, r9, 0x0, 0xfffffdef)

[ 2675.936138] syz-executor.3: attempt to access beyond end of device
[ 2675.936138] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
15:46:40 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 65)

[ 2675.938025] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:46:40 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 60)

[ 2676.008981] loop6: detected capacity change from 0 to 40
15:46:40 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 43)

[ 2676.044217] FAULT_INJECTION: forcing a failure.
[ 2676.044217] name failslab, interval 1, probability 0, space 0, times 0
[ 2676.045664] CPU: 0 PID: 11352 Comm: syz-executor.6 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2676.046673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2676.047681] Call Trace:
[ 2676.048007]  <TASK>
[ 2676.048298]  dump_stack_lvl+0xc1/0xf0
[ 2676.048805]  should_fail_ex+0x4b4/0x5b0
[ 2676.049336]  should_failslab+0x9/0x20
[ 2676.049831]  __kmem_cache_alloc_node+0x5b/0x310
[ 2676.050433]  ? iter_file_splice_write+0x169/0xcb0
[ 2676.051067]  ? iter_file_splice_write+0x169/0xcb0
[ 2676.051703]  __kmalloc+0x4a/0x160
[ 2676.052172]  iter_file_splice_write+0x169/0xcb0
[ 2676.052810]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2676.053476]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2676.054165]  ? inode_security+0x105/0x140
[ 2676.054729]  ? security_file_permission+0xb5/0xe0
[ 2676.055386]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2676.056063]  direct_splice_actor+0x113/0x180
[ 2676.056642]  splice_direct_to_actor+0x33a/0x8c0
[ 2676.057256]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2676.057913]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2676.058573]  ? security_file_permission+0xb5/0xe0
[ 2676.059203]  do_splice_direct+0x1bc/0x290
[ 2676.059754]  ? __pfx_do_splice_direct+0x10/0x10
[ 2676.060386]  ? lock_is_held_type+0x9f/0x120
[ 2676.060747] syz-executor.4: attempt to access beyond end of device
[ 2676.060747] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2676.060958]  do_sendfile+0xb1d/0x12b0
[ 2676.062443] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2676.062875]  ? __pfx_do_sendfile+0x10/0x10
[ 2676.064425]  __x64_sys_sendfile64+0x1d5/0x210
[ 2676.065028]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2676.065692]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2676.066387]  do_syscall_64+0x3f/0x90
[ 2676.066877]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2676.067571] RIP: 0033:0x7f746e5b1b19
[ 2676.068058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2676.070290] RSP: 002b:00007f746bb27188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2676.071252] RAX: ffffffffffffffda RBX: 00007f746e6c4f60 RCX: 00007f746e5b1b19
[ 2676.072157] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2676.073050] RBP: 00007f746bb271d0 R08: 0000000000000000 R09: 0000000000000000
[ 2676.073943] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2676.074826] R13: 00007ffcd6c9647f R14: 00007f746bb27300 R15: 0000000000022000
[ 2676.075754]  </TASK>
15:46:40 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 64)

15:46:40 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 42)

[ 2676.135199] loop1: detected capacity change from 0 to 40
[ 2676.178307] loop0: detected capacity change from 0 to 40
[ 2676.186218] syz-executor.4: attempt to access beyond end of device
[ 2676.186218] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2676.187911] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2676.190392] loop3: detected capacity change from 0 to 40
[ 2676.209403] loop2: detected capacity change from 0 to 40
[ 2676.293529] syz-executor.2: attempt to access beyond end of device
[ 2676.293529] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2676.295526] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2676.298923] loop7: detected capacity change from 0 to 40
[ 2676.552582] loop5: detected capacity change from 0 to 40
[ 2676.558520] FAT-fs (loop5): Unrecognized mount option "" or missing value
15:46:56 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 66)

15:46:56 executing program 5:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(r0, &(0x7f0000000180)='./file0\x00', 0x0, 0x11)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
openat(r0, &(0x7f0000000000)='./file1\x00', 0x448002, 0x5)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
symlink(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file1\x00')

15:46:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 44)

15:46:56 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 43)

15:46:56 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, r3, @out_args}, './file0\x00'})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000180)={'\x00', 0x4, 0x1, 0x3, 0x1, 0x1000})
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000040)={<r5=>r0, 0x400, 0x7, 0x1})
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa0}, 0x0, 0x0, r5, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:46:56 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 65)

15:46:56 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 61)

15:46:56 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
fsconfig$FSCONFIG_SET_PATH_EMPTY(r1, 0x4, &(0x7f0000000040)='vfat\x00', &(0x7f00000000c0)='./file0\x00', r2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r0, 0x0, 0xfffffdef)

[ 2691.532921] loop0: detected capacity change from 0 to 40
[ 2691.540344] loop3: detected capacity change from 0 to 40
[ 2691.542462] loop5: detected capacity change from 0 to 40
[ 2691.546291] loop6: detected capacity change from 0 to 40
[ 2691.548110] loop7: detected capacity change from 0 to 40
[ 2691.549572] loop4: detected capacity change from 0 to 40
[ 2691.578946] loop1: detected capacity change from 0 to 40
[ 2691.595802] bio_check_eod: 3 callbacks suppressed
[ 2691.595816] syz-executor.0: attempt to access beyond end of device
[ 2691.595816] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2691.597005] buffer_io_error: 3 callbacks suppressed
[ 2691.597013] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2691.598248] loop2: detected capacity change from 0 to 40
[ 2691.600141] syz-executor.6: attempt to access beyond end of device
[ 2691.600141] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2691.600946] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2691.610407] syz-executor.4: attempt to access beyond end of device
[ 2691.610407] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2691.611378] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:46:56 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 67)

15:46:56 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 62)

[ 2691.641176] FAULT_INJECTION: forcing a failure.
[ 2691.641176] name failslab, interval 1, probability 0, space 0, times 0
[ 2691.642945] CPU: 0 PID: 11385 Comm: syz-executor.3 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2691.644186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2691.645180] Call Trace:
[ 2691.645510]  <TASK>
[ 2691.645804]  dump_stack_lvl+0xc1/0xf0
[ 2691.646307]  should_fail_ex+0x4b4/0x5b0
[ 2691.646838]  should_failslab+0x9/0x20
[ 2691.647341]  __kmem_cache_alloc_node+0x5b/0x310
[ 2691.647937]  ? iter_file_splice_write+0x169/0xcb0
[ 2691.648562]  ? iter_file_splice_write+0x169/0xcb0
[ 2691.649178]  __kmalloc+0x4a/0x160
[ 2691.649645]  iter_file_splice_write+0x169/0xcb0
[ 2691.650267]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2691.650936]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2691.651627]  ? inode_security+0x105/0x140
[ 2691.652190]  ? security_file_permission+0xb5/0xe0
[ 2691.652804]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2691.653465]  direct_splice_actor+0x113/0x180
[ 2691.654044]  splice_direct_to_actor+0x33a/0x8c0
[ 2691.654649]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2691.655310]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2691.655965]  ? security_file_permission+0xb5/0xe0
[ 2691.656592]  do_splice_direct+0x1bc/0x290
[ 2691.657125]  ? __pfx_do_splice_direct+0x10/0x10
[ 2691.657750]  ? lock_is_held_type+0x9f/0x120
[ 2691.658312]  do_sendfile+0xb1d/0x12b0
[ 2691.658817]  ? __pfx_do_sendfile+0x10/0x10
[ 2691.659372]  __x64_sys_sendfile64+0x1d5/0x210
[ 2691.659955]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2691.660595]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2691.661251]  do_syscall_64+0x3f/0x90
[ 2691.661723]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2691.662361] RIP: 0033:0x7fe051d4ab19
[ 2691.662831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2691.664991] RSP: 002b:00007fe04f2c0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2691.665912] RAX: ffffffffffffffda RBX: 00007fe051e5df60 RCX: 00007fe051d4ab19
[ 2691.666772] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2691.667694] RBP: 00007fe04f2c01d0 R08: 0000000000000000 R09: 0000000000000000
[ 2691.668683] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2691.669677] R13: 00007ffe399a466f R14: 00007fe04f2c0300 R15: 0000000000022000
[ 2691.670696]  </TASK>
[ 2691.683179] syz-executor.7: attempt to access beyond end of device
[ 2691.683179] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2691.684818] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2691.698241] loop0: detected capacity change from 0 to 40
[ 2691.702666] syz-executor.1: attempt to access beyond end of device
[ 2691.702666] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2691.703494] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2691.711515] loop6: detected capacity change from 0 to 40
[ 2691.716197] syz-executor.2: attempt to access beyond end of device
[ 2691.716197] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2691.717053] Buffer I/O error on dev loop2, logical block 10, lost async page write
15:46:56 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat(r0, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r3 = openat$cgroup_int(r1, &(0x7f00000000c0)='hugetlb.2MB.rsvd.max_usage_in_bytes\x00', 0x2, 0x0)
ioctl$AUTOFS_IOC_SETTIMEOUT(r3, 0x80049367, &(0x7f0000000180)=0xfffffffffffff040)
ioctl$EXT4_IOC_GETSTATE(r2, 0x40046629, &(0x7f0000000040))
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:46:56 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000000)="04000000646f7350d8a02b00080101000900000000f83d", 0x17, 0x200}, {0x0, 0x0, 0x2800}], 0x12e0408, &(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRESDEC=r0])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:46:56 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 44)

[ 2691.779197] syz-executor.0: attempt to access beyond end of device
[ 2691.779197] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2691.780165] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2691.783074] FAULT_INJECTION: forcing a failure.
[ 2691.783074] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2691.783387] loop4: detected capacity change from 0 to 40
[ 2691.784681] CPU: 0 PID: 11401 Comm: syz-executor.6 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2691.785934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2691.786664] loop7: detected capacity change from 0 to 40
[ 2691.786909] Call Trace:
[ 2691.787612]  <TASK>
[ 2691.787908]  dump_stack_lvl+0xc1/0xf0
[ 2691.788426]  should_fail_ex+0x4b4/0x5b0
[ 2691.788953]  prepare_alloc_pages+0x178/0x500
[ 2691.789527]  ? __pfx_perf_trace_lock+0x10/0x10
[ 2691.790116]  ? __pfx_mark_lock.part.0+0x10/0x10
[ 2691.790709]  __alloc_pages+0x149/0x480
[ 2691.791215]  ? lock_acquire+0x19a/0x4c0
[ 2691.791755]  ? __pfx___alloc_pages+0x10/0x10
[ 2691.792335]  ? lock_release+0x1e3/0x680
[ 2691.792844]  ? xas_start+0x14e/0x710
[ 2691.793325]  alloc_pages+0x1a0/0x260
[ 2691.793816]  filemap_alloc_folio+0x374/0x410
[ 2691.794389]  ? __pfx_filemap_alloc_folio+0x10/0x10
[ 2691.795015]  ? perf_trace_lock+0xc1/0x480
[ 2691.795560]  ? find_held_lock+0x2c/0x110
[ 2691.796105]  __filemap_get_folio+0x285/0x8d0
[ 2691.796701]  pagecache_get_page+0x2e/0x120
[ 2691.797233]  ? __pfx_fat_get_block+0x10/0x10
[ 2691.797806]  block_write_begin+0x35/0x450
[ 2691.798326]  ? lock_release+0x1e3/0x680
[ 2691.798840]  cont_write_begin+0x4fe/0x700
[ 2691.799389]  ? __pfx_fat_get_block+0x10/0x10
[ 2691.799962]  ? __pfx_cont_write_begin+0x10/0x10
[ 2691.800535]  ? __mark_inode_dirty+0x68c/0xc10
[ 2691.801109]  ? generic_write_end+0x1fe/0x3d0
[ 2691.801690]  fat_write_begin+0x89/0x180
[ 2691.802200]  ? __pfx_fat_get_block+0x10/0x10
[ 2691.802779]  generic_perform_write+0x25a/0x580
[ 2691.803382]  ? __pfx_generic_perform_write+0x10/0x10
[ 2691.804024]  ? __pfx_fat_update_time+0x10/0x10
[ 2691.804612]  ? __pfx_file_update_time+0x10/0x10
[ 2691.805198]  ? generic_write_checks+0x2c0/0x400
[ 2691.805804]  __generic_file_write_iter+0x308/0x4b0
[ 2691.806418]  ? do_sendfile+0xb1d/0x12b0
[ 2691.806921]  ? __x64_sys_sendfile64+0x1d5/0x210
[ 2691.807535]  ? do_syscall_64+0x3f/0x90
[ 2691.808031]  generic_file_write_iter+0xe7/0x350
[ 2691.808637]  do_iter_readv_writev+0x211/0x3c0
[ 2691.809203]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 2691.809823]  ? avc_policy_seqno+0x9/0x20
[ 2691.810344]  ? security_file_permission+0xb5/0xe0
[ 2691.810954]  do_iter_write+0x189/0x7e0
[ 2691.811465]  ? __kmem_cache_alloc_node+0x1bc/0x310
[ 2691.812102]  ? kasan_set_track+0x25/0x30
[ 2691.812638]  vfs_iter_write+0x74/0xb0
[ 2691.813122]  iter_file_splice_write+0x73f/0xcb0
[ 2691.813735]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2691.814387]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2691.815061]  ? inode_security+0x105/0x140
[ 2691.815626]  ? security_file_permission+0xb5/0xe0
[ 2691.816239]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2691.816894]  direct_splice_actor+0x113/0x180
[ 2691.817461]  splice_direct_to_actor+0x33a/0x8c0
[ 2691.818058]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2691.818686]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2691.819345]  ? security_file_permission+0xb5/0xe0
[ 2691.819959]  do_splice_direct+0x1bc/0x290
[ 2691.820493]  ? __pfx_do_splice_direct+0x10/0x10
[ 2691.821206]  ? lock_is_held_type+0x9f/0x120
[ 2691.821817]  do_sendfile+0xb1d/0x12b0
[ 2691.822326]  ? __pfx_do_sendfile+0x10/0x10
[ 2691.822879]  __x64_sys_sendfile64+0x1d5/0x210
[ 2691.823474]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2691.824108]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2691.824762]  do_syscall_64+0x3f/0x90
[ 2691.825234]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2691.825898] RIP: 0033:0x7f746e5b1b19
[ 2691.826369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2691.828520] RSP: 002b:00007f746bb27188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2691.829437] RAX: ffffffffffffffda RBX: 00007f746e6c4f60 RCX: 00007f746e5b1b19
[ 2691.830305] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2691.831153] RBP: 00007f746bb271d0 R08: 0000000000000000 R09: 0000000000000000
[ 2691.832026] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2691.832884] R13: 00007ffcd6c9647f R14: 00007f746bb27300 R15: 0000000000022000
[ 2691.833770]  </TASK>
[ 2691.837390] loop5: detected capacity change from 0 to 40
15:46:56 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 63)

15:46:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 45)

[ 2691.852139] loop2: detected capacity change from 0 to 40
15:46:56 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 66)

[ 2691.888556] syz-executor.7: attempt to access beyond end of device
[ 2691.888556] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2691.889470] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2691.902242] loop0: detected capacity change from 0 to 40
[ 2691.926483] syz-executor.6: attempt to access beyond end of device
[ 2691.926483] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2691.927309] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2691.965498] loop1: detected capacity change from 0 to 40
15:46:56 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = syz_mount_image$nfs4(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1, 0x2, &(0x7f00000000c0)=[{&(0x7f0000000240)="3f88478e23ef8f6f23e64e26113b8dc3b232cc4ea3321a6027516cf74cdeffe7e9ef2ff753bdf84ffd28249530be9479dd7d50aa97b1f71d4f9bdd0b3e52608cab91de137e7b4ce553640ecf30ea813944d23923f6bf07c1c3431b74ef49db3a9604c2b71fa2de7f542b639dc52dfd5da2675810d242cb1c497282231409e4557d", 0x81, 0xfff}, {&(0x7f0000000300)="8a598a874add83344f96ad5730645ef38c2cf84ed16e3f56211778dd194afc140d9566935e7792a94c5570a1420e303616ca257e9e26c0e14a8b450706b3a26de9d9137f2c0c595c87481e9e837e876a303ede08cafe49c63d62af4fa9070d943e35756a076c6ee080c23ff43b74fba40a767174e6cca9117a4b7c2b39a03a22c7981fe154eba9298e232e413c1a5d20ce294d0baf1d5d459b9a6e44fd0e5583eb46772327433b10b78420b7c6d31f3ef0edf0da0fd88fe341f2697085b3d36b278ceb621fdfab3a775aeab7fcc7d62c3cc98a14d4747abe8eec2a5d57e2fe872d21ce0ca605ae9d913b49da40bc42c2090b9d86bfe346b24a0e39a49f67b485f9084e4d57134123e2108c14a46d6444cc5672220adcff8679dcc634e80e2c921ea1c67082c7d6f323cd1baeb2e61068835397e9721a3e969b7d45d46fd0b82f91326522bee75fa04ed4600e8720fc2e1e4bc38c0e73f5b1697db5a34a94a88c5653ab0880207d50dab421792eba1b14e52192d2062ce068edf272060aed014da43c12d174467b36276a6b1b41af69ccbbacfe3da4f8b3a53d94b830165dde2ab1b024a0f7931d807f4922087cb9ef51d88a1877b8c58ad2afe7c922fb8c946009053a07469ade32f6acf649eb41dd224890cb08e45e68f2c99a497a271fae24534d0417d886a7470d311f44be7f336a7f79ffcdf38ff5dd95e4f842293ee4675739c932ff9c60975de1bf31c1ef029290385baeda02a52037608bd8f9f8d17213fd41f35c4eaf39a9709bcdf6ac5247060eeba2aa18cb98ab4370fa2e0611730549819447158197a66dc010f1b8423a52a63b49773c8cf573015e6d755dbc8788a8d30d6a91a8454816d5e607a98735b84ea17d77c0779e6753923bc32bce28a94cb4f04a98d62cbd5e94b5153b241817cabbb0f83527c5c26c7172cfe31d53a5cf2b2b49fe553bed5b333caf9ec70e6890b8ee9f41595be22f98cc0f8a4d2e874ef51fe326a50b95eedb0497f7319fd77b7a21d3efac587d73d82fea2664a5ba68711ff38e87f715f7db869484407c4ea058b43435cb43e27c761d5313021fb0f79c26102f9fad62b69bbe15487cd5544813d90b8f80a289c75244e4955a291e7c9b7a8e863d1c7a2118879fd0240e3b9e111568d60d3d25d4cdf3b0f4347f69d51a91a858b65dd3f51db0b671c81b7fa3cf40788ec8cca5e0126078a63e3c42a1f3935db95f6e05ff1503dad9a289defacadde9691821210e4bbdf4333ba6d67fbf24444db49b6c82014521d494527b4136270b892f71aa03320485cd6ab54a7ced799857d5759a227af992cc123b9e685b399e3eb0bfb9a3ff7dd0582a1e621498390f1c91341003a8c7862a9e33501921fb4bc48e93fd08f5e6f29944d6dbe94dee674f26d4c3e98f1adf54f21f51b9a51618a734c48cce28f2e372aef12d7241504852b64b8c0484f2d64365dbaac86e54eb9b014e942bd9974baaa885da8f4f5a74e9c1774f7f103e86c1b7a3bae9847fd8f67806b7c49c40a64df4775b40b6ea9b0f1e1b6f45198c73e45fb4f968a20e209e364c42cc3846ef9ad9205448d5cfddd92526ae6411d44f7a38cf759d50ce9602da96cf90d80ffbac4cb6861fed262c99a3c291bcdc426a477b42b5c122693d10e65fdedc7c304c3347999bfcd67e3d8d20d6de6a1424bdc707bd5b86c664b5244d4976f890f0564f539ae37175c5cb4684f8d58e890627588de36d049110fa86baf887a23e6cf255534880040a6c9422f14cf192bd0a2216b15ca0969a46248f15e840355b5efdfca797ee7ce4ee156ee22120bf0ad790ab811781e660e091a1ad987b25d0947c2472ec2a9fe8527b91a6973c7030708f7c497f0055b0234a20413fea27affa64ea66720b2c09780d5fee8efe924b30c4e7ca4218b4f5eb2067530097e5626c9f75030fab968fb33dc04b9802dd8a4e8f6b6f2d686821e05e5d7bafed00a9f669a9a4574b1017df55d31f55b8e71877df20ba8754983456fd3ad6c8965fb08c369ec6e417d053cac2f46db955fb8d32a2154ec73d6b3d4f0c0559c5b6f1ca8ccafb044a5f4f1a231e159352498cfc6bc9f9d83194ad4f5f2fe368a507214c7e3963ff63632c28d65dae21277b89e85f4086a7cf89b62c15f5c3939b50249642d78ccbfcd98e0f329efa05af0bbb2eee2b103745004ab6832dc52d9cc51f3ddb2fbbc9e32b1a2070fc22d5bd9b23ec57bf1b58c2064b9a34160a24a49f32572209d35324694e44177370f4052879418f4f560ab72cb142211f41247a5c26842ea273d8f7b55a053d3dd6b3df051bd738af0451add81aeb7b4f3e0ee0c4db75d6f838f04abcb8c396ca20d5cb2ffe3e2fb8214d5e40cf90f0d6cdd9d61a5427bfc4d49816c80b82d0661b55460eafeb23709652bf4dbade7469f940af868d427ccd7b35a20f133a1a28322b0829c8c51a0703ca7ae7b01eb026f9ac63e3219cf71715af5f5082d47cf8d2a5fa62e363b6c5b5a6b425859666e7430eff03f8b93492882043cb5f3469a2159972066448530adf4a27839ff3c557eb447ca89bab853e7eaa1bb7751081cab2be032a4e256434bc9e37e8bd2a1af6b71b5d60da8fdfac1263d8c711b72f56085716365d3c7938bb30f4bb049468a78858353a84d83f8cf6eef83411a058900263443967fd15da238a59dd153a96dfeb6e2e04d6af545d21f17b4cc06c660cf6d64b51f44b045341b7f19f6cdb0db60c60bff2dff9a31a1f94598a4a489e4fc45cd7686585eca68e17b0cbbef6a237b91ced2b701b8b9974a5fe55dc6e1b34b591438d11dbd1e73ca89e0b31f49978a4e11909d3be2ec4ac5a168bff8f7384454e654bfb987b17d29d04f885d8d1b7cf9b3c5a12709a548c9abe857850595a54fd63fb902b5c49e04f5eae09ae416ffcda5063d1f0134e0f29a9769dc311dbeb3d8d08a406757e17b03ec907d53f653357c52577cd5fc833200263109488c818de97e64939cf6654e1ec8ff327acf2e9a4a73acc9f140604b70982cb363263ac3863f168730350c43cee43eb95ce1ebd9f286476432dd0a407b673fd8637b9b5a90a52f02d6e6fb5e3f7c7e7f48370319a757ea81655d8a6662140e3844e7dab118939346e48fa24d7c00acd6c67e0733eb8feed9427607e86cc0bd0fb3479eb98220803a9cb90ea227d184157bd5a4395551e03e7d309d8876556cec7beba4d6f111748027650110a9be61bef65415d1b68b973ba5d50b0e9660f7b553fed0d15a9eb4636e130a74ce77864ecba529b0483f13e0df8d77f835e71e924d7739a05041828ebf81619891159944ee90a874e20afa49c1e8b2d7601c19d84ce120a2eb9a9882d92156ee84688fa777bcbd718e290a07dcc578798ad4cc35dcac18c5caa0b8220aaf3502b3ba975908e1da728e0fe9dedb182fadff464536c5f80dcc1ca7789db77ea6fdbef739e187defd5120ae4e1d0da81d28eaa087f174b8bc847d1d2ba214f10089b2125d44c2bd7d5e04b0d1174fb3ee81d0bd1ab26fc6a43b87720fb026e4bebd864e24567db1fe71a9df8b85706ec81666f3e84a764b3308fe64a6a073b15c1ca26d232db7eca1a0d62f011eb1d95e46a95e52eb93f2a9d3584cd3e5f60ec6760b524061e8df80afa411907d1cf56d6a5a2c4e780216fe3de9195cd0ff435801d8f9065839c7b55b40ed7d657afa4712f1410e908d22f59ec991b4720b4f029326f869a6f3b9dad4788cc1a23821faf2c6dbfd953d2cfc93b1472bbfcc6ada7e547b6fb05ccc69cdcbf7cfc956fb91cfaa2d86c876b795a34318505136cc83239a8fb3a92d293d7a2e64144e9a3aa0a713f000726e195cd6cf8531eb1362f63bf1d9e2f2b0a352f6f829e72ce2754c8121ded5b06afd80f39d1b48115c4bf7bd760f6667944ba096c1cee6329d31353a14c62687d2090c8f16c8d2627c6bcd0792e57330718964ea60d8f61bfe0e27ce20a0a5681592adba347965f59e5416ca57563519599b3685533726266c0de72336b85203a9779912c0244c3d261ba7854bee31ca5da640439fd947ca119cdbce6745d58233deaea67cc56da4da7c1af0c1530004f49304bc1a60cd6a57164da9042eadcd95d48b35732ce03fc54296b97a5d1ac93a56dd44d2c5280b4d44530055631dbd27867cca0f5e868f4ac88432d5437275692f3c87be3d622239e993f33fa468008a5dcc1914c6f6ed7ff119351fa397882f2b8aeb0fc98d0ea09bdc8100be1fbfaed9691da7b04be1cc2787f03bb937de9245600f0386fa23297bf9e6f3cb463c6fa207bd3e3a6c9da1342ef4215ea7ae56cf5a2d3d54e5d01a8994b7a82ad6e7e93e0de1f79c8b0b1d0e87d9e08de5682582f0a27b1590b5b98ce5f787720894e00dd6be0762f74d0b1abb7d615b1edfb597e932e25bb9ccabee321e792428a81590bf4eb84679cb8b7db97e3b8a739d7ee57f84c58dd42f7e38c2b44f143e94079e665cf8fe56c3691d8c58fb4480869d26842f57139a0d2522acf0d5b8c51cd02894c66e2f96174ea5463c096bcb4774ece1bda77cc3f17981db8573e3d3ff986ebdf61972bf6d614c8ccaeba94b6bba65323495e6692f0f6ae3e0110d38d4a52bbf3c222b8959798b0a210c707e6c7c08a735056779a2dd6de7222dc271ae9637f8a32763d820efbcaf8476b76473559d2c2621428906c851db42e431d105b7b3a629b26f40094300b586819b2d978b3c24f60bdeb97d80599fa9b8b64e5055a6768dcdb326ed01a13a5c06fde9ace080a4a88ced95847e4044d03387e2e0d8b227000bc4be262868f5d4f3fc64aa317a7b2017ae5277c9a33bea1ed0e289301c9fb3fe3b73628395031a0a843d983f3e13c9941f14b2c15040c3115d5829fe263944539340b028dcb7e8df078322c3207c349fa5f9b7b41a73ad81eefe0f1623835e7315119e7d84729cd883f8c8829d1ad856e6dd0683bef580e98966e14035aaa56186162e61a6146e4d2bc6633b827092014a36c69ddc9b6f941a2da5e2f8d2a6839be6c47b6190cc659037eaddc2bfa6e08986121a83afdf28eeb7eec121b630fd183ff8f7e196eae68bba0031329ea5f34f7df0951f91c644914acc60f459ccb657c085950849cb52e094d0a5b5b58a14c7d65068fb982e274d2a494ee84de2e2f98b46b8ad34762eeb3639a032ef5464f1a4c8bfcd10adffcad45de83f5c72bca2b96f86518d2c680449181c20cf1ac98ef12cff698c9a8c03291da615fc2b2c8b6c2fdd7ccda21e202d0dc1e7692b900d5fecae6afb211d07bf98b3826f247b197175257d98af37f57c6ce495b858dc47449fd73048c1b11727f066f8fa13d6adba36240007e0d56a100407c464f1c90b934b511e96fa271248968bd048deb1a761757bd41894db6f51a282d4a67a23578d605646e714b0499fd0499bb8d919aff6f76e974e8b88744a6253f3665c1756473f63ebd1a7f81f506f3be07eb0d17c98f77baf409e46b2fdc6d508295f343ffa9de38c3a779dd49f2b189e68dcedece8b60d08800ed58bb08fe66b1e7f256bf053a893e018b7ffe0eded465ca1c3a4fae7d97543a2391d625f9a0d355851761039b915fb35d2a664aebe92be9ccdf07c02de29c5838865b009ae4abe8918c21fea60225cf139f110f5cfe8f764e05e338855943fff1d81a1e1033eb276d2cd814b285157b7802a7eac898449a6945fb9c824da5a4355febf573e8ab28e32fb607b9664c3293e2d941e2a4118c88509cbbc18090765f1aa351bb6f804e884bb5f259fef819a73c", 0x1000, 0x7ff}], 0x802000, &(0x7f0000001300)={[{'vfat\x00'}, {'vfat\x00'}], [{@dont_measure}, {@obj_user={'obj_user', 0x3d, 'vfat\x00'}}, {@fowner_gt}, {@fowner_gt={'fowner>', 0xee00}}, {@smackfsroot}, {@euid_gt={'euid>', 0xee00}}]})
r1 = openat(r0, &(0x7f0000000100)='./file1\x00', 0x42, 0x1c)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendfile(r1, r2, 0x0, 0x3)

15:46:56 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 68)

[ 2692.009498] syz-executor.2: attempt to access beyond end of device
[ 2692.009498] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2692.011247] Buffer I/O error on dev loop2, logical block 10, lost async page write
15:46:56 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 45)

[ 2692.068359] loop6: detected capacity change from 0 to 40
[ 2692.083344] loop3: detected capacity change from 0 to 40
15:46:56 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x7fffffff, 0x9, &(0x7f00000007c0)=[{&(0x7f00000000c0)="0c8e11afd64d424e98ca99f8a1a0d41de7e25f683ea0b1446b58cdb380ea282e72aeae", 0x23, 0x9}, {&(0x7f0000000300)="d0f5dfb5042fc5e53bccfa7c1f916318d550d006c09be656607c0591da873f5b6d0c18b5c08ada30f5e0414ea8ee6ae9e7186130681151ffde99347ee2c28f71a539475813f6aadf24d7bef695daedb62529c88d48e6ed9fb28bb527cba9862ad7514036e01393501c9cdd52e254705bed51e8cf8ae4595541f1c91161bd232f26f55395d4e3b903bd4d8d7c71f09ee58a432fce50457b357d961911535e4e1cb3d8d945371355d877b83735248ad8", 0xaf, 0x9}, {&(0x7f00000003c0)="9a95fb2f144a67dc913b58c91d89963fd2ccd7dc979cbdc70b760b2dfab19ce0ebcff62e1cebbbe5a5aadaaf2c06e2319c463e822c311d54d8bc6f2e2a738e131614853ccaab8722ed3016c68136f156d965d3f97c3e1e1216b659a01da373a0bdbbb068161cb993cbbead1759432bc9f3dc62e0780bdee587bcabef7a054ec4936b47bb290f3244cf3e2f334c33550f35b3fb63df1de33bfbd976d2a76984889c7530475818f724e30e2df9c662ae90ab6a832fe5289d6aea", 0xb9, 0xb15}, {&(0x7f0000000480)="496fffb4c4349102a0c1301c364359ae86a99b5b3413089fbbb4249f030d93b31f5a61c442b248dd45a53416fa15291b4acb82a1e7e76a793c5d556ad4250b9785e15d707e328a287e3a02a337445ebe6541949d9d3aee5c584911c5d3d64f402d9d259391b5f640c9466e6c095528431f820e914c7b428aa5e3a0ed6092f4f20c81b817245789402003a44343103e24356031d308c3231c10b5ff0c6fd839bf58663858048b392dbb5a76af21b54d8f4f2336a6f2d4855bdb549e9c9df2b01d7561c7bee3f59673a28bebebcbcf5587ac98496dd74200"/224, 0xe0}, {&(0x7f0000000580)="5efdff87fe94e70ce788c0c0afdcc657f29e63a90474a1b381b93ef15e6a9dab4df33309d2811b15dc8e2d686b2bcdda4d50bf1f21be6d778e1cae9c900c0f7bab54daeb18de2bb04f40d26b653a4e76544ec99332eeb2e1de909bc09a168f044bfdf9a62e25d8e3d9b17cdafa818490c979a16b699b612ecbc0069a6fd9e72d7a732c0fabbdca1a345400b0b6982e79abaf957741f2fe0b49ec2c65541fcca8899f6e98d81ca38d7c8f8cf28274db4529b07e884b5485ef00", 0xb9, 0x5f74}, {&(0x7f0000000640)="164c00c936df0fd8f55ba9e61f053fa28a027e9687b76b4a0f32331f50e0c01d633a4b2c2f9f31e3fd41ceb36373e70fcb3b2d91dd72d492b5a2a2446cecf9fb4d56041e3f58477d0b7519e9d1b8402a50f2704aed5f949ea5379972476da4b26e97e0e86eabc970352da9cddf9926881807351779bcab11a3670543acf5ba43a7bd339dbfe734a5c0741b3c7471b7887cc348aee035686fd64f20d4243dc96303f18f2ad027009b745e4b2106ebbe29c2656832925f5a18362f948df7d4a4b5f9", 0xc1, 0xc701}, {&(0x7f0000000180)="791da51d9ba98055c5d30fb4d4569b3c0c5ecfefd90534b1542732d2996a19e1d2a4ea3a1b7a048bf8f5ccea47ed480151c03660e6bcd2b779296d60008a465fac306f3155b3ea3bb7933858eabb2e80355f32ddc81e93338dc881b1b97c3c894793ff432cf486c66eba451484eaa161a7557f", 0x73, 0x7}, {&(0x7f0000000240)="92d737f8e6b2829022592c205ec7415c68fd7d17e4f2229110a662a9f7", 0x1d, 0x4}, {&(0x7f0000000740)="584fbfd7bcc7e8148ab46eca861d0ed1cb9b7efd0f8850d7ea2baded5e37fd8e33d49934a1538c159475c8825fdefffd2e793973f9b51c63d03037a1f5184c9ca7137388e7cdd7a4a510e40e185e05120a981439f5", 0x55}], 0x10000, &(0x7f00000008c0)={[{@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp866'}}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x5}}, {@shortname_win95}, {@shortname_winnt}, {@shortname_winnt}, {@uni_xlateno}], [{@obj_role={'obj_role', 0x3d, 'vfat\x00'}}, {@smackfsdef={'smackfsdef', 0x3d, 'vfat\x00'}}, {@subj_type={'subj_type', 0x3d, ')\xdd\x13[[)'}}, {@permit_directio}, {@defcontext={'defcontext', 0x3d, 'system_u'}}, {@appraise}, {@func={'func', 0x3d, 'BPRM_CHECK'}}]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:46:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 46)

15:46:56 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 64)

[ 2692.156173] loop7: detected capacity change from 0 to 40
[ 2692.167619] loop4: detected capacity change from 0 to 40
[ 2692.193769] loop2: detected capacity change from 0 to 40
[ 2692.212140] FAULT_INJECTION: forcing a failure.
[ 2692.212140] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2692.213788] CPU: 0 PID: 11420 Comm: syz-executor.6 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2692.214781] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2692.215783] Call Trace:
[ 2692.216111]  <TASK>
[ 2692.216403]  dump_stack_lvl+0xc1/0xf0
[ 2692.216921]  should_fail_ex+0x4b4/0x5b0
[ 2692.217451]  prepare_alloc_pages+0x178/0x500
[ 2692.218023]  ? __pfx_perf_trace_lock+0x10/0x10
[ 2692.218622]  __alloc_pages+0x149/0x480
[ 2692.219132]  ? lock_acquire+0x19a/0x4c0
[ 2692.219642]  ? __pfx___alloc_pages+0x10/0x10
[ 2692.220220]  ? lock_release+0x1e3/0x680
[ 2692.220737]  ? xas_start+0x14e/0x710
[ 2692.221224]  alloc_pages+0x1a0/0x260
[ 2692.221728]  filemap_alloc_folio+0x374/0x410
[ 2692.222326]  ? __pfx_filemap_alloc_folio+0x10/0x10
[ 2692.222963]  ? find_held_lock+0x2c/0x110
[ 2692.223533]  ? finish_task_switch.isra.0+0x1fe/0x830
[ 2692.224203]  ? lock_release+0x1e3/0x680
[ 2692.224730]  __filemap_get_folio+0x285/0x8d0
[ 2692.225327]  pagecache_get_page+0x2e/0x120
[ 2692.225875]  ? __pfx_fat_get_block+0x10/0x10
[ 2692.226468]  block_write_begin+0x35/0x450
[ 2692.227017]  cont_write_begin+0x4fe/0x700
[ 2692.227586]  ? __pfx_fat_get_block+0x10/0x10
[ 2692.228179]  ? __pfx_cont_write_begin+0x10/0x10
[ 2692.228781]  ? __mark_inode_dirty+0x68c/0xc10
[ 2692.229394]  fat_write_begin+0x89/0x180
[ 2692.229928]  ? __pfx_fat_get_block+0x10/0x10
[ 2692.230525]  generic_perform_write+0x25a/0x580
[ 2692.231135]  ? __pfx_generic_perform_write+0x10/0x10
[ 2692.231811]  ? __pfx_fat_update_time+0x10/0x10
[ 2692.232424]  ? __pfx_file_update_time+0x10/0x10
[ 2692.233030]  ? generic_write_checks+0x2c0/0x400
[ 2692.233661]  __generic_file_write_iter+0x308/0x4b0
[ 2692.234304]  ? do_sendfile+0xb1d/0x12b0
[ 2692.234827]  ? __x64_sys_sendfile64+0x1d5/0x210
[ 2692.235456]  ? do_syscall_64+0x3f/0x90
[ 2692.235977]  generic_file_write_iter+0xe7/0x350
[ 2692.236612]  do_iter_readv_writev+0x211/0x3c0
[ 2692.237201]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 2692.237848]  ? avc_policy_seqno+0x9/0x20
[ 2692.238387]  ? security_file_permission+0xb5/0xe0
[ 2692.239031]  do_iter_write+0x189/0x7e0
[ 2692.239565]  ? __kmem_cache_alloc_node+0x1bc/0x310
[ 2692.240215]  ? kasan_set_track+0x25/0x30
[ 2692.240767]  vfs_iter_write+0x74/0xb0
[ 2692.241271]  iter_file_splice_write+0x73f/0xcb0
[ 2692.241912]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2692.242588]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2692.243285]  ? inode_security+0x105/0x140
[ 2692.243871]  ? security_file_permission+0xb5/0xe0
[ 2692.244505]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2692.245187]  direct_splice_actor+0x113/0x180
[ 2692.245781]  splice_direct_to_actor+0x33a/0x8c0
[ 2692.246400]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2692.247057]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2692.247741]  ? security_file_permission+0xb5/0xe0
[ 2692.248348]  do_splice_direct+0x1bc/0x290
[ 2692.248890]  ? __pfx_do_splice_direct+0x10/0x10
[ 2692.249492]  ? lock_is_held_type+0x9f/0x120
[ 2692.250055]  do_sendfile+0xb1d/0x12b0
[ 2692.250561]  ? __pfx_do_sendfile+0x10/0x10
[ 2692.251125]  __x64_sys_sendfile64+0x1d5/0x210
[ 2692.251747]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2692.252413]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2692.253102]  do_syscall_64+0x3f/0x90
[ 2692.253592]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2692.254257] RIP: 0033:0x7f746e5b1b19
[ 2692.254743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2692.257024] RSP: 002b:00007f746bb27188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2692.257993] RAX: ffffffffffffffda RBX: 00007f746e6c4f60 RCX: 00007f746e5b1b19
[ 2692.258903] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2692.259806] RBP: 00007f746bb271d0 R08: 0000000000000000 R09: 0000000000000000
[ 2692.260692] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2692.261588] R13: 00007ffcd6c9647f R14: 00007f746bb27300 R15: 0000000000022000
[ 2692.262506]  </TASK>
15:46:56 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x3, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200, 0x80)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendfile(r2, r0, 0x0, 0x400007fff)
umount2(&(0x7f0000000040)='./file1\x00', 0xb)

[ 2692.388516] loop0: detected capacity change from 0 to 40
15:46:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 47)

15:46:56 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 46)

15:46:56 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 67)

[ 2692.430555] loop1: detected capacity change from 0 to 40
15:46:57 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(0x0, r2, 0x0)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1, 0x4, &(0x7f0000000180)=[{&(0x7f0000000300)="dd20ba2dd5d08524c529b62cd75fd0820356fbacc7896030cb1225ddcabd4dd26073401b7ae6524657bc725238a62dea95a750345e5827fe03f762349aa8e1407eb3ef662a214974a82f80f51f013340ba539fae835fdd852e0e650cdbc47d68c89d818014d99fd39fc1922feea99033d4ce10006a5419e7ff327a9e49a88dadbd8fcc409b4fe50eef80173b5565b78d14bbad7f4e8baedfe9323bc20e98e1f5f5016cd16b2d4946b6d797f99b82a705f3c710392f7b4c3eb4787fdc868144753b06fd0714c410f7f22e5339f5f36cb6b63a428b5c2b344a75509df50c7ec825ef3d968d06f6005975e71fa9255c4d06d070eda5b7a2945b32de78f6dbc46f7594f19e6c17458c544038ffbab07804787e04538cc73fea67f66a13f04751635b7af922e6f4b5d261828c4985c38790054c8ae1a01b052cb2f3872ca4a8ec9068a228dfa91e1987a73463293ffcb83c15cd4734a01fa65dd2bc3c2fc3211488faaf7499b4336e013f2c848eced5be230282e53059b70cc0525630e4ec5c0f07587530360d7d82380b0a91422000f39f8931d8aabb55f0a835cec63ddf236af06cfbde42cb8d2056495ee641c413e5830ca2e260a3cefa601de0ea78ea85b1171dcd7627ef392da9c678287135f9ea5175acdcfb1654b16c236b7a1521109a987c9ac453a0916f35cc5eaf462da0ebfa0de6af055cd109ffe2372cdbe41d8c912ee265dff4d6b9e29b2386e836f2a11f400a2c2f145c3a137ddf172a01973c5f18ba6eec2075f0ad4e45c1b42c503baf4197efc9e952c033e4dc75b8e9800b712e7ccb4ebeda02bded85ccc74792c8bbaef75a6bce9a374d61d7ff3a9d0fc3e2193588740971a5cb23fb73690722f2978b50ab21613d939fcc525162598b22918476c300aa3f0953180fc8821c9389f99cffc5659566a4813c026dc5ddc9e1331e3c213ed4dc9e6551644ebb5de057abaac09b8dc52a6ba58558c3f31c88914d4baa2462747d6ecd00df731a679416e4ebebde7791435215a8f8f2c6bbdd86980e04781c96653ac05ba383b56b87c828ad384843a12b404f1ffe9a7154c681e0ef0f5281708a1a50b6bacf257667c49285f6f29e0f6f23f89713a3626fb737165a46083444d86c3105ab325020f504f31552fcfa494ca93a239fe2b6c1ab18619f7e2e7cd0df531aa9ccfc1ede46ce12429f6a7005606e5ef0ccfec2a30c023e4f9f96c68214278b8e9ad6baeb16143c601e89143b495b0cc18d0e63b158864d11857391151610f521599bd626e01b27dd0e57641baf6cbc469f3c6c2b0923f19cc4df6f84afed4bb5a02cadc29606f6016571c25e7b3a70218d9311dd7168525a1f594fc0342babd109e691c8dbab93d030db7d19813dc12330c35f76779b6e591c22ebf4147c5d1f393b13c7ae7d0fcae7af3371870d6f8e21e162d9d57734238c7b13d1c18289ad05405e8439498e83d16ff64f6aeb3830a033baab277ee15ffb1de1d73d18ea70c084d85b5908acc337421f88f544909d80c15461bb8e818edaa69c8cb8817599d2e51057aca525474e838b4edadf3652d5a7e03b6bd7fdf4a77f5e47bf430a8176b434b5442c43497bcfaa23bc27a46aa5c5d75128752cf6cf0aaa892cf7aa5283423bb4ec08c8e5014e5de4d64af5d29711845731524aa4a95d163e1e6d5941126783fff3c4d1e9f62fad09bbfc4f22b5dac9bd86781f2c89da7b3303465e6c95f79b34cf09f4a30540ba8d53d3f8fd226c3f1deb6c300a933186bd23d455d0ecb3e0f2ff71376e1f81b7529995b8608dff18dca9e29c4ceb25831010ec5ed4dcdd3e42318121f4bf19413e3d6607e170f85de616869439a733e473be38ec18a4bb9b4ec10c6acd3d72af252a52c1e3638640b6e2f117b13b53d984c2b69f3320362ddb29e33bb9d61e47c8cc07a074344439d6d98d94359acff316682a95f021fb1e4800fd5cf3e7468ecd6bb8da1d25d923ebec5b878951af14838fee2c509df6e6cd551c8b7ff2ca53f633661a4a343a04e6cc4ea746137e1f3c37f1f4c1ceb5efcb264494e90e1a6277ad7c5d2540d50a900232137180bcb2c130478be9f96fc6dfd1c2d93eb69d16c48f1008eb7bf9a8f3bb1c1b79169756d09e49f45199f9921f3812493e62f74d3629e01af50c59dee916f10dfc4d8e05663fe54b588c3ac1aee2a0e301bead83ff4b810eec68eebab0ab84db414e0fda756ae93711c802c13892a956c514254d65b17f5c1cdb033112e9306686ef2967c3a18772fb1f764eee34f2bbfe606fc560923144c114820f03525e07c734eaf0094a55b4a6b592c9721f671065a5901f5e01a15b3623dba646c7e25c5811c91dcbe656289aa2fd357cf4981fbecb70380ac81f8bac12f157a15bd6aa65258f560c78a900ec2f4591b18bf296f6c99eccf91c6d43ca69aef15aa223383c686d6122bab7fed4da748a4fbc457b8f412ae06fe8d4b231aed0c1ef55feb8a948602742bc39628b2eb6ad95fc83021cc8747b2c1b931b8b631e51c47182b7f39b78366ba382222d5d9059d2ade8da032cfa97c0638f08003356f7472702cd6cdb39e18746a9eda3e403228ab99f27e181089d2e4862e65a7e071faca5c2b3eaf69be2713a065048d0bbf63083219e8507a77b00595ae8fffa3853f8d0d03fa623e480d54cf105219e53c441847453c6e075282d6f5237259f1279dff9b4a1b8998904de96edb9fff1be2a685331af9acbc0ee471ea83a8c21e2b4176e0b495b11a4f5fac06853abe33fcd8185969081846d572213181d3431691b6b3e1f2730c6bdb53524b15e64c587f7f257ff161f82f73bcdda95d524adfd6076ab43cfcc3e56ae6f5d15254f27949d160be07eab739c575aa9d68397c6329c79e4a4c9159ae7b1b31d0f54e94152e97708066cc60dfef0e3e801a8620268205b04c05a5ac0debcc808ef78016ffa36c9090140840af1fe70974e94699c8cf7dda7d4183e79d7d83b773db48054102758bfef0116e143d10c5154fc5ca2afa40d22911eeb130d0ebbe6a4b27439bce73698b4d1fd54a7e3cb575ade6d0f59036fc560b6a1d6baeb9217a7630028604a0c885079b5dde7efb55df20a950322d11398b9b89ec433848fcf90a3590270d1e80a290aaacad605882c0429682df34220e08d5dc56b7476a178c8bfd2c7fadc3bd24e85ccc1e61cb6d680e882406ccebed4b45827e9a0c32124032f7721e27a540fca019b3d7660768fe9c237417f36f9edb646a43ac9a8cf03a9c3b3dc58e3286b7a9a93b467e1cd2161d9bd9833ad8c9a4143d5336e21aa9ae7d582d68cb7dda17f4f9c85a04da59cba2027d230ea8bc7c2aa89e43233baaafadac31f4922f360a9f0e0b2f504f3ce92c9179ea5d599db76e29d8f17af758f738159edfb8252f5fc944ae6abce724aeea4e6cb30030e396620ad36352e297445fec27031e3bc0eed4137a973e834f5fe01e107480cf0cf3c3a7050c05829bcad3bdb50fa535535373ebf464034dde9b78f9e925668a1b849d02e8e4aac51793126c8bbf234c79533543e3b94a2e6f3b0ed5ee441d9d5ef73071f56c6c4b2a4907fd9406ad521f0834f24e8d7e8e1c95f905159d6fae96059251340337120dfe394a5770f00bc8f7e37ca1191ecbbe721def41df8c3224893ab6151699c067f7fc59e458f25048cb161c5cc6e3cfc406f0b828037036320704c8ef23410aabac20a48bc6f47f66c466d1e253b8ddd912e91a1f5bcc306972abf8bc863a82203227b0a6a881cde9f483cef9c7ffb987637d584c20e57871350575428a373d661c3ef14e101f90d0f7aea2b9f34a5c67809ae9b4f670f8a91272cbb0f82ae6071aa7e56f22ea1cbdfd0531cb322cdaa7eb90ade8bf50775e6532352cd54fb1a829c2cc85a798c00558a4625d5711504ac579f3521be61fa274bd52af92627b98d57b016be2f4d62256929e406457b22a5af2583fc127e6ddaa82213576c66b7726db992c12abe04136a03f0ea45bb9d25084bc298ba2fe149ec43a33f88326484a7f4a6eff9339670ce5f6c476d2073866702060b134ef9b9e4d94a65909061ff6fe72d65fb8b122e220b8a0552aa9f947df94bc7f36835acb3eaa8e8ce0a918654e16ef9d9e42f8032bd74f3aa31ca83dce0143e1714b61fe21d705ebd2a96804cb9ac107aebf80763ecdcf57648109082ebc145cb8dc1cfba03cf5dd3ef50c153cccde5715b6f338108deb014767cf23bc21dfbc8c87c41c16ee23363975c1e0013f8d90d48fd727b9d0afe9bc646082783f7f95e87c56776377d5a049b8a49aa191067057b70e769827f9de25a1cb78f39b75ecb1f1c9f60d97aa55f6f38d0e18a767d5067b4a5196868548b4a506f010b4be929cc774ee398913b979634cf4bd107b4cd81c4159e2b7f37e16e26147205d9e7c8cf230a77edb5320c20c50406414270e0353f7d0808c1214d725ac090c141035fe4eb6b54354bbe77728a822822715ac8aff8b3e47dfb39d48af2b26549fe66bdfb2cc22b930fde8fb0b04a497b25a3631ca16781a8eadf9bb96a058bce3ae313dd0c6854f1de10052003d39acba8318dc1f9073dd8290aeab0807e52f4c28aa878f39af30dd1425936799e6e462ca517a667c57eb10a612ffb0d93f384d50631945b4dc9d0c6ad7271280af73b64f8f36b973f51a1d7b200cb1493f845687877900c98132492024b42ccc735e52ce6ff96ffedf27c8c9c720aedf1dabf156c85c64d07c86b35bd50a5ccec9bca66c4752a220195096e03519b438c6e81f3c516c7a910eac824a55e9afb7ec588c408352bf58c345cf4fbae2ec67429893e55ef4e0fe8a01c602e8805e4c77922826cc264f7566f44209079149892ceebbb2b8aa9f9e5f787bd836c390e99a70c38f899536cfb2298db7cfe0336184c4f8639f25dd58541cb0e7b6ffcb9daedb934356f260c2f74def730bba5b480cce6929b9ac26dadf1e5c0f7157c37d55fc0ed9c6ed8f8255867007b7323ba557e838444bacec64ae2ef0fc78bc57b594da0954ff1299cbe39a6c53cf68202aaf6b9812f85b53b514320ffaaa1508c675fc52adad3e7c38ea0f2d4a678c735088953e1f4ae7cd8c05bd4b0f033ce28ee04d39823b48339c8a5d369d18396aef47092c4c44c3b9198391263729fdbe5eea67fe9f84187af12926a6506007b528ab77de78f2852ca5565ae01546ae7fea7fea0078fbca3f328500970eb79d875e6d3c40cac3839b2dbef0080b727aee3e464d59f88ac4fbe971076bf9ef1934e809f80f401c8bc5ee4e8d7cbe79dc3073c5a8fc0666e32dbde8e02ed5cedcabd499b2ebd93195b926065c09d6ea34528dda33d415b4a9276512aed1f9581082e9c1e5e26aa979b9a24b96745902b246d04d1a427e8605b3647f3cdceaa81f5ca07288784a92dfe92f0b017b7cb5df9559d759eea0ef07fbd792a6c2bea5a22cede5c2150d352c681b79b72352eddf266a34eb6f8f99b164257716636dfeb41621c72dad9c9b70fd003986b80db43aba1a630d48bb72fe37be33a10c5643db36edd340ff760884d1fc337256cb148cd438870e363e6252740bdd2f24b745e58d8d966140c8d560aabbc9486c6c09146c510b0398982d75b3b47e45d03d1526b3a5265579bb650565fa95f341c1d39ed1113086389292cbd489241ddd37a15633831c698e4b0b57d1a7cfaee317561d291376c1e9a7ff711b101a5855116833bd8f6c85f69cb0544776ed9e8718cce90a2d6a95757c0fe0496bdbd94e44494623cba5357dd194536e177120148", 0x1000, 0x7fffffff}, {&(0x7f0000001300)="cf392d07cfa8487370127a2283083984d15e2caf5fea64416692f72e9f4abebeab4becd91e9ceda9519848e526d3fab3c761612546812dc1a4679bb0bd0829cbf354ce0aa95ea8765e4556985fb103116d6b35bf043aba67b5c91bcea35fe9cb474cdbc0b50ccce5797dd5ccdb51d81263fee89b9282e27f438746ddacff37c0108fd3508ffe574a573f3a35a375fdd5be69f4745a48cfa3ad3859e0d14e50dc3e0068f213c53b1d998b78c890eff3b17bf713ae4143313d61140b37d1cd28a154a8a66a856bdaaa4ed6b865fc78cbd3b9aaeda001253c79c4661f3dcc68e8151ac3db88e59886631f1c1041569d581f7d5ce9", 0xf3, 0x1}, {&(0x7f0000001400)="9f974914be4b4b2114707aff5d360864846be67df0d74f619992c76c16ebb998f01e60c563841748b0579c7e7fe649952e158dc6f4565a4670a540642c19cdbf9c19894dbb5b0ffea854f2142bafb66f6ec43841b157c985447f2161290570b4e2cb364ac0f4912ae45f2c2f24158983a877f0f3323c92c8037732eb3aa9d8df212482d44a7329a5555a02c861cdc1a5a3b9b886c9efd0e0926cbc", 0x9b, 0x4c1dbe43}, {&(0x7f00000000c0)="b8394c2e841fac0d561c158defc9aed92a5dc3a0177f7684eadc13e8acf4d618d9bbb5e5a08cb7909539ed714b", 0x2d, 0x9}], 0x10000, &(0x7f00000014c0)={[{@hide}], [{@euid_eq={'euid', 0x3d, 0xee00}}, {@appraise_type}, {@smackfshat={'smackfshat', 0x3d, 'vfat\x00'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '8m'}}, {@euid_gt={'euid>', r2}}, {@smackfsroot={'smackfsroot', 0x3d, '[\x00'}}, {@euid_eq}, {@context={'context', 0x3d, 'user_u'}}]})
setxattr$incfs_id(&(0x7f0000001580)='./file1\x00', &(0x7f00000015c0), &(0x7f0000001600)={'0000000000000000000000000000000', 0x31}, 0x20, 0x1)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2692.512424] loop3: detected capacity change from 0 to 40
[ 2692.515313] loop2: detected capacity change from 0 to 40
[ 2692.528331] loop7: detected capacity change from 0 to 40
[ 2692.536071] loop4: detected capacity change from 0 to 40
[ 2692.582855] FAULT_INJECTION: forcing a failure.
[ 2692.582855] name failslab, interval 1, probability 0, space 0, times 0
[ 2692.583797] CPU: 1 PID: 11439 Comm: syz-executor.2 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2692.584390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2692.584983] Call Trace:
[ 2692.585173]  <TASK>
[ 2692.585340]  dump_stack_lvl+0xc1/0xf0
[ 2692.585648]  should_fail_ex+0x4b4/0x5b0
[ 2692.585956]  should_failslab+0x9/0x20
[ 2692.586256]  __kmem_cache_alloc_node+0x5b/0x310
[ 2692.586614]  ? iter_file_splice_write+0x169/0xcb0
[ 2692.586992]  ? iter_file_splice_write+0x169/0xcb0
[ 2692.587373]  __kmalloc+0x4a/0x160
[ 2692.587642]  iter_file_splice_write+0x169/0xcb0
[ 2692.588008]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2692.588397]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2692.588807]  ? inode_security+0x105/0x140
[ 2692.589114]  ? security_file_permission+0xb5/0xe0
[ 2692.589478]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2692.589876]  direct_splice_actor+0x113/0x180
[ 2692.590218]  splice_direct_to_actor+0x33a/0x8c0
[ 2692.590584]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2692.590960]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2692.591380]  ? security_file_permission+0xb5/0xe0
[ 2692.591748]  do_splice_direct+0x1bc/0x290
[ 2692.592069]  ? __pfx_do_splice_direct+0x10/0x10
[ 2692.592436]  ? lock_is_held_type+0x9f/0x120
[ 2692.592763]  do_sendfile+0xb1d/0x12b0
[ 2692.593037]  ? __pfx_do_sendfile+0x10/0x10
[ 2692.593359]  __x64_sys_sendfile64+0x1d5/0x210
[ 2692.593703]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2692.594083]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2692.594480]  do_syscall_64+0x3f/0x90
[ 2692.594762]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2692.595108] RIP: 0033:0x7fe077f6cb19
[ 2692.595398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2692.596690] RSP: 002b:00007fe0754e2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2692.597240] RAX: ffffffffffffffda RBX: 00007fe07807ff60 RCX: 00007fe077f6cb19
[ 2692.597754] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2692.598271] RBP: 00007fe0754e21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2692.598793] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2692.599321] R13: 00007ffda5f9e29f R14: 00007fe0754e2300 R15: 0000000000022000
[ 2692.599858]  </TASK>
[ 2692.660268] loop5: detected capacity change from 0 to 40
15:47:12 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
r2 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x1, 0x432440)
sendfile(r2, r0, 0x0, 0x1)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
mknodat(r3, &(0x7f0000000040)='./file1\x00', 0x8000, 0x4)

[ 2707.935547] loop0: detected capacity change from 0 to 40
[ 2707.940103] loop4: detected capacity change from 0 to 40
15:47:12 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 69)

15:47:12 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 65)

15:47:12 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 68)

15:47:12 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 47)

15:47:12 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 48)

15:47:12 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r2}, './file1\x00'})
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2707.957401] loop2: detected capacity change from 0 to 40
[ 2707.969381] loop6: detected capacity change from 0 to 40
[ 2707.969382] loop1: detected capacity change from 0 to 40
[ 2707.980913] loop7: detected capacity change from 0 to 40
[ 2707.983838] loop3: detected capacity change from 0 to 40
[ 2708.026801] FAULT_INJECTION: forcing a failure.
[ 2708.026801] name failslab, interval 1, probability 0, space 0, times 0
[ 2708.028476] CPU: 0 PID: 11460 Comm: syz-executor.0 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2708.029557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2708.030640] Call Trace:
[ 2708.030988]  <TASK>
[ 2708.031324]  dump_stack_lvl+0xc1/0xf0
[ 2708.031955]  should_fail_ex+0x4b4/0x5b0
[ 2708.032553]  should_failslab+0x9/0x20
[ 2708.033080]  __kmem_cache_alloc_node+0x5b/0x310
[ 2708.033725]  ? iter_file_splice_write+0x169/0xcb0
[ 2708.034437]  ? iter_file_splice_write+0x169/0xcb0
[ 2708.035109]  __kmalloc+0x4a/0x160
[ 2708.035644]  iter_file_splice_write+0x169/0xcb0
[ 2708.036329]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2708.037035]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2708.037786]  ? inode_security+0x105/0x140
[ 2708.038401]  ? security_file_permission+0xb5/0xe0
[ 2708.039054]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2708.039796]  direct_splice_actor+0x113/0x180
[ 2708.040435]  splice_direct_to_actor+0x33a/0x8c0
[ 2708.041089]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2708.041787]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2708.042522]  ? security_file_permission+0xb5/0xe0
[ 2708.043188]  do_splice_direct+0x1bc/0x290
[ 2708.043801]  ? __pfx_do_splice_direct+0x10/0x10
[ 2708.044481]  ? lock_is_held_type+0x9f/0x120
15:47:12 executing program 5:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f00000005c0)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}, {&(0x7f0000000380)="b08014c4f759c8e6a35dfcb1e0392d05f264aa4ee5c1ef125fb18e607aadfce08a91c56abbeb8bc69a73e15af1c9b59e3bea9ca5b1246bd8c9edfab8c0f8959e71dac1c632ebc9a7195b9cfc0fbd0d73348399111a45d31ab9d3575c7cbb1ae56881b59a3fbd525ac6ab4d279985ad293e05", 0x72, 0x400}, {&(0x7f0000000400)="1d91ea258d5e1177754c371cd23ac6276e2359e4fb4c4f0fac56273367723f413efbb4c2edcd09c38caee8b5c92455a518246de57d6e0bce41234035cdc7eef76ffbf41eeef375d37fead33585e2bc983e5b9ca0f18a94c67bd6761a2840abb3b3cd37f1ebd93b87a6175d01e60922ba2af5fa9d9030f2fa6cca63dd74ed4de736ed07e205720fcb5ce7a0b39a177f0328e38d1908c1550845d0db75bb476f53e34ad17b4f6ebf597c89a59b1cff7dea1b", 0xb1, 0x8}, {&(0x7f0000000180)="dc21865f9a4f47d64a7ff3421642070b5ab29f06ec9420bf185be8b616d10d2f5e385e8a6afd5e190be91d874ae641c9d1f00d832aa72c2ab383276cb13fe3", 0x3f, 0x5}, {&(0x7f00000004c0)="bb95da841ebe000a2a943d8417d90294e8752f35eb5f5289ba5448508ef05ce9b433e8f23992a416443fe724d54394231e07cdab42c077938897fe69531783c26b388362c7e196b77cc71b3522cf173dec99bda263e106a0102f693706ebaae7e48bad86c66a1e19dae15fece1f480902e579dbcc49cbae4a927c51029218d", 0x7f, 0xfffffffffffffffd}, {&(0x7f0000000540)="ef1d4d24a3fd8bba19a7602a9ca4d5ea249193dd9d75220a566a806933e3793fcd7d40862d5482f1eadbf48f05580f9cabdc0df206397d5b91d48313ca7b44ae655d2bfe4d26cf2feea0f8ecb369d6669a862b33665e2ffa5abe9bdec89a5a6697e5d227b801442ec7fa0ffa45162279ae908faf92df1fe3db36", 0x7a, 0xffffffffffffffc9}], 0x294041f, &(0x7f0000000140)=ANY=[])
openat(r0, &(0x7f0000000000)='./file0\x00', 0x2a000, 0x11)
chdir(&(0x7f0000000140)='./file1\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
getresgid(&(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000340)=<r2=>0x0)
chown(&(0x7f00000001c0)='./file0\x00', 0xee01, r2)
chown(&(0x7f0000000040)='./file0\x00', 0x0, r2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r1, 0x0, 0xfffffdef)
connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@file={0x0, './file1\x00'}, 0x6e)

[ 2708.045088]  do_sendfile+0xb1d/0x12b0
[ 2708.045827]  ? __pfx_do_sendfile+0x10/0x10
[ 2708.046466]  __x64_sys_sendfile64+0x1d5/0x210
[ 2708.047082]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2708.047809]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2708.048536]  do_syscall_64+0x3f/0x90
[ 2708.049051]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2708.049751] RIP: 0033:0x7fb41b187b19
[ 2708.050279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2708.052673] RSP: 002b:00007fb4186fd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2708.053680] RAX: ffffffffffffffda RBX: 00007fb41b29af60 RCX: 00007fb41b187b19
[ 2708.054639] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2708.055607] RBP: 00007fb4186fd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2708.056550] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2708.057488] R13: 00007ffcd9ca88ff R14: 00007fb4186fd300 R15: 0000000000022000
[ 2708.058469]  </TASK>
[ 2708.068184] FAULT_INJECTION: forcing a failure.
[ 2708.068184] name failslab, interval 1, probability 0, space 0, times 0
[ 2708.069574] CPU: 1 PID: 11471 Comm: syz-executor.7 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2708.070545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2708.071573] Call Trace:
[ 2708.071967]  <TASK>
[ 2708.072253]  dump_stack_lvl+0xc1/0xf0
[ 2708.072874]  should_fail_ex+0x4b4/0x5b0
[ 2708.073377]  should_failslab+0x9/0x20
[ 2708.073856]  __kmem_cache_alloc_node+0x5b/0x310
[ 2708.074559]  ? iter_file_splice_write+0x169/0xcb0
[ 2708.075152]  ? iter_file_splice_write+0x169/0xcb0
[ 2708.075769]  __kmalloc+0x4a/0x160
[ 2708.076331]  iter_file_splice_write+0x169/0xcb0
[ 2708.076928]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2708.077610]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2708.078242]  ? inode_security+0x105/0x140
[ 2708.078777]  ? security_file_permission+0xb5/0xe0
[ 2708.079546]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2708.080172]  direct_splice_actor+0x113/0x180
[ 2708.080723]  splice_direct_to_actor+0x33a/0x8c0
[ 2708.081422]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2708.082193]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2708.082821]  ? security_file_permission+0xb5/0xe0
[ 2708.083506]  do_splice_direct+0x1bc/0x290
[ 2708.084174]  ? __pfx_do_splice_direct+0x10/0x10
[ 2708.084762]  ? lock_is_held_type+0x9f/0x120
[ 2708.085448]  do_sendfile+0xb1d/0x12b0
[ 2708.085937]  ? __pfx_do_sendfile+0x10/0x10
[ 2708.086560]  __x64_sys_sendfile64+0x1d5/0x210
[ 2708.087275]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2708.087916]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2708.088094] bio_check_eod: 11 callbacks suppressed
[ 2708.088120] syz-executor.2: attempt to access beyond end of device
[ 2708.088120] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2708.088513]  do_syscall_64+0x3f/0x90
[ 2708.089232] buffer_io_error: 11 callbacks suppressed
[ 2708.089253] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2708.090455]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2708.090492] RIP: 0033:0x7f7050f93b19
[ 2708.090513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2708.094543] syz-executor.1: attempt to access beyond end of device
[ 2708.094543] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2708.095368] RSP: 002b:00007f704e509188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2708.095400] RAX: ffffffffffffffda RBX: 00007f70510a6f60 RCX: 00007f7050f93b19
[ 2708.095421] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2708.097352] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2708.098138] RBP: 00007f704e5091d0 R08: 0000000000000000 R09: 0000000000000000
[ 2708.098161] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2708.102991] R13: 00007ffeb40769df R14: 00007f704e509300 R15: 0000000000022000
[ 2708.103820]  </TASK>
[ 2708.128013] syz-executor.1: attempt to access beyond end of device
[ 2708.128013] loop1: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2708.129313] Buffer I/O error on dev loop1, logical block 10, lost async page write
[ 2708.139888] syz-executor.3: attempt to access beyond end of device
[ 2708.139888] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2708.141520] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2708.142812] syz-executor.6: attempt to access beyond end of device
[ 2708.142812] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2708.144405] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:47:12 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 49)

[ 2708.155352] loop5: detected capacity change from 0 to 16383
[ 2708.175407] syz-executor.4: attempt to access beyond end of device
[ 2708.175407] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2708.178922] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2708.199812] syz-executor.4: attempt to access beyond end of device
[ 2708.199812] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2708.200785] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2708.209553] loop2: detected capacity change from 0 to 40
[ 2708.258464] syz-executor.2: attempt to access beyond end of device
[ 2708.258464] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2708.259349] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2708.992805] loop5: detected capacity change from 0 to 16383
15:47:26 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 69)

15:47:26 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0xd)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:47:26 executing program 5:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r0, {0x800}}, '.\x00'})
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x10, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@fscache}, {@access_user}, {@debug}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'vfat\x00'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '#):@*'}}, {@hash}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@audit}]}})
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2721.518499] loop3: detected capacity change from 0 to 40
[ 2721.526256] loop4: detected capacity change from 0 to 40
[ 2721.533486] loop0: detected capacity change from 0 to 40
[ 2721.535343] loop2: detected capacity change from 0 to 40
15:47:26 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 50)

15:47:26 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 70)

15:47:26 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}, {&(0x7f0000000000)="33c653972db8819ff000c907498f15dce7de0a6d8f0dbfa08d2756d05427db71efc65719703255387b2fc298e661c13cee4b14bdc4b3db1f560f516d61807eee5d0876b0b2c06a0f492ac4eb37c1ea03021435fd806d9cd7830e8b6466a2ca98c06feee56ec797a8f10d97e40704211042e9ed854a4f9875a3c7b72f0944a6c1", 0x80, 0x8}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x6, 0x40481)
openat(r1, &(0x7f0000000200)='./file1\x00', 0x8540, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r2, r0, 0x0, 0xfffffdef)

[ 2721.546155] loop5: detected capacity change from 0 to 40
15:47:26 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 48)

15:47:26 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 66)

[ 2721.551109] FAT-fs (loop4): invalid media value (0x8f)
[ 2721.551968] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 2721.571587] loop1: detected capacity change from 0 to 40
[ 2721.574208] 9pnet_fd: Insufficient options for proto=fd
[ 2721.582907] loop6: detected capacity change from 0 to 40
[ 2721.588562] loop7: detected capacity change from 0 to 40
[ 2721.607021] syz-executor.3: attempt to access beyond end of device
[ 2721.607021] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2721.608301] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2721.609142] syz-executor.0: attempt to access beyond end of device
[ 2721.609142] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2721.610881] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2721.622444] syz-executor.5: attempt to access beyond end of device
[ 2721.622444] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2721.623361] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2721.632864] 9pnet_fd: Insufficient options for proto=fd
15:47:26 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 70)

[ 2721.638263] syz-executor.5: attempt to access beyond end of device
[ 2721.638263] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2721.639451] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2721.643541] syz-executor.2: attempt to access beyond end of device
[ 2721.643541] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2721.645208] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2721.735734] loop3: detected capacity change from 0 to 40
[ 2721.738337] syz-executor.7: attempt to access beyond end of device
[ 2721.738337] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2721.739305] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2721.744194] syz-executor.6: attempt to access beyond end of device
[ 2721.744194] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2721.745059] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2721.799235] syz-executor.3: attempt to access beyond end of device
[ 2721.799235] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2721.801131] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2722.370586] loop4: detected capacity change from 0 to 40
[ 2722.375473] FAT-fs (loop4): Unrecognized mount option "./file0" or missing value
[ 2735.558880] loop4: detected capacity change from 0 to 40
[ 2735.561983] loop7: detected capacity change from 0 to 40
15:47:40 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 67)

15:47:40 executing program 4:
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000500)={0x1b4, 0x0, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}]}, @TIPC_NLA_BEARER={0x144, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1000}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffc1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x7}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x0, @private2, 0x9f6}}}}, @TIPC_NLA_BEARER_NAME={0x13, 0x1, @l2={'eth', 0x3a, 'ip6gretap0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @multicast2}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x9, @private1={0xfc, 0x1, '\x00', 0x1}, 0x2}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}]}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}, @TIPC_NLA_NET={0x30, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x10001}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x80}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}]}]}, 0x1b4}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/4\x00')
stat(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = dup2(r0, r1)
openat(r4, &(0x7f0000000780)='./file1/file0\x00', 0x902, 0x4)
open_tree(r0, &(0x7f0000000740)='./file1\x00', 0x8100)
r5 = getuid()
newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x800)
stat(&(0x7f0000000380)='./file1/file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
fsetxattr$system_posix_acl(r2, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000440)={{}, {0x1, 0x2}, [{0x2, 0x6, r3}, {0x2, 0x2, r5}, {0x2, 0x0, r6}, {0x2, 0x0, r7}], {0x4, 0x5}, [{0x8, 0x5, 0xee00}], {0x10, 0x3}, {0x20, 0x1}}, 0x4c, 0x6)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:47:40 executing program 1:
r0 = fork()
ptrace$setopts(0x4200, r0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setopts(0x4200, r0, 0x800, 0xb)
rt_tgsigqueueinfo(0xffffffffffffffff, r0, 0x13, &(0x7f0000000000)={0x21, 0x7fffffff, 0x23})
waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000240))
r1 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r3 = openat(r2, &(0x7f00000000c0)='./file1\x00', 0xc440, 0x180)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r4, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendfile(r5, r1, &(0x7f0000000180)=0x1, 0x8)
openat(r3, &(0x7f00000001c0)='./file1\x00', 0x12001, 0x8)
sendfile(r4, r2, 0x0, 0x200)

15:47:40 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 51)

15:47:40 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
accept4$unix(r1, &(0x7f0000000180), &(0x7f00000000c0)=0x6e, 0x41000)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r3 = openat2(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0xe4001, 0x42, 0x6}, 0x18)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000000240))

15:47:40 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 49)

15:47:40 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 71)

15:47:40 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 71)

[ 2735.592095] loop6: detected capacity change from 0 to 40
[ 2735.596918] loop2: detected capacity change from 0 to 40
[ 2735.599939] loop0: detected capacity change from 0 to 40
[ 2735.601016] loop5: detected capacity change from 0 to 40
[ 2735.601355] loop3: detected capacity change from 0 to 40
[ 2735.676840] syz-executor.7: attempt to access beyond end of device
[ 2735.676840] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2735.678529] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2735.697755] FAULT_INJECTION: forcing a failure.
[ 2735.697755] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2735.699399] CPU: 1 PID: 11529 Comm: syz-executor.0 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2735.700506] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2735.701599] Call Trace:
[ 2735.701961]  <TASK>
[ 2735.702290]  dump_stack_lvl+0xc1/0xf0
[ 2735.702852]  should_fail_ex+0x4b4/0x5b0
[ 2735.703443]  prepare_alloc_pages+0x178/0x500
[ 2735.704102]  ? __pfx_perf_trace_lock+0x10/0x10
[ 2735.704747]  ? __pfx_mark_lock.part.0+0x10/0x10
[ 2735.705391]  __alloc_pages+0x149/0x480
[ 2735.705960]  ? lock_acquire+0x19a/0x4c0
[ 2735.706517]  ? __pfx___alloc_pages+0x10/0x10
[ 2735.707162]  ? lock_release+0x1e3/0x680
[ 2735.707722]  ? xas_start+0x14e/0x710
[ 2735.708278]  alloc_pages+0x1a0/0x260
[ 2735.708818]  filemap_alloc_folio+0x374/0x410
[ 2735.709451]  ? __pfx_filemap_alloc_folio+0x10/0x10
[ 2735.710121]  ? perf_trace_lock+0xc1/0x480
[ 2735.710707]  ? find_held_lock+0x2c/0x110
[ 2735.711293]  __filemap_get_folio+0x285/0x8d0
[ 2735.711952]  pagecache_get_page+0x2e/0x120
[ 2735.712542]  ? __pfx_fat_get_block+0x10/0x10
[ 2735.713177]  block_write_begin+0x35/0x450
[ 2735.713754]  ? lock_release+0x1e3/0x680
[ 2735.714325]  cont_write_begin+0x4fe/0x700
[ 2735.714913]  ? __pfx_fat_get_block+0x10/0x10
[ 2735.715548]  ? __pfx_cont_write_begin+0x10/0x10
[ 2735.716219]  ? __mark_inode_dirty+0x68c/0xc10
[ 2735.716865]  ? generic_write_end+0x1fe/0x3d0
[ 2735.717512]  fat_write_begin+0x89/0x180
[ 2735.718087]  ? __pfx_fat_get_block+0x10/0x10
[ 2735.718722]  generic_perform_write+0x25a/0x580
[ 2735.719386]  ? __pfx_generic_perform_write+0x10/0x10
[ 2735.720095]  ? __pfx_fat_update_time+0x10/0x10
[ 2735.720758]  ? __pfx_file_update_time+0x10/0x10
[ 2735.721409]  ? generic_write_checks+0x2c0/0x400
[ 2735.722081]  __generic_file_write_iter+0x308/0x4b0
[ 2735.722771]  ? do_sendfile+0xb1d/0x12b0
[ 2735.723332]  ? __x64_sys_sendfile64+0x1d5/0x210
[ 2735.724000]  ? do_syscall_64+0x3f/0x90
[ 2735.724549]  generic_file_write_iter+0xe7/0x350
[ 2735.725214]  do_iter_readv_writev+0x211/0x3c0
[ 2735.725851]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 2735.726539]  ? avc_policy_seqno+0x9/0x20
[ 2735.727126]  ? security_file_permission+0xb5/0xe0
[ 2735.727800]  do_iter_write+0x189/0x7e0
[ 2735.728377]  ? __kmem_cache_alloc_node+0x1bc/0x310
[ 2735.729069]  ? kasan_set_track+0x25/0x30
[ 2735.729662]  vfs_iter_write+0x74/0xb0
[ 2735.730198]  iter_file_splice_write+0x73f/0xcb0
[ 2735.730893]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2735.731610]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2735.732371]  ? inode_security+0x105/0x140
[ 2735.732974]  ? security_file_permission+0xb5/0xe0
[ 2735.733659]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2735.734386]  direct_splice_actor+0x113/0x180
[ 2735.735027]  splice_direct_to_actor+0x33a/0x8c0
[ 2735.735687]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2735.736402]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2735.737121]  ? security_file_permission+0xb5/0xe0
[ 2735.737816]  do_splice_direct+0x1bc/0x290
[ 2735.738400]  ? __pfx_do_splice_direct+0x10/0x10
[ 2735.739085]  ? lock_is_held_type+0x9f/0x120
[ 2735.739701]  do_sendfile+0xb1d/0x12b0
[ 2735.740278]  ? __pfx_do_sendfile+0x10/0x10
[ 2735.740892]  __x64_sys_sendfile64+0x1d5/0x210
[ 2735.741535]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2735.742235]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2735.742977]  do_syscall_64+0x3f/0x90
[ 2735.743496]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2735.744259] RIP: 0033:0x7fb41b187b19
[ 2735.744772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2735.747164] RSP: 002b:00007fb4186fd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2735.748198] RAX: ffffffffffffffda RBX: 00007fb41b29af60 RCX: 00007fb41b187b19
[ 2735.749154] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2735.750107] RBP: 00007fb4186fd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2735.751061] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2735.752035] R13: 00007ffcd9ca88ff R14: 00007fb4186fd300 R15: 0000000000022000
[ 2735.753016]  </TASK>
[ 2735.766730] syz-executor.2: attempt to access beyond end of device
[ 2735.766730] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2735.768371] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2735.771624] syz-executor.6: attempt to access beyond end of device
[ 2735.771624] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2735.772193] loop1: detected capacity change from 0 to 40
[ 2735.773265] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2735.775217] syz-executor.5: attempt to access beyond end of device
[ 2735.775217] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2735.776875] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2735.784787] syz-executor.3: attempt to access beyond end of device
[ 2735.784787] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2735.786442] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2735.801016] syz-executor.5: attempt to access beyond end of device
[ 2735.801016] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2735.802663] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:47:40 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 50)

15:47:40 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 52)

15:47:40 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 72)

15:47:40 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 72)

[ 2735.893355] loop7: detected capacity change from 0 to 40
15:47:40 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef)

15:47:40 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x410, &(0x7f0000000140)=ANY=[@ANYRES32=r0, @ANYRESHEX=r0, @ANYRES16=r1, @ANYRESOCT=r2, @ANYRESHEX=r0, @ANYRES32])
chdir(&(0x7f00000000c0)='./file1\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r1, 0x810c9365, &(0x7f00000001c0)={{0x3f, 0x7}, 0x100, './file0\x00'})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r4, &(0x7f0000001180)=ANY=[], 0x220)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x80049367, &(0x7f0000000000))
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r4, r3, 0x0, 0x80000001)

[ 2735.942350] syz-executor.7: attempt to access beyond end of device
[ 2735.942350] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2735.944151] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2735.969974] syz-executor.0: attempt to access beyond end of device
[ 2735.969974] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2735.971691] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:47:40 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101000, 0x1)
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x17)
syncfs(r0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2736.001079] loop3: detected capacity change from 0 to 40
[ 2736.006515] loop2: detected capacity change from 0 to 40
[ 2736.009803] loop6: detected capacity change from 0 to 40
15:47:40 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 51)

[ 2736.040951] loop4: detected capacity change from 0 to 40
15:47:40 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 68)

[ 2736.067389] syz-executor.3: attempt to access beyond end of device
[ 2736.067389] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2736.068705] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2736.081123] FAT-fs (loop5): Unrecognized mount option "" or missing value
[ 2736.118777] loop7: detected capacity change from 0 to 40
[ 2736.126361] syz-executor.6: attempt to access beyond end of device
[ 2736.126361] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2736.128231] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:47:40 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 73)

[ 2736.239373] loop0: detected capacity change from 0 to 40
15:47:40 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 73)

15:47:40 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 53)

[ 2736.370227] loop3: detected capacity change from 0 to 40
[ 2736.373006] loop6: detected capacity change from 0 to 40
[ 2736.382712] loop2: detected capacity change from 0 to 40
15:47:40 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 52)

15:47:40 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 69)

[ 2736.421952] FAULT_INJECTION: forcing a failure.
[ 2736.421952] name failslab, interval 1, probability 0, space 0, times 0
[ 2736.423068] CPU: 1 PID: 11569 Comm: syz-executor.2 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2736.423689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2736.424386] Call Trace:
[ 2736.424586]  <TASK>
[ 2736.424839]  dump_stack_lvl+0xc1/0xf0
[ 2736.425199]  should_fail_ex+0x4b4/0x5b0
[ 2736.425567]  should_failslab+0x9/0x20
[ 2736.425856]  __kmem_cache_alloc_node+0x5b/0x310
[ 2736.426201]  ? iter_file_splice_write+0x169/0xcb0
[ 2736.426613]  ? iter_file_splice_write+0x169/0xcb0
[ 2736.427012]  __kmalloc+0x4a/0x160
[ 2736.427297]  iter_file_splice_write+0x169/0xcb0
[ 2736.427727]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2736.428103]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2736.428592]  ? inode_security+0x105/0x140
[ 2736.428999]  ? security_file_permission+0xb5/0xe0
[ 2736.429438]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2736.429809]  direct_splice_actor+0x113/0x180
[ 2736.430166]  splice_direct_to_actor+0x33a/0x8c0
[ 2736.430566]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2736.431003]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2736.431453]  ? security_file_permission+0xb5/0xe0
[ 2736.431914]  do_splice_direct+0x1bc/0x290
[ 2736.432335]  ? __pfx_do_splice_direct+0x10/0x10
[ 2736.432745]  ? lock_is_held_type+0x9f/0x120
[ 2736.433069]  do_sendfile+0xb1d/0x12b0
[ 2736.433401]  ? __pfx_do_sendfile+0x10/0x10
[ 2736.433800]  __x64_sys_sendfile64+0x1d5/0x210
[ 2736.434157]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2736.434609]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2736.435090]  do_syscall_64+0x3f/0x90
[ 2736.435412]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2736.435914] RIP: 0033:0x7fe077f6cb19
[ 2736.436185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2736.437446] RSP: 002b:00007fe0754e2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2736.438120] RAX: ffffffffffffffda RBX: 00007fe07807ff60 RCX: 00007fe077f6cb19
[ 2736.438742] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2736.439238] RBP: 00007fe0754e21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2736.439742] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2736.440250] R13: 00007ffda5f9e29f R14: 00007fe0754e2300 R15: 0000000000022000
[ 2736.440963]  </TASK>
15:47:41 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 74)

15:47:41 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in, @in=@loopback, 0x2f00, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
truncate(&(0x7f0000000500)='./file1\x00', 0x8000)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x50000, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
io_submit(0x0, 0x2, &(0x7f00000004c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x5, 0x8001, r3, &(0x7f00000000c0)="4083f286f0590926825efb45", 0xc, 0x4}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x2, 0xffc1, r4, &(0x7f0000000380)="30f3d43236698e6a96df0c8c25f9782e8afdc31c8abde5d992ea6d66b637e40cc02822cd22d864a6c39df07e453804223b74ac28bb1ffa857006302bd59bbdad1aaf5091", 0x44, 0x5, 0x0, 0x1, r2}])
mount$tmpfs(0x0, &(0x7f0000000540)='./file1\x00', &(0x7f0000000580), 0x400, &(0x7f0000000640)={[{@mode}], [{@fsuuid={'fsuuid', 0x3d, {[0x32, 0x66, 0x38, 0x6, 0x63, 0x61, 0x35, 0x38], 0x2d, [0x37, 0x64, 0x33, 0x32], 0x2d, [0x62, 0x30, 0x38, 0x63], 0x2d, [0x30, 0x36, 0x62, 0x36], 0x2d, [0x38, 0x31, 0x61, 0x36, 0x61, 0x34, 0x34, 0x33]}}}, {@measure}, {@audit}]})
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000001ac0)={{{@in=@multicast1, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@remote}, 0x0, @in=@private}}, &(0x7f0000000340)=0xe8)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
setresuid(0x0, r6, 0x0)
syz_mount_image$nfs(&(0x7f0000000000), &(0x7f0000000300)='./file1\x00', 0x9, 0x5, &(0x7f0000001a40)=[{&(0x7f00000006c0)="1e9c9d2c2b586373f30bc4dd963b9a1e433e1828a4e5fc062e570d2e0b96789fcfa6a77cdefa1dd02af558e666f4fd928bc7d43e3eb70c013368246380d6c38a39a34fef4a045e58dc10076b87ba02c2a4fce6fbb8b06d705fdc4e81498e1f93826dd0673a72549d28facf14e7864d072b0429c0e5dc7acd2967d56e1c45a14f04d69f61ec0fd6d01c2a32c8dbb7c13977959d8f524bc87587d5ab0f5dd0c17fe9e71b505877aacd0b8651b4ca63d2ae948515b5cad1b7447fa6e171666aa5ad06bb8ed1aed12a8f8deaf6b0e2a251e4fc102641b30608b991d65887979f7a0b67a0d1b1c24953b85e506e3c19aff5c34d", 0xf1, 0x6}, {&(0x7f00000007c0)="c4bf5556a8eb1d7d160fe36169a82fc26c91dbf7e8d84f27e936c6995f8dda4d7b14a5de5174ca778ef0aeb5ff420213c0cacee0c568e06bff86a58bc10eeef203605fe651fcd4091eb0c04d6dc9b4cf1ebd250a3c13c130f0f0db33fb0a2c8126fee86c114b58f241ea34eb1ef42519991afc4807ba954fbe58098e155521a42fb8cf", 0x83, 0x3}, {&(0x7f0000000880)="40696e20ecb14a379c61e0b042e76669c4e3f5b7470dc372d074b5734bd9e94ea80f5390b001e74deec16813d0348bd6887ea7d051fcd1fab408f788f5f0a26f94dad543095644e52578d59ee9e186fbf7d3a2564d0a19b31522697f533b7ffbc09c5ab72cb1d434b2a9af1f7605496cff9aa422436deb75bc650f352bf066ddfaa59392ea487ab14ea39c5e7c3eecd11590d83d74935018f7a81db45578d124dd481f20e442b77dbb9aea0f5b1110c75ad2ebfea751e516cf65c6edbb2bb81d947bd64b1d169ad21b256fa573ca2f201e7ac3267c2ce12f5a03177e04dfcd8d1c078c5f7e1f8deadc7fa7ac6a9c305912d8d11afa5371a74907de805964f566d4e78833254c9a879f36d60ea9a28630bb7f207b211f196e9a1d37a33a7c8bb5580fe85410241dcade582eb736f0d5d04a61c0c1000fdd36ce384f87a752a15c3ec3f0fb6d7af6a00e9b8e458f21f5cb307ab6501032be1a5342bd77edeeb7265ce4e278276a344c7cf0da2ab9cad11d8a13e7222cb48780430f7a709e5fec64bc58114eef4ff33d2986c9e2e3c0757c93c5764ad66aef5c23b50d410c82fa7aa3c36203cc017d46c9d94b6f995289f865914f28da75180f04523a641bc3b2e1791c1b3eb606a15352e915bcb009440da46eedf1cee2d6f029c4118c228ad912828723f2e9e9bdbc2743dc67a5ed1693267b9466acf93433c92df47223f88cdf0f121bd42eba1e3f870e6fbeeb58eb9af296f6762529acf96ef032ab18c853467d2848d54b3fdc3f79d730f8d32b6c67e9541914d637220636f0a387aa77da0abc6955e5da992ada7ed6f2e4d766aaaaea531912a09c33c5821fb2a505eb9d36359f9aa3015a695a7b33f2005f54587c0a529c2a86eadd05c031642604a2197a2ddea3972314017641ab234aa42a3675e36428634bc049a745210ebfd3852f0a5768087fa01b4f14d5f853f723937ef24d461aaf0de6b5936932599eaa184e4994c0487bd9aea9cbb9b472b16a652fb17b1d3f5faba27b5db9621e40ac17e63fb23700d73949932493c5238eca0f5cefa25ac497863902b56545f832df7712f4dc469c78a86477f0ceb33d508334c0e6b1fa10c22514d1eda54efb2be9a4767f15c8e1138dbffbc81fdd96a67547e971c1414fc5022c6e3742905535d8a1b8886e75b498346421ff86de9c0d23dbd0ede38d8450384b4073e15c564b49cccc7f9273863f5e3a24d2fb592e5c488b1b59b5561abbc21ac90477b3d72d7cea09b18bf2a7ad4ea4b5bb5eefe99a16da7363dbed9fa3a7014ad0ae9033ca9d46877439d45f96dd41615843d3679ee0c85160840db819b25e35a356927041e6dbbadbd630bf421942323184435d12697c36d85c7ce2752f602eecda3324111057caec0a8d6c2eaf9fdfa5e48345010021937a042882d64128a6b6d9a0072f11c58900b3055e90980480cb8fb1b49184686f78852b6e76edc1747c430818591336163903cd38c7c8c76724d6ba0aac342eb11aed03baaff563b0248d3169b9314e5a6bf9e43438aebfe9957a1ef7fb23ee34de0402dc60926997ea2c7a50c006b0bae0fffe61b20b568ac881511b41a33467be1588eaab680b3492c32e0447259bd29981fe2b66fb9e5942dba8acab58e852f305a5077ee471aaecab01769411f0e42fcc30d27a3dd1dbc9a6a0750a3148f171c752e700331007e378f6796c897eff86ff1eb1b9741bb9b1d74993cf953e57c42e725b452df748f363e86961b482f663b6ff13058931d66f98fd7dc83b46cdad5033f1b8eff84725c6f3421887302beae20da823f1913d7baf2d982ac28fb7d746ceb46b764d97e9fde84f5eaad2b10438cda64725968c2d30b5ba82be43e89257422de46944242187f5fbb7c41b6d6452eddaf3f9888843eab0bf34c88d3efdc5bd7bba71b1754fdb7250d67236e21024a07b85c50959659e6acad4f5c7966cda10c187c6dc4330177d7c05e51ab47c87f69b776b64d4537059d4798f0e0d93dad0c42e936ad69cd331de844c1071c068b93e3be2067030ca480f9a6fe2dec8bc51810ac57d45bd25fcebbfd7fec783e54e92463a57e3033da753c1f8a5d7b5dc1ada73d43e203164ae7710b99ff0e3b6d61fa9e9e2b2a6e24d837f3b27e6d25056a3bb07d4018400ccc81b0fc3bb0682b0c9cef950508af92e9123e1d890b0f89b275a812634940e1f6e7e057c6b8d080511ceaea97f1b2c5afab9dae0ab0d801b43d6a85483676054c6cad98830f220c471dc8349e908a5ccf7fbd85895718dd4c41c1c9f3f62e4f2dfd0fa528ef202244e14bef27c04008f03d53fe2af683c9317684639859d6eb6c3de0a0c019a3a13d88a4e2e011aea222ab0339735a18041a691db1b886184da1206c8e97906780e0872ee7c0050baca2d017380ef75c3451ad0a579f19dab1b09164a2ac2ddc61e038c605046c70e413e8ff33ebddd0ccff9fa526eeaa73241ee785dcb3e59b30880d5122d80fcda1059cff90c92f689bd54041b94ce5ea859e194702057b30222d0e08de39da72576d6fa630034835969b0fcdf0134c981729b1aa1e05f90ceaa549b763bd70cdea1ee03bd5d409a00634b3ec5f69ce30496bcaf3cd143620d9421cc077ec41b65de1d0211a6368125117c60d5ca6fb0fce7e57e2c0443787f35f7b5ae5a1aee8f7c1ca15fb12ad4c0b78fc56255db7aec50edada8f0e7e836e2da3cffd366b65228388121f29e58dc67f741ce73508810e5d9eecba0fc878f5a35a01a635e7312430edb9407e73fc4f3c87a2463ccdbc30ba1a038569114163ecadfdaffdf8f0775efffdde1969cee88a6ca69a4805e458a4624aaa7bb44d4a846645e26c25a0106bb7e866b5e182a77361340e8ca542eb895a5e06acdfbafc7f9360a8bc599a6b7f350774ee81404842d965ed2a0c3a41035aef82b841ad1ebb0eb54c3047170d43494bf79953caaa91d29d9966d3cba55b1a8a2ad41f770200d3520789c7e318715f7d622a393b8b04f28a10803c5e82df92dc5cdadb831efe076b1265568de8d0ac657bdb43b13a69079dce3ee280efefb221ecb3f32dad1853d6ee27108d4e709c88d53fe670379b98390833bc70a19f3120a51e5bf1d4e447a8bb77cf55507e1b2466112895c5377523f59c64365f213082d22f9ea631208876ca067cd6ac7e1e082e7becea72da71019609c4d46cb54fa0bde7bd0b0c612f5f96abf6b806f3b79bcdf493b867b392280e7884634140d8368ff71d62733ea24904039851e5bba0926cfe09040ca989fb0fb2970b4b0ce3e7a392caf3308108ee6a499ae04e2a028ecb50991e9cae602593f6b36b35e4c925ffed349452b7f30575a93474d1425aab535a3cab5c52428c9efd644d8121c86182ed6a6b68991dd0c3fb0283bbf275d2dfa500622e2ecbf77e5efd6db7aa8aca6b74d83e6684206b5b3efcdcafd01b8805e653f9626104b330ac5759e91964599d1b50cfc2446c002559fa0a6281b05b840d20bd099ae1a45fa6778dd3a860db789d992bf540926ac5a4855bf819473ba58f7b9a1f2d86adc481a541d587489d069cff5b0826aa7e48016ef767f4d75ecaa375838a708e0684af3cf515a5e061ab867d896bc1b5386de5a9b8a43f0a18a4f3e36caf0ae0e885c1bfc90c0fbf260b8e4f6cf0aaa729e8f8b31e6a3afab1f11d61a37d9d37a326702de384a074ad0a8f9dd39302f45291c996c3d6edcd2fdbe17fdc07c3ebf1821aec100e2b9051582305391affc2eb48e887dfccc6393d40042da2ae31fefafac025439716d2088b21421f2d2cd41837c575fab0f0e67263cf3f82c03911b9d22efaa227ba6a466c156d65fa45b30c4d089f7fcb4896d683d646ebc4c4de7c9051a87cea055e1d265f904fab01060409a634605e700ddca6bc5ec3850cde5099b825754baa4b23ff98bd28b2730464d4e51ef3b272002dccfd1d26e6a05fb2a1f472108699157c7d26954a67d229498e43f48d7330ca5672c42c32c0e0e5bad4c21bf8d9e4c1ec38439a149d3771baff02a85c372a07eda1f868b23771bc3d23addd1fc3a9dba8a9ae286e14acecde4f2d3834d73c4c32a19e380587352af2db263ce814af244d26f953e31aba1ceff51a6cd1cbaece0d5f512711e294eac2adeff3c2dca0adecd01b075e33b710594485a0737da9a5ad59143feecd9d52780eeb30bbef7a26d66f9853823ac33e876316a3dbe47265bda0a8b0b9b84cd25209b156209183ba19b3ee31bf74d2959267a2e5546f6fd83db226c1be7e77087462f703ec0ad94a79418eeac547a578298f8684c5455732411a53921f89b73645113c4ef80d16dbad492dbcdf7b42b0750c9c0ee49246f4a989add3aee5497678fff5d1c825d40c32f41be02173534bab5f5a2e14121110676bb3edb94213e5463c94447dd38fb71e8a914370d8d1e0044e929535049b08a65c1f31b2eea2a3717d7c224ddac7ade7c91f2793c74c6d88e874eed1171ec7d9410a55f2edfba292b1b4d378d18ad4c98b9ebe27cc89cec3cb50fe5e0dd762af0a41ce74eb6b5a46d972793523f256a02cf6f7d2e1b1eff44195bf07a9aca9f2c7df746b4626c4c0924f26a1f774d3bdd0b5e1dba98b281b4a918112e6dac10a2dd190dfe163dd80529ce68c6b3168636f0445feeb528f4039d8f1c4ece15bbe388111bafe596f5a588a38ac8fbfadae5677b99c654cc3734db0ac1a4093fd6f738009819459cf50d6a508e8e9f0541b0919fd8ebfeb5d701f2456304823b0b2ff52df753e51a3d55374cf69ce6d45100018dc902c4688ba2b4b9806ffe3ad841b97c82a11388481f8b0a31bde2a1775cce169998507ec21c56209958ea51e20bbf551e874acf7325b047db8b5e8fb002cdb2ef33a6fa691955a011a92e96876b1f450e59978c6e2619870b207e9701c5d22bfd311d839a96401a750716024f84e54fc8f080cb4cb2a7e8dd3b6ddf9c0ec1bc28f155306b9db0f20f250b582230f07c7c460844dd5fb3e646dc384b79115252fc49701cd12160300643610deb187aee3038c4dda9e3b6a94d13f03c7bb469c134c8e3ce0c260fc661d2ee57d4e57172171d9379edd2493d14d9dfabda14db54f8e5439ec26f3cc096848c23e0641cac86bf5c85fb0772310510992ad0241ea18272aa68b336be84a14c100ae5f63a2385657529b99e66a43952ddb90e6a1c877436cd1bd911df7a54552c2c3912390804ee2fb80dc27973a2f798ad8023cac16d53bc058469c79189fd9d64056b40a9461071fa5d335d9d7e49a5a07f317f56539c7797d058506dd855d008fcc3b8ed59e85c549a725965f82181f57fe0765f8c3cb75959d40094fa4e28ea73adb420eb08ab7f5c86ebe78027d258f0dc1bd3f845e3f480926f99c62352633b1e2d3aa1b3fe14896848f3824568cb0fbb88f71c4b57c421c33fa723e7de8f69f9acaf7697342fd7311879e5d9202a35df438e2dafd0152d96eb5b6b8186ef4eb72ee8520e231ba4ec3ea5874a9b1359d0a87c9b3be8508999968e7fd426540e5835395067089f0e3cd9494c9c46eaf04c72d4e9da31ad5d95a927494391b3b1476bb4a1b9d3c22843626e09f45b6edccab111f402a307b90007dc782532a4dd7551c115526df95bbcb5be2e6fd1ee6507f909ab0b78fc9c12ecde0d7d837de139ae01f86625c0b75c62812abaf74864cbd95185aa661f70f192f2bde27364003e3594e7d70c2b7e091bdb2058ded8ec4160a35491021598b227fc90aebe5ac310222a2c90d2511b9a1a7bb944bb54280e492b6c", 0x1000, 0x2}, {&(0x7f0000001880)="fb9948b74ff50b50e89d16a376c8ab1ce390c77b9e2ab5d5a1ccc8a0cd8723279ff131435a265cbfd536f4ad75e17c3237a4cd0001a10a2a31c22bf43d041c44e8e857872bd3bfd9b45f1891344042e3a27011a209771a6a02343515c51d023b1b3bf41bd061bf8af17c531e80a7d2bd0128ef6bc88c9b639ae45895316504f8f395173bd2f97737d150889e0e2c310ded114f02c9fb17d333bfbb21301940570a3e79b6e5a02a7f6e2134329b03b72630ea3792e8fec02238c582fed197", 0xbe, 0x10000}, {&(0x7f0000001940)="dd3fb56274e2e96435ea5690f387cb00a2e8a3dc9095469ba4d9bebde4442deaa6b4c58b6048f64fa645364f3d8c426675c7a427a3a96b07f2d18a4db817e1fba213c912d10b04307bdf7d8ec798c654978da0f77077765da56b0b7b3a29534ba1dd4d4b2427b96fa44e7249221f76f95405b82b7540e47a42558a08091e2fdcabdd30d7b55d86f89f8a51b46742b4cbdb240c233a5473e866cb81ff7a9bb527900136640d46de97e8143b6529fb13efed3ac29181b56c023e3e88183d22f675ee72bdfffc816f0b8b428ea8710c7b751273baa1", 0xd4}], 0x2108000, &(0x7f0000001bc0)={[{'fsuuid'}, {')]$]'}, {'}['}, {','}, {'%,'}, {'\x00'}], [{@uid_lt}, {@fowner_eq={'fowner', 0x3d, r5}}, {@fowner_eq={'fowner', 0x3d, r6}}, {@euid_gt={'euid>', 0xee01}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}]})

15:47:41 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 54)

[ 2736.571588] loop0: detected capacity change from 0 to 40
15:47:41 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 74)

[ 2736.593840] FAULT_INJECTION: forcing a failure.
[ 2736.593840] name failslab, interval 1, probability 0, space 0, times 0
[ 2736.595449] CPU: 1 PID: 11571 Comm: syz-executor.7 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2736.596492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2736.597526] Call Trace:
[ 2736.597868]  <TASK>
[ 2736.598172]  dump_stack_lvl+0xc1/0xf0
[ 2736.598710]  should_fail_ex+0x4b4/0x5b0
[ 2736.599262]  should_failslab+0x9/0x20
[ 2736.599781]  __kmem_cache_alloc_node+0x5b/0x310
[ 2736.600429]  ? iter_file_splice_write+0x169/0xcb0
[ 2736.601090]  ? iter_file_splice_write+0x169/0xcb0
[ 2736.601747]  __kmalloc+0x4a/0x160
[ 2736.602239]  iter_file_splice_write+0x169/0xcb0
[ 2736.602900]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2736.603586]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2736.604354]  ? security_file_permission+0xb5/0xe0
[ 2736.605026]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2736.605748]  direct_splice_actor+0x113/0x180
[ 2736.606378]  splice_direct_to_actor+0x33a/0x8c0
[ 2736.607039]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2736.607693]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2736.608407]  ? security_file_permission+0xb5/0xe0
[ 2736.609094]  do_splice_direct+0x1bc/0x290
[ 2736.609668]  ? __pfx_do_splice_direct+0x10/0x10
[ 2736.610347]  ? lock_is_held_type+0x9f/0x120
[ 2736.610943]  do_sendfile+0xb1d/0x12b0
[ 2736.611476]  ? __pfx_do_sendfile+0x10/0x10
[ 2736.612049]  __x64_sys_sendfile64+0x1d5/0x210
[ 2736.612693]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2736.613398]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2736.613594] loop4: detected capacity change from 0 to 40
[ 2736.614116]  do_syscall_64+0x3f/0x90
[ 2736.615301]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2736.616027] RIP: 0033:0x7f7050f93b19
[ 2736.616504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2736.618859] RSP: 002b:00007f704e509188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2736.619806] RAX: ffffffffffffffda RBX: 00007f70510a6f60 RCX: 00007f7050f93b19
[ 2736.620770] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2736.621747] RBP: 00007f704e5091d0 R08: 0000000000000000 R09: 0000000000000000
[ 2736.622737] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2736.623654] R13: 00007ffeb40769df R14: 00007f704e509300 R15: 0000000000022000
[ 2736.624626]  </TASK>
[ 2736.655277] loop2: detected capacity change from 0 to 40
[ 2736.662315] loop3: detected capacity change from 0 to 40
15:47:41 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 53)

[ 2736.797329] loop6: detected capacity change from 0 to 40
[ 2736.813572] FAULT_INJECTION: forcing a failure.
[ 2736.813572] name failslab, interval 1, probability 0, space 0, times 0
[ 2736.815299] CPU: 0 PID: 11578 Comm: syz-executor.2 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2736.816500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2736.817602] Call Trace:
[ 2736.817991]  <TASK>
[ 2736.818338]  dump_stack_lvl+0xc1/0xf0
[ 2736.818945]  should_fail_ex+0x4b4/0x5b0
[ 2736.819564]  should_failslab+0x9/0x20
[ 2736.820162]  __kmem_cache_alloc_node+0x5b/0x310
[ 2736.820864]  ? iter_file_splice_write+0x169/0xcb0
[ 2736.821602]  ? iter_file_splice_write+0x169/0xcb0
[ 2736.822323]  __kmalloc+0x4a/0x160
[ 2736.822869]  iter_file_splice_write+0x169/0xcb0
[ 2736.823600]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2736.824389]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2736.825187]  ? inode_security+0x105/0x140
[ 2736.825832]  ? security_file_permission+0xb5/0xe0
[ 2736.826549]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2736.827323]  direct_splice_actor+0x113/0x180
[ 2736.828023]  splice_direct_to_actor+0x33a/0x8c0
[ 2736.828730]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2736.829477]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2736.830250]  ? security_file_permission+0xb5/0xe0
[ 2736.830977]  do_splice_direct+0x1bc/0x290
[ 2736.831612]  ? __pfx_do_splice_direct+0x10/0x10
[ 2736.832355]  ? lock_is_held_type+0x9f/0x120
[ 2736.833021]  do_sendfile+0xb1d/0x12b0
[ 2736.833613]  ? __pfx_do_sendfile+0x10/0x10
[ 2736.834263]  __x64_sys_sendfile64+0x1d5/0x210
[ 2736.834945]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2736.835700]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2736.836505]  do_syscall_64+0x3f/0x90
[ 2736.837066]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2736.837824] RIP: 0033:0x7fe077f6cb19
[ 2736.838374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2736.840917] RSP: 002b:00007fe0754e2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2736.842001] RAX: ffffffffffffffda RBX: 00007fe07807ff60 RCX: 00007fe077f6cb19
[ 2736.843017] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2736.844055] RBP: 00007fe0754e21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2736.845072] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2736.846084] R13: 00007ffda5f9e29f R14: 00007fe0754e2300 R15: 0000000000022000
[ 2736.847130]  </TASK>
15:47:41 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 70)

[ 2736.919430] FAT-fs (loop5): Unrecognized mount option "" or missing value
[ 2736.934540] loop7: detected capacity change from 0 to 40
15:47:41 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 75)

[ 2737.013015] tmpfs: Unknown parameter 'fsuuid'
[ 2737.064167] loop0: detected capacity change from 0 to 40
15:47:41 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 75)

[ 2737.138330] tmpfs: Unknown parameter 'fsuuid'
[ 2737.145998] loop6: detected capacity change from 0 to 40
[ 2737.155036] loop3: detected capacity change from 0 to 40
15:47:55 executing program 4:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r0, r3, &(0x7f0000000040)=0x1, 0xffffffffffffffa5)
openat(r0, &(0x7f0000000000)='./file0\x00', 0x343880, 0x84)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:47:55 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x200, 0x100)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:47:55 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 55)

[ 2750.841440] loop4: detected capacity change from 0 to 40
[ 2750.848539] loop6: detected capacity change from 0 to 40
[ 2750.850844] loop5: detected capacity change from 0 to 40
[ 2750.858190] loop3: detected capacity change from 0 to 40
15:47:55 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
symlinkat(&(0x7f0000000000)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
openat(r2, &(0x7f0000000180)='./file0\x00', 0x200000, 0x108)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:47:55 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 54)

15:47:55 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 76)

15:47:55 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 76)

15:47:55 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 71)

[ 2750.931430] bio_check_eod: 13 callbacks suppressed
[ 2750.931445] syz-executor.5: attempt to access beyond end of device
[ 2750.931445] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2750.933020] buffer_io_error: 13 callbacks suppressed
[ 2750.933029] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2750.947925] syz-executor.3: attempt to access beyond end of device
[ 2750.947925] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2750.949092] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2750.953979] loop2: detected capacity change from 0 to 40
[ 2750.963043] syz-executor.6: attempt to access beyond end of device
[ 2750.963043] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2750.964900] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2750.966989] loop0: detected capacity change from 0 to 40
15:47:55 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 77)

[ 2750.987676] loop7: detected capacity change from 0 to 40
[ 2750.989376] syz-executor.4: attempt to access beyond end of device
[ 2750.989376] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2750.990267] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:47:55 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = inotify_init1(0x0)
write$binfmt_script(r2, &(0x7f0000000240)={'#! ', './file0', [{0x20, 'vfat\x00'}, {0x20, 'vfat\x00'}, {0x20, ')^-'}, {}, {0x20, 'vfat\x00'}, {0x20, 'vfat\x00'}, {0x20, '.){'}, {}, {0x20, '{'}, {0x20, '*-/'}], 0xa, "ddeba4aba4e53a659fb017997cb840d21c52adbeea1efd75742f7571be9961d6fd7b4870f6a37543bf50057bd4ea68898cf90c84cb07c43d3c22ec7902b9b6eff9d7828ea9b377e3bf2b834f1b52962a918c7d9b36b2a489ffb0df1d57"}, 0x90)
write(r0, &(0x7f0000000300)="13fd22d62ff1bc87ef8407025a141bb2bd314b96c34a4eed24fe1b63c340722416f300f47522824e2629b28f38460c1324dc77ac32b0ae28b4c655cda0a0a9585cf599050e0ff4cabb90555d81fa4bb872836c6c4252381bb7caf11f7e5f83e99cd60250dc40ea9105e61042b36e2ffc8d6a8fd75223ea80635bb36159a6f6595ac1edf47c3bae0d8eec09a2d9fd912c2f4396d0143748d859de577fcadc5163a6e64ea138831f237f4b30f3b6d9a267a3af259583", 0xb5)
statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/46)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2751.041082] loop5: detected capacity change from 0 to 40
[ 2751.042306] loop3: detected capacity change from 0 to 40
[ 2751.075924] syz-executor.3: attempt to access beyond end of device
[ 2751.075924] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2751.076826] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2751.086020] FAULT_INJECTION: forcing a failure.
[ 2751.086020] name failslab, interval 1, probability 0, space 0, times 0
[ 2751.087603] CPU: 0 PID: 11625 Comm: syz-executor.7 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2751.088736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2751.089841] Call Trace:
[ 2751.090209]  <TASK>
[ 2751.090536]  dump_stack_lvl+0xc1/0xf0
[ 2751.091107]  should_fail_ex+0x4b4/0x5b0
[ 2751.091698]  should_failslab+0x9/0x20
[ 2751.092264]  __kmem_cache_alloc_node+0x5b/0x310
[ 2751.092934]  ? iter_file_splice_write+0x169/0xcb0
[ 2751.093631]  ? iter_file_splice_write+0x169/0xcb0
[ 2751.094263]  __kmalloc+0x4a/0x160
[ 2751.094777]  iter_file_splice_write+0x169/0xcb0
15:47:55 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 78)

[ 2751.095411]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2751.096377]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2751.097150]  ? inode_security+0x105/0x140
[ 2751.097771]  ? security_file_permission+0xb5/0xe0
[ 2751.098466]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2751.099210]  direct_splice_actor+0x113/0x180
[ 2751.099860]  splice_direct_to_actor+0x33a/0x8c0
[ 2751.100553]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2751.101271]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2751.102010]  ? security_file_permission+0xb5/0xe0
[ 2751.102706]  do_splice_direct+0x1bc/0x290
[ 2751.103442]  ? __pfx_do_splice_direct+0x10/0x10
[ 2751.104149]  ? lock_is_held_type+0x9f/0x120
[ 2751.104782]  do_sendfile+0xb1d/0x12b0
[ 2751.105458]  ? __pfx_do_sendfile+0x10/0x10
[ 2751.106086]  __x64_sys_sendfile64+0x1d5/0x210
[ 2751.106871]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2751.107596]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2751.108524]  do_syscall_64+0x3f/0x90
[ 2751.109069]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2751.109927] RIP: 0033:0x7f7050f93b19
[ 2751.110456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2751.112881] RSP: 002b:00007f704e509188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2751.113919] RAX: ffffffffffffffda RBX: 00007f70510a6f60 RCX: 00007f7050f93b19
[ 2751.114889] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2751.115854] RBP: 00007f704e5091d0 R08: 0000000000000000 R09: 0000000000000000
[ 2751.116826] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2751.117791] R13: 00007ffeb40769df R14: 00007f704e509300 R15: 0000000000022000
[ 2751.118791]  </TASK>
[ 2751.120672] syz-executor.2: attempt to access beyond end of device
[ 2751.120672] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2751.122552] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2751.129498] syz-executor.0: attempt to access beyond end of device
[ 2751.129498] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2751.129901] syz-executor.5: attempt to access beyond end of device
[ 2751.129901] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2751.131371] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2751.132064] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:47:55 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 77)

[ 2751.154535] syz-executor.5: attempt to access beyond end of device
[ 2751.154535] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2751.156326] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2751.188120] loop3: detected capacity change from 0 to 40
15:47:55 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 56)

15:47:55 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 72)

[ 2751.331249] loop6: detected capacity change from 0 to 40
[ 2751.342439] syz-executor.3: attempt to access beyond end of device
[ 2751.342439] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2751.343302] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2751.368560] loop2: detected capacity change from 0 to 40
[ 2751.395501] loop0: detected capacity change from 0 to 40
15:48:09 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 79)

15:48:09 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = memfd_secret(0x80000)
openat(r1, &(0x7f0000000000)='./file0\x00', 0x200, 0x68)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r2, r0, 0x0, 0xfffffdef)

15:48:09 executing program 5:
r0 = syz_open_dev$hidraw(&(0x7f0000000240), 0x2, 0x16040)
write$binfmt_elf32(r0, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x1, 0x7, 0x80, 0x100000001, 0x2, 0x3e, 0x3f, 0x92, 0x38, 0x340, 0x400, 0x7, 0x20, 0x1, 0x1, 0x3, 0x4}, [{0x7, 0x3, 0x2b8, 0xd3, 0x6, 0x78b, 0x1, 0x10001}, {0x70000003, 0x3, 0x3ff, 0x3, 0x6, 0x1000, 0x20, 0x2}], "fda1a6f69cae2b10438bf3e3fff822577340f712d4549ee33a0fe54ebfa0bc4e5d0b1d8a1c6a4789e1f8d3e8c56a4eca290c2cda7ce73f1d1942fda7ecffce2703b60c877bd4509393d7529d6c83b215fc1625097254f6ce1ebad68bbc970e1317a5df4610d22a9d0f2be26001d2688cf2cd5521b952d6fd3788295a5cb60a8323f22b2e1cded9df62993346fa398f29da564d564d80f6fc212e60dbc46b7df29ac93d5eb0ba3e35dfc275f9e5535db2cc87e3ec1f54799918e01bef5683dbc18d", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x739)
setfsuid(0xee01)
setfsuid(0xee01)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = syz_mount_image$ext4(&(0x7f0000000180)='ext3\x00', &(0x7f00000001c0)='./file1\x00', 0x8, 0x0, &(0x7f0000000240), 0x240006, &(0x7f0000000280)={[{@journal_checksum}, {@grpquota}, {@data_writeback}, {@init_itable}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x3}}, {@oldalloc}, {@nodelalloc}], [{@smackfshat={'smackfshat', 0x3d, '/\\$(\'{/'}}, {@fsname={'fsname', 0x3d, 'vfat\x00'}}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@fowner_gt={'fowner>', 0xee00}}, {@dont_hash}, {@smackfsroot={'smackfsroot', 0x3d, 'vfat\x00'}}, {@obj_type={'obj_type', 0x3d, 'vfat\x00'}}, {@fowner_lt={'fowner<', 0xee01}}]})
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000002, 0x12, r2, 0x1b6af000)
accept4(r1, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, &(0x7f00000000c0)=0x80, 0x40800)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r1, 0x0, 0xfffffdef)

15:48:09 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 78)

15:48:09 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 55)

15:48:09 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 57)

15:48:09 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 73)

15:48:09 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r2, 0x8040942d, &(0x7f0000000000))
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2765.296226] loop4: detected capacity change from 0 to 40
[ 2765.298512] loop0: detected capacity change from 0 to 40
[ 2765.300761] loop6: detected capacity change from 0 to 40
[ 2765.313095] loop2: detected capacity change from 0 to 40
[ 2765.318799] loop7: detected capacity change from 0 to 40
[ 2765.353597] loop3: detected capacity change from 0 to 40
[ 2765.430839] bio_check_eod: 3 callbacks suppressed
[ 2765.430860] syz-executor.6: attempt to access beyond end of device
[ 2765.430860] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2765.433075] buffer_io_error: 3 callbacks suppressed
[ 2765.433091] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2765.445328] syz-executor.0: attempt to access beyond end of device
[ 2765.445328] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2765.446901] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2765.460791] syz-executor.2: attempt to access beyond end of device
[ 2765.460791] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2765.462330] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2765.476835] syz-executor.7: attempt to access beyond end of device
[ 2765.476835] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2765.478314] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2765.546735] syz-executor.4: attempt to access beyond end of device
[ 2765.546735] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2765.548744] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2765.557430] syz-executor.3: attempt to access beyond end of device
[ 2765.557430] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2765.559048] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:48:23 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 74)

15:48:23 executing program 5:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file2\x00', &(0x7f0000000240)={0x10000, 0x10, 0x1}, 0x18)
symlinkat(&(0x7f0000000180)='./file1\x00', r1, &(0x7f0000000280)='./file0/file0\x00')
chdir(&(0x7f0000000140)='./file0\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
openat(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x40, 0x18)
write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220)
renameat(r3, &(0x7f00000002c0)='./file1\x00', r0, &(0x7f0000000040)='./file2\x00')
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0xfffffdef)

15:48:23 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 79)

15:48:23 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 80)

15:48:23 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 56)

15:48:23 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 58)

15:48:23 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000300)="04000000646f002000f80100000000000000000000000028fde57d8417927d7d51b01ff6bb903b4c381bca980c821bac5e8f5906b7fc3defa75dfae64885074c2e83c74422f870fb9727827fda74b16ccf3fb8eefa9e18716ef6220d8124e97d8aab7ed31f835cb55ebd5471fb73420d7d9ee2c23550c653fb375eed5c81630bc562c1f4ede186bf288a20632bae12734140dec8d6cb774b4d86c8e0e27d57ced217d1fd5b5aa454a9b364e000c5140d0c7a36fa1c05d075f0841b746df5958d1123985fe81c6eab7bfdc7e672582bf0dd0a32a6968ca13623513c9136c0ab", 0xdf}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
openat2(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0xc8440, 0x1, 0x4}, 0x18)
sendfile(r1, r1, 0x0, 0xfffffdf0)

15:48:23 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f0000000240)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x7fff)
r4 = accept4$inet(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x10, 0x80000)
r5 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r7 = mq_open(&(0x7f0000000000)='@\x00', 0xc1, 0xb2, &(0x7f0000000040)={0xa554, 0x7, 0x8001, 0x8})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r6, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, 0x0, <r8=>0x0})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r7, 0x5000943f, &(0x7f0000000500)={{}, r8, 0x12, @inherit={0x60, &(0x7f0000002940)={0x1, 0x3, 0x5, 0xffffffff, {0x28, 0x0, 0xe4, 0x8, 0x9}, [0x1, 0x13fdbcef, 0x81]}}, @subvolid=0x80000000})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r5, 0x50009418, &(0x7f0000000140)={{r6}, r8, 0x0, @inherit={0x50, &(0x7f0000000000)={0x1, 0x1, 0x10001, 0x9, {0x12, 0x9, 0x1, 0x7, 0x7}, [0x1]}}, @name="5f671eaae6e2f436cb375e0ad30a9812ae5d9c0304e0a49b1a76a4263c3fdd031590dfe2b2567d869b10cf5d9c1bf743f10c6b912b60bf1a71730b1f9e2face26bbb32bd5ea3af0901acf739b7c763ec85e5b84a3ff1a3079101efd1c594443e45398e1e8a1fdae80f66c12c83b54495703081d7e27fe15b001561d08ece6e630f99bb3c28378c912e64c3dbd2c06ec1a9e0c6acd60f233689a215ad4a77e36bb2b3bc8015dac89d28692dffa3e7ba05108337f63ab08c77e106d12971102d37a0c41fd87eda0b7d210e30317d6c705916c899a1e73f220804c02de6fef8c6c638590ac7a91acf5380875c74ac5ed63873e5cf20b5ebcb0aa4f2405ae0c146c10e18fdbddc4c5394c86d413e9f12d8e606d1d0c5eb63b75dfa9c89cc0912149b64446fe8a2fc1465b1d3913e06f63cb35fc20d4a487bfd9575167e7b1e77d146cf04f4120468e98d6ef5ca1f834dfe182fe43fb9d7f0c4e44f615c213f01d41d5c043af059891509367eccb040fbe05d30de5e49a464220dd80640617be7880c894ded5674ca975657cdae7b882d725aa691babdc7d12eac4553d02107c2f9c59439f8cbbb1b24ce43ce10bbdc1c32a0de16cd88dbc675eb83ef7be70af722eac83f63417e804704459ff117dd2b8ba536277a7e8d8190e16406372fbfd89001f45317447cfb5288e205e3ae68ebe92ff5e87888224cff58d931bfae41c7904d5d8174f3a2433f915dd56a9767e4c420b8c4ccd6b0e887490cc4fa959156e894aaab5f194e7e3da2a11e911b2e56a0146ef23dff8d7b70e5f942e6a4d9b3df651f96f4a87cdaf189d1ac137d3c35fb4fa4b44a6f476a31bc69b82b575b16025e804e8f269ccc26901cad6c302bd814837bf8073ed1fe253080dba509f01dfff6ee0fc010a022eabe1da864dc7c722b7a18f5de19b734e409c963ed4caa3510de15d94f196076da30593d8d88e96aaf7faa4d8338bc5f23b5cf33a0d54f205b78da6d3458a7b5ae8451441cfe9d4e8d921b491745c060db471aa76f80e54b8e9b3ff163a2b51a12be4627e20aef2e9a39e1baffed539f32db2bf8b22e264c569ce3b1698d62ebe928c207316396fbcda0d09478aea42ebb20982efedca7951b65e5d79c4bb1bc65a8583df6780202b0fe5c444d465871864263cf059014f51dd96e78bae71a5ccef06d55b69203b0ec534aeeb7a99448e4957c1107f43e83f70968a27126bb9afefa29aaf7ca6934fc092f50137a89532a202ca67a7542407378c7eae1aa3be663d6041119abff2cd05eb9fb5a098c9eb75fd59c2382544db9fb7e0c07e381a0c252ff93827099a94d40c355922609255b2a91b65ecc89bd870b83e43ddcc1d2685a349ce3e0d12f7e8b5638b7d9bccac3868b92a597e6255a16e008a08c1058b63315c823f8ae58a6352cfaae2b74e3c658121749e9cde9f32f73da85bb09786d76aa3bb38e4b59ec34b2b13a4453d8d76c173dee3b5bb9e695e033d6f72feb3300bf8a45db07333a528c5f562acc419ecaaf8f6cb6509203a4527488c942abfa6947477e6d7bfe2512c2e600dd331ab4a8222c03f85a94fe4ad4bfe259ecd3d9426be6a86ed803a3afce3579220e43e40bbf2440892151c8a7b58e6a62f8c7f5cb3fbdc1a8cbe355e16b05ea6e25accb5c18eab6f35edf91f0f5ada4d6e37e28890ce81a5fb74f9d5eafc87c4e4db35c2b0b2aebde879c07cd8f527b2ef330b577d8fde78aa49e4003048b230edbe603e835d9a6d4fdd0266c9b174957fba688e12eef6f220a11a0730bbe2158c0f46180970214cd2dbf37bb0e7b130fa24f1320959f9f32547c689e7cf612421a2c2e3da94a1102afa6d1c6a2e609e2fa015c29b1333c8b89e84c01dff77996570b334da82f0a2b2695ce7a44f0020b44df00e5f2919a5ce4eacce45e5162dc6974872661f976a4bad19a09c42b7463c81d4277af53909af42735cfde4d6e8787a7f3727169c25003f46888876a802adf74eb3c48b59c428bd14f25eb02d4c3d47f09599a454dd69ee8bdc45a25ed04cbf49d38b1cf7db9a44b32dcdfac56381fc713a49b13dd59e2af59060021ef38e94cae86d602f4541283a5361ea3cd04821d51e11e527329cb181708eee5355ff53ebd07f94f84a500ce2fdf67f520d5f5b3065d7e5171c370c30c1f7f12a2a3f8834760141a73ae777bfffa11a1a21d34fd79a5d6f36c29efdc88eb83bad3d414828662da8d2be2322d3228fe59bfc5adbd88e8bb57cb22b1e4fe2c0a808389ee0e3e4816cb27b884cdcbfa74f31c76ef0b3813fc3b7b6745d81a3fbee40d6b54d6ea31621588c1fda6064cbafe6fc73b9f8a59b49d8eeb53dabc1502b5449d72baa8b3fcb645c9833e47f5e8dd954d6c7d3e9accb56cedd58e76a19973cc166ecfe851a018b3c9d4c3fb7faa5a02211f7f9cbf65b5c8d74ea395079bc105430cf90a7f8b4381b55c865e273b7944fd7bcd576daa168c16a5db2b5ac48805c5cc78e8919fe0fb3f0d20fa820ed8545b0cc09bd6f2af42e38592be248c0ccc03531e3c124698b129130d22bce8fb61f05755ae528bfff8fa4a7e488e4c8ccf954ee97551a3bd7d10c730df8c76a6c9aebb186bbb3b806128b25899cd3f47b0bb6c369fb6d82a79d53451570aeb2cd8447e508ed64b2b995477bb89d9768802bec5022bcdb39b6ecfe4ae779635d12628978214947c73173768cf6ca833c3e169c998c83c8df12918d39fdc9c0d7c4b9ba8a50850e206e26c5f51b88be6eae8d92d6d63312c661151d8a173d5f3fc50358bf5f54a4b16bd6d9a6eccbfab1fbecb3e61f74c13f54fbcff8372745409498deb006b7be84d9385aac50fe592bca42372670aa023465818e8f500175c994bda45d6d183d6edb69928cae454a8fbdd1f4fa9f94ca66f69e72eb86e9ed0e345ebcb67c2d82523f293d86d1422ddd7344a3c06db84557f530b7eefb467311a9152b29fcb93a317e74928de38cd72ac06beed781f650ac02662f7e23801c2601da66e72941d084aeeea994071d71d8dcfd0c7c5b0a3f0bed910cf77b69a7a19a636bc3fa802c01fc55eab6c9afa5009a53aab1de4ee22a7554a649af76b01f3898e27518084935813dafdd2cce61c90063aa9e7ee1e1c09bf66392a4c2d7e0260d7e465805f6ca7ce5729f2e132b90167a40c7627575fd4d8bb13a1ba87bd1be6f96bc9bbaceaa2e1a397bb98752998a6bb4794b367322e1717c3f1baf7c2270a10a1b102d75690332da65e979a8b29afbaa92d27719c8ab68a5d23498fafab1cfc9fec695f026e47b88ac4bf0a60d62751e4d6e64d1ba7d94e1a37954f9b21d5af189473859ae196f9e6a94979f037e05dca9b316a739e56f469226146a6c607127e884f12154da3abf4b607c50d8e6471c4ab85dab6b97402f8bbfd59d37e7d272676183ba3e8b9238e180603274aaef42031904cbf3e308d8e8bf910a11ab7605316d9206e84d008a3fd6837b3b2aef5c4c60858af0d2e482c55dcb712f4d5848a38bd3a49b55d3722c204c3b580c026da0f3234fbda76b205a0881703df29fe26210aa3cb760b408a804aed4a9e85b0913305489d14bab5437358a6f174344f6150e5956e149a77687c7da0e2ab01387d04e22e3e67e10bcf1a338b96db5f3bb09f7773875af750f82ae2f5ae6d765b5e96397d55522a463bfc381413a96313514f51cf9baf2c84142a1c280c3f454717233597cbf3f97eefe7c0a6123b1225339b1f075729387fbe4e77094183e557bc78d5f5817e35d2646354d8a9527930d88783abfea84d4c700cddda3007c9ba2d01fa6dbbf7f33713437f381db89c6194ebc53463a787596cc6596bbda7d8a4d8737be4e095e6c7eadbfe2a97d0581d6858e410a29df7c7889d2cf945e2c59c4a3bdcadf823c52daed85c7fdc5bb77c658312f354c039221f9f9bd920a81ad51c0b0f2c4a20c170db82ec4be0d42dac0212b898a1b1eeb8870f5a7436f8afde36506f019f2d7bd3a2b4a9fba34282e59dfe644ed60cbf0bfeb04dec8cfe7f6cb1d7f7d64760150bf2b3b1a0109567e1241942231f36f5c202d47161adba64aba705b783feb2c6f076ce21df4f1650e6f91afa8b27ff21a0dd86824bd0c2f6bb525b0dbb920eb495a208de26b45e80844426d7d764c837c096236db4aed0a35d06bfd59f53d8f76784055c79fc06b7e24ea186954f51f0d9e15cbc706ffd1667fdc55638d3ba9bf17bcd0dff32c5ba572d278590318441db7df1a00cb9fc421dc9ee339aca16a0ef8386f6ff78c309eb1262777f96b1465346b5dc83ca8a50d8aef5cfd132844dc7ae18b03cf4d7086debf52c7eb01a28646e43b99ffe8fcaf1730a6b67a6cff91b0d64c76d690b7d3917f48ab8b6fd659e96a6775f7c64695df5d0335f294dbfc4ac87c750ccb6fca68dbb7bc24d52a0a08c3ca1fc3f9546f9152961df37d9eb39355a7a63d6e10ac6fb8d9b259898292f6df36f038a504eceebdb4938f2090bf0bb101119262ffda65bcace9516895facbf85fd8d942bb9de1a7da32c298f0e72bccf38815d11e3f5ad588f704f805d0b91a12e68b9414ece058338528949d0e0c1a103ceab81224a021ccdae620b3a5a40f2d74f82171d77cf021d070f6756a53fd1c9495e322d1aa54d993243176310fb60602707417e37ec0dcf327689e95a96c6edf93c67ece4c4732a3379baddba8d07846ee3cc7ce1e067d90d1497e2133f6d6e517057ac324a571b0e049d9682b9395e0d4f2fa8c774f3a182dc7c2b1477f32654ba34e0cee007c48720626fde644761e7f9e68b18b29de8c6e30ec27c22788881d06c42480bcdc102902692734990cfb15c85bf40166a8e3a53136ccbe417ef13460d36eccc4f2a1f45b1140aa008fd9e17a69cae7d52a115f52b94516071250e23fb0cddf75ca1c2631f5111472e30e53cc2bd8bfb64db8d231670d3dab3807e7f0a2847e8000e6052aaeaad6643edd391a13d75a510d85fbc16a1dc621f198bad029b619ea7d981d04627edc9ad86781a019033da7aedec0b3a7fe81657da5d2ebe23ccd873a31f846763cab753365df653cee9aa1aacfdee14ab59879b06b6339e24a90965f80b9155725f05e079274eb27476207ef2e525a58d1908b039d6d1591abb2aeb73373423d071c95376f1de0b0c8fc4b0d9f60b6e2a1df7148355bf0253770ede1c99e00c7330c0dc1886119a5eb553773567d28a429fd711fd38bdd9bfd735a0234538b8b203725c766b77af6b2bbdffaf536c0476c0916759c954134c2a6af815ee6895cc218e016d65a369f42206593cd99c4f58876bc29207c74689b818968973264d46dec74ab70bcecdd81422313801695e9aa5be785c14038e48993f74a5eee91bc3606260acadb666e1b6df42d40310dfb9e4bc012ee48afef73e8c6aea3c6c6846118944c0949e7c8c295011c62c695447246cba21e1df199dd10678c90e09286fec4c5eea89ce5016f4ac266d0772e8fab131cf2ad75a7bcd19c3bab035fd89b5887a69d740184f9007c8fa1ee9c11d7d6637b74cb358caefd002eee352b0e928b7257c8267223be334dee7ec3030c31fb39d2e2d89ddbecda80c6f853a05680cfbd9361e4d6766a134cad623ffc163cd29f699b0309f577e4b338187d0b6dce2da08f24f52b0e02cffc852bef8fd2b12ef9916833ed1e6b200f0c85ccc002ec2a1173a74ee8d87879f23a7d1dd"})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r4, 0x5000943f, &(0x7f0000000100)={{}, r8, 0x4, @inherit={0x50, &(0x7f0000000080)={0x0, 0x1, 0x4, 0xd20, {0x4, 0x0, 0x141, 0xec, 0x7}, [0x8001]}}, @name="ad0f6faf63f6fec2c0bcfc016ec36889675f65dbbed76ad34b7da295764ee2ff5037d50ac9b31cb2713e7bfbde918814b3d8692cd96f454f1eada489fea0ba0faa592cde311446e7625bae9646e02438445ce7c54cd5cac84db94099b71e738618106baa20e3cc5397cfbb63745572f0925605526f4ac93e0fc7ab80777b47f4454d6201150934c626f8f9c483afba09eb8c7616a7d20f2fb51dc15d38e398f6d7a7076350947f4e24602c0cc4c4504fc37034dfa0685596eeb9597a7ffcd6bf956aeda4aba52fb99e8010abf9a5715a85db8f563cbae8bb74154924f44cfb5f48e33f983bd25f1401c824a15784253b78b83dc1cc0c61b56296e80b458a9f5ef1a8d03af9e1f64518ef6313965d8e2a612bfa1c6ee0ba238746370adabdc022f804bad552ddb0f2198325ebbfdfaa5de4312f62d4f7f87aa3d4eb6230227887a4133c531c341e251cb734b041b4645d983832bdd44a1f47992770305c3dda172332f7dd275cd0b2155b31cf8ba80f90840a3ddde957f83e5932ec2fb0120602d23f4f277db7a6c5ceedd9a5260ca7d98db9a81bd7b759a4d5d89d0d51b9452a90d8a2f10af5492637ff0480b114312ee9ae541d96eda821e45a122c5e05bdf9c1d4208d365323bcc39228cade7797c9923a23f482c507cd9fb1eac65f7f43929b493943e0231550a2e071fe4b587259b34b51d6a159ee71cd9b598db000d959fdd11fae13332f64f334d2af930b1d66dbc39827739bd836a34f618a3cec371a2db3815e6aa2515fc2550532821df2be62f71ab3734059a2fac2024ee3bb8351154b4c86a9878226b5f3b33725f5aa07e1dadc8a8578da230d9a8fd91eeaef116c08e795b4d20ce0049629def3c4c74176890eb5b4912f1b30b8f1a71d6da85fc85a140690050a6a7cd52dcbc03926bada3c6b2996c207c5737377d846e11b5132b997d9301e9fbc00846ee4ed75f28a86779eefc6d4bd96df7798bb9f249a493e5459740062403ff0a0be8681d1f65050c7268fd8ff9132846f12a046256cdc16f53c39fdb68b2dc698766e751a882e1e115fe116f053ca6e643ea9e1e34e4a01bbafa26a20a712d2f9a81e5101509dc931b1c01768ca1d1d4daf52ab69cbb3d0c86744cda25577b7b3fb5a2fae47bcf5bc0abd19535ec6750b7af97f7e7c3ba1a28f5586d2555a6a1f6459d209f6fc0a520d19920b3ce4bc9efef8c1c5539cafb215d56b7bbdf21270ae2637ad14503d672456756ef693273ba0039cb3e7bf46305e60926584499f55a3b087c7ca8c90f7bde8fd897fad3e68385ded39c1cbcd178f885db4e7237ca823b88caa3eb38a64776c23506538e371b4cb21c88c15bd7d55c54b9687d3f111462464aeb51f547b3242ccf9a09a71ddcf6f9987d4c88fa0eea4467ec560205d1539aceefff995bf1014f1575b610663a6c727bb441806c1036ad65f168bca72e5efbe131137f855d8458f13418b6de42507230ffa1171e9bfe7133b258eaf45188dc943335deef4bcea09d470f428a27a5bd97240e3052fffeae12fa400a7e60ac551f1d83086f27931ae744422f6c4ac145aac62f4cd2a01204dc1702f198f4d9204df2b2e5f48da897143b2604273faeb126fc74104bec68ff8c7ceb8e82c6e23208f724ab660e3d1a0ec087f0ca1a4876b0b19dfd8dd7d666f80b035a1f19f5e539841a2a6a9a1140037d8f4be0c8241a37cbcabbc71fa2b3e30316acf0d4fa88fe80a029fcb320a567bb2b78be3b964910c0e7d796882c248d6631d6f9fa88fa8c042af05fac984664d4439d397355c1ac73f31b32d98403290135ce57448943d1a46ca90a5b0ca3e93f5f602632e8414585c508c52c9d8a8d052322b2b6ba7d9195f4bd8987997e7a56ea9fec2e55eb336204a522a2ebaa19501378d9f10f07661a15ff4651015db35f91365e590eca89f3bd9eb3594e4525587161c9ee2fe15aa492b257eea198917de8d7cc8e1f8fccf92fcf7c68da72cc7ba6a143ecd2a995a2bbdfe0e7cdfe3578e43c36225eda29dca13ec46b669a4f546739e70fb779062072332e5f61072ac646cd3a0ea6123a634f155bc7f0d90be2aeb646c32baeeb7cdf912e0c8709a34c358a57010ec5b77a75033fd2bc570dac4510d2f93402b5b999f753651804cc784a285a8fd95c9698b0fc6958326394e71c1e1f650c207587bca962b9abc9197c8f6ce9940695cca300348e56afc61c566e70849879333c977b1ccbe9496d2496ac40ffb9a042fade2eeebc73dbf16ac058e0614fb924cb22fb609633e1f11fcf6079b346638abba7aa820f8cfe774f2c0c4854ad44effbad7342fc47b24f794e1f4fb41a6060d10bbbb15e465fe54aea68ed39456ab3b2f2c81f1b4b1977b9cbce30c8e9aa79dd93d31edfdf95e0e87573529cd2877de7ace5006657765dee8183c384b855523f256d44d330643d1e2dc7efc2032ee414ed593392f45f150421e6d5e5f584529b6f9d1b8d870c03768edac851393317bcec15eb116cfccb17959d1f2b1b6ff4b453b717cf39dc100fcfc25932506502e0a0c32b968a9835e11432fcd6338f33ec303373b9056d8edc20297031e41d05266cdcfcf7bf0c078137df1cac1ad18a04147f0194f81dc6c3566da63b78b42c5715ce8e9b44ba30d5ae6d9263c7016598ce4e2e4a2a470af2459dc7ce3c8a452f1850b4dd1c30e7a6ae8c327b4cfe8a65c0b6386f89d23f449c60d2067e97f206c5c94538e7c4ca3c357a450b9f30ae15c797fab1f6e522c7dd34a821c7e10093e383297fe13d593089abc1abab9d1161a54b9869b49c9bb65ff34db1b499bff6c1e7c52384d8f5bb0705946dd192ebdd44bcc5ac7d771b80bad32ac2c89f19f5573f7e034b85317c6abb00faa0036cf45e1ada4678074c2f8ecf741ee29466152686d5773030f6e6569d0c57e8629f663fb61ee39753a4188fca79c001d26ab0bbd16180400f00db01aa708140a9d47fab700cdfa40609b3d658b215e01d9743ae1bd276bcfcda4f0d8eb82604d54ac5081237d6cdb85f27e1bc7cf77fe776ed5567a0d7e5f3508781b2775bc4d256e82f5cdf1b7ce24d3e152f10caf4802b21e0dd8211b8f6f6d5f0ed608ba6c182c035b485b904e92f9a9525eb94c4b40bc111283e3ea3e804f23846f7ee9542acb83e6592a66e588c754cc2007ee08b98bee4f837d02bf405d9c5afb76812157abbb283461b836a23d013f44ed9d89555dea553c800b5e530e74eeb9c146d327cbdd8661f5da93c7da6ffbd57e3722dfb19d96e7131ccc5f5dda352442c7434c39b827b6a15db7d5f24ae465f0f76cc778ccf63591342bc67d60f65b07f44547dca4dd76ef88c43859fa5d9fbb9b45856c085968179cc7f2d9f40e573dd75d4c1eafab5eb0c42dd0caa1166c1188b07c5eb8823b8b27f0399735aee92b086a3d3b720c920a64564cf70a0f1f46b78c9f8c3b52c449e178463851d31cb2b9c8e844fa0f2627a2f8fba5d339718d93fd318a89eb45fda7345beddf82789a2962a5cda1f3f626875beda5a8ff0052478da71b508e342aee7460f2b017f4d5d6d7af159751d67c1a26b48a24aa7a625f0142c308507bc2dd05da6594a68ffee1a76ab1d76a005bef5e8bd0e1be71d53f57dc65030f1d5f08af27cf752c168f380839fa05571d835ce687c55c0f10408c6243b958347aeeeeec128662a32a4309252a9bc49951fc69a5e3d12a93a28891e6e59c509cbdaba7dcdcfe05ab6c4abcd115cb4db5fdcf981089eac6ec5046661ebf9f861d02d1b4d49b363371dbea97b2a7df5a1a7175016131c294dd4ae9492e1548f98925960b5564fd12b218335055d39a433c1fbf894213839ddcf47bb3933c2225b73692f7709dec7dbfbcd2dbe8aa810bac68b1d82d27da09a752ef98a1d17a241b017485bc6465c0d075bd9f6cfb2a111e7febf912484144a123a31dd989cd226f72f20b8a931398fab335ce782d451f50ac0c1170fe84b7f35fdc4a22647cc35b4deb9a70adae54513d5a2a6a22604c5d3a844590777b9c96340598f194274989d51f439d44241f58859262e30effe18c953225902914c5a791c8cc5e8314f0011a5d5bbcb458c0e354e95bb8b1c223b191973e6eb64cfadb29a46c9b83b26135c81a9cf76d641feb2f178ab35877c63dbe5f8989c7e61a9961d3575f2b74d690aca5a0c7de92b9f0e43f2f910bba256f78ae5b44ae5f5bb16eb379d5c1dbf3ab53bb867c1b0891f519cbd800b1ecce8367fbbfc73a3e02e9d044835747620446388fa212c45c88f2d35b5ad5dc4487b72666cbd2b46f75df162d493ff8377cd56761643f4b9a146153dd6b061d83dd489615ea072f674d0a8847320002b730644d54416d5dde072f8d893eefef056fb981d546871556ae55a384e7d28572ef808828f9a5832792906b0adc47062c782005f046f72768ce9abae593a4a716505d4f733700f5bebb55a5736f370f5b7ff15c09bbe68c961731b99440381eb5d241119a47653e2c79116b62ada59688097fb8250023bcca73302bbc79cd6db0ab402cad4c9c102a8945dc6bf981fbef0d288c154b849808255b787526152d5c57e31a1f8a3843b30ac8fc2a858ea10f91f17bebcc1066e2f5e23b80ea97a03809d1551bd05bfd6dafded468f72a37a17d76bb39f1d4d55839d3dc1d8a701ed5cdac4d32bb2fd0c6218d1366831dd93b739b94f1a377c2e97708dc0770a829433a14db8d8587f3ac2709dc642fdc820d6399162681684766865a1f262a106a1420712d0791aaedd626241342f0e3fc97906f6c813b42e6c7c9b63388e46615289beb12117ad90bbf6382cf895dc1e9c667fd6a60e33684acb11b32ef95d3b4d3b6ccddf7796895e1e7548be3fe62986a120cc5562abfe0dac2ad16035341cce011df9ffbc24547db22f8c38d9f87cd4f3c4173513d76b0d6d11a0da9ca7c96ecf02785e8d100dc58ec7944d32ed7d8510ee97a588e41853d8e346c69c6084102445a0b17e33a7486cd25f9c533420e6675c831dfa59741180711b12bc8239f0d31291c5c00cf668e481e130cae962a4345455aa9766a8f2b788f418c3c45f9cde7c6571b6dbf8054de90d4b5082194f7c7a20f9b55bfc6f696f84e5fbc763f87549c28b83946c5d0595ab57afc0754f2cb47d7f9d9451962b63d515c82e81a786cf8d0d0c086dcfa291d949f8f02eaf2713200fd18a94158c9ebc9018a5f781a2bb451accd41158bdc3fa470df85d9238c37a1237e8fbe43378ad873b584d587eb9a35bffbade6736a2db8f34b596d450017cfe5f3e9ad1676ddde5732469e1ead8bb4aa5233356c2b768e7de1d9d715de4d3141ce5d96f38aa50d840b4c8daa921f83c2becc6dfe4ff9961a0f5c914b82fd7f0c3a9f05e7b7f9e17393a0f2baa7a1757d7bb5c1ca5de37daaacc313ac35be3e68e098d88beac1933922dcf282275f65e4e2b91d9af474bac71bdd548abe62b2232bd4a176361a11be4ca85a9dc81dbee0f6532d76d46a60458af318bcfd10d51a8d0e9efea436773fea1add219e19799329aa0c3befc9a4d5795c248d1301e973488370530305250447b84525064cc085850c566862a64ff8de0c6ddcb342dbd31515a79be6fc65cf814a99f995ba3f33ce6b65e5684acdc956b21b65f6571c7001e275b02a9eb69c5a60820930132949bfffa9109845673b181c0d051b18ec98e1d6e0e6875d66"})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f00000004c0)={{r3}, r8, 0x10, @unused=[0x7fffffff, 0x3f, 0x3, 0x3], @subvolid=0xb1})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000640)={"28c8a5c61d2e1ecde741c7de30165a57", r8, 0x0, {0x8, 0x5}, {0x1, 0x8}, 0x8000, [0x3ff, 0x8, 0x4, 0xfffffffffffffd72, 0x2b1a, 0x2c5, 0x4, 0x7, 0x7fff, 0x40, 0x341, 0x1, 0x6c, 0x5, 0x266c, 0xaff1]})
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2779.360693] loop2: detected capacity change from 0 to 40
[ 2779.415269] loop5: detected capacity change from 0 to 40
[ 2779.420859] loop7: detected capacity change from 0 to 40
[ 2779.424908] syz-executor.2: attempt to access beyond end of device
[ 2779.424908] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2779.426468] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2779.431467] loop4: detected capacity change from 0 to 40
[ 2779.437869] loop6: detected capacity change from 0 to 40
[ 2779.441079] loop0: detected capacity change from 0 to 40
[ 2779.442415] loop3: detected capacity change from 0 to 40
[ 2779.463942] FAT-fs (loop4): bogus number of reserved sectors
[ 2779.465018] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 2779.505092] syz-executor.5: attempt to access beyond end of device
[ 2779.505092] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2779.506799] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:48:24 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 59)

[ 2779.537849] syz-executor.7: attempt to access beyond end of device
[ 2779.537849] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2779.539428] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2779.591872] syz-executor.0: attempt to access beyond end of device
[ 2779.591872] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2779.593666] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2779.614067] syz-executor.6: attempt to access beyond end of device
[ 2779.614067] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2779.615621] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2779.627822] syz-executor.3: attempt to access beyond end of device
[ 2779.627822] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2779.629399] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2779.702606] loop2: detected capacity change from 0 to 40
15:48:24 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 57)

15:48:24 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 75)

[ 2779.729787] FAULT_INJECTION: forcing a failure.
[ 2779.729787] name failslab, interval 1, probability 0, space 0, times 0
[ 2779.731313] CPU: 1 PID: 11700 Comm: syz-executor.2 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2779.732447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2779.733445] Call Trace:
[ 2779.733777]  <TASK>
[ 2779.734067]  dump_stack_lvl+0xc1/0xf0
[ 2779.734579]  should_fail_ex+0x4b4/0x5b0
[ 2779.735122]  should_failslab+0x9/0x20
[ 2779.735624]  __kmem_cache_alloc_node+0x5b/0x310
[ 2779.736229]  ? iter_file_splice_write+0x169/0xcb0
[ 2779.736874]  ? iter_file_splice_write+0x169/0xcb0
[ 2779.737495]  __kmalloc+0x4a/0x160
[ 2779.737952]  iter_file_splice_write+0x169/0xcb0
[ 2779.738578]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2779.739245]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2779.739934]  ? inode_security+0x105/0x140
[ 2779.740506]  ? security_file_permission+0xb5/0xe0
[ 2779.741120]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2779.741786]  direct_splice_actor+0x113/0x180
[ 2779.742372]  splice_direct_to_actor+0x33a/0x8c0
[ 2779.742976]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2779.743614]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2779.744271]  ? security_file_permission+0xb5/0xe0
[ 2779.744896]  do_splice_direct+0x1bc/0x290
[ 2779.745435]  ? __pfx_do_splice_direct+0x10/0x10
[ 2779.746047]  ? lock_is_held_type+0x9f/0x120
[ 2779.746641]  do_sendfile+0xb1d/0x12b0
[ 2779.747147]  ? __pfx_do_sendfile+0x10/0x10
[ 2779.747699]  __x64_sys_sendfile64+0x1d5/0x210
[ 2779.748275]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2779.748931]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2779.749605]  do_syscall_64+0x3f/0x90
[ 2779.750079]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2779.750719] RIP: 0033:0x7fe077f6cb19
[ 2779.751187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2779.753376] RSP: 002b:00007fe0754e2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2779.754306] RAX: ffffffffffffffda RBX: 00007fe07807ff60 RCX: 00007fe077f6cb19
[ 2779.755184] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2779.756052] RBP: 00007fe0754e21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2779.756929] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2779.757785] R13: 00007ffda5f9e29f R14: 00007fe0754e2300 R15: 0000000000022000
[ 2779.758678]  </TASK>
[ 2779.777435] loop4: detected capacity change from 0 to 40
15:48:24 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 81)

15:48:24 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 80)

[ 2779.782743] FAT-fs (loop4): Unrecognized mount option "./file0" or missing value
15:48:24 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 60)

[ 2779.912144] loop6: detected capacity change from 0 to 40
[ 2779.916036] loop7: detected capacity change from 0 to 40
[ 2779.922966] loop0: detected capacity change from 0 to 40
15:48:24 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2779.944294] loop3: detected capacity change from 0 to 40
[ 2779.983197] loop2: detected capacity change from 0 to 40
[ 2779.999535] loop4: detected capacity change from 0 to 40
[ 2780.008337] syz-executor.6: attempt to access beyond end of device
[ 2780.008337] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2780.009743] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2780.054077] syz-executor.7: attempt to access beyond end of device
[ 2780.054077] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2780.055326] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2780.057671] syz-executor.0: attempt to access beyond end of device
[ 2780.057671] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2780.058887] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2780.084414] syz-executor.3: attempt to access beyond end of device
[ 2780.084414] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2780.085761] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:48:24 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 81)

[ 2780.264512] loop6: detected capacity change from 0 to 40
15:48:38 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
chroot(&(0x7f0000000000)='./file1\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(r0, &(0x7f0000000100)='./file1\x00', 0x202a00, 0x10)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:48:38 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 82)

15:48:38 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 76)

15:48:38 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 58)

15:48:38 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 82)

15:48:38 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 61)

15:48:38 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x10001, 0x2}, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
openat(r1, &(0x7f0000000000)='\x00', 0x40000, 0x22)

[ 2794.126724] loop5: detected capacity change from 0 to 40
[ 2794.126760] loop7: detected capacity change from 0 to 40
[ 2794.129681] loop3: detected capacity change from 0 to 40
[ 2794.130879] loop2: detected capacity change from 0 to 40
15:48:38 executing program 5:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000240)={0x0, 0xb, {0x78c7, @struct={0x4, 0x5}, <r3=>0x0, 0x81, 0x80, 0x1ff, 0x5, 0x8001, 0x448, @struct={0xd770, 0x9}, 0xff, 0x401, [0x1, 0x80, 0x6e, 0x10000, 0x1, 0x7fffffff]}, {0x1, @struct={0x101, 0x3ff}, 0x0, 0x0, 0x8001, 0x8, 0x8, 0x4, 0x80, @usage=0x101, 0x3, 0x800, [0x3, 0x6d7, 0x7fff, 0x80000001, 0xe4a, 0x8]}, {0x10000, @usage=0x8, 0x0, 0x38000000000000, 0x401, 0x506, 0xff, 0x8001, 0x80, @struct={0x4, 0x8}, 0x6, 0x4, [0x6, 0x4, 0x5, 0x10000, 0x975, 0x9]}, {0x0, 0x8, 0x40}})
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000000640)={0x1, 0x2, {0x7, @usage=0x2, r3, 0x2, 0x5, 0xffffffff, 0xff, 0x3, 0x24, @struct={0x0, 0x10000}, 0x9, 0x99, [0xffffffffffffccd9, 0x400, 0x2, 0x6, 0x8, 0x8000]}, {0x1000, @usage=0x1, 0x0, 0x80, 0x100000000, 0x100000001, 0x5, 0x81, 0x0, @struct={0x5, 0x2}, 0xfffffff7, 0x0, [0x3, 0x7, 0x80000001, 0x3, 0x101, 0x7f]}, {0x2, @struct={0x6, 0x2}, 0x0, 0xe6aa, 0xe358, 0x20, 0x3f, 0x8001, 0x0, @usage=0x3, 0x2, 0x20, [0x4, 0x4, 0xffff, 0x6, 0x9, 0x9]}, {0x3, 0xfffffffffffffdb6, 0x100000000}})
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x80242, 0x4)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2794.133834] loop0: detected capacity change from 0 to 40
[ 2794.147365] loop6: detected capacity change from 0 to 40
[ 2794.174323] bio_check_eod: 3 callbacks suppressed
[ 2794.174335] syz-executor.3: attempt to access beyond end of device
[ 2794.174335] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2794.175518] buffer_io_error: 3 callbacks suppressed
[ 2794.175526] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2794.178430] syz-executor.5: attempt to access beyond end of device
[ 2794.178430] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2794.179310] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2794.181298] loop4: detected capacity change from 0 to 40
[ 2794.181365] syz-executor.2: attempt to access beyond end of device
[ 2794.181365] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2794.182831] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2794.215259] syz-executor.6: attempt to access beyond end of device
[ 2794.215259] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2794.216249] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:48:38 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 83)

15:48:38 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 62)

[ 2794.235571] syz-executor.0: attempt to access beyond end of device
[ 2794.235571] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2794.237329] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2794.250826] syz-executor.7: attempt to access beyond end of device
[ 2794.250826] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2794.252585] Buffer I/O error on dev loop7, logical block 10, lost async page write
15:48:38 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 83)

[ 2794.280353] syz-executor.4: attempt to access beyond end of device
[ 2794.280353] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2794.282250] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2794.294136] loop2: detected capacity change from 0 to 40
[ 2794.296080] loop3: detected capacity change from 0 to 40
15:48:38 executing program 5:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
unlink(&(0x7f0000000000)='./file0\x00')
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="cc009c015500000070020000e682000007020000610f0000000000000000000099a41237612998428cb396c3ca361cb9903864b991399bb00df8ddd1f8d380f7c1ec41a544e801689a9f8f275421e651a17504e791651b0ed3237007c69a90df8818906c012ab3640f6b09f4544a113e1e950000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d6de000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000277fb1ff00"/2674], 0xa72)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000cc0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f0000000d80)=ANY=[@ANYBLOB="010000000100000018000000e7826e2a24bc8e406ce28515bf2732638236be635fe70c044e5ef1d71b36719ba3b5f586979fe8744b75d84fc9e8c03ab60055821b385edc1c55dc372d22cdfdc5", @ANYRES32=r1, @ANYBLOB="01000000000000002e2f66696c653100"])
mount(&(0x7f0000000040)=@md0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000180)='ecryptfs\x00', 0x840, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x114)
r4 = open_tree(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x9000)
write$binfmt_aout(r4, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r1, 0x0, 0xfffffdef)

15:48:38 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 59)

15:48:38 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = syz_open_dev$vcsu(&(0x7f0000000000), 0xffffffffffff0000, 0xa000)
fcntl$getownex(r2, 0x10, &(0x7f0000000040))
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2794.318397] syz-executor.4: attempt to access beyond end of device
[ 2794.318397] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2794.320125] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:48:38 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 77)

[ 2794.357007] loop6: detected capacity change from 0 to 40
[ 2794.359766] syz-executor.2: attempt to access beyond end of device
[ 2794.359766] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2794.360595] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2794.362075] syz-executor.3: attempt to access beyond end of device
[ 2794.362075] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2794.363023] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2794.385444] loop7: detected capacity change from 0 to 40
15:48:38 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 84)

15:48:38 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 63)

[ 2794.408188] loop5: detected capacity change from 0 to 40
[ 2794.430127] loop0: detected capacity change from 0 to 40
15:48:38 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$nfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x7, 0x9, &(0x7f0000000700)=[{&(0x7f0000000180)="e7a5f19f6d1f67106de34b4d416fec9b74cdd5c02dfa1a595d51e9639d2a031a2ba579172b3d29768f442fdb9f4b91f5320a8e1e8e4b2b6f99c88132278d42677eed67c49c32e1ff430c9a7f1ff21219e75012dca25b2bde164ec9c4fb9ce15c77569b87c12e125ca349", 0x6a, 0x16}, {&(0x7f00000000c0), 0x0, 0x7}, {&(0x7f0000000240)="d46beae4617065829f32407544e72fe290191fad822dec0e13db", 0x1a, 0x8001}, {&(0x7f0000000300)="635a6c0bc554c28b3d55ba11cdcb2071cff643ae30c8216ed44c403700f8909d3e0037b104797d72b19f55f2ebf77780822c65869b5cd71b", 0x38, 0x566}, {&(0x7f0000000340)="20d7be415f88a43ea9766ddcc9f7dc4b96d9920b0e2c9ab2a347b6fe3fe0d7900aa514280085fc6807cba9715d9ed1e69a64cdee76a7b94eead7b20644be3d07131df4a7497299c95a124b4c877c0f99fa3c39279d00a9c7d4f56263b33755aa4e4aa40502619cc8ca525bfdd1f97b897ac56c4ae927a7f844c037fa7c06de1a9d3a4a7bc0ee159d6bbdde25953c47ea6825583918df90012a2ea1a52bda1cfe5b61c73b28f6f2a9ffd3ef37", 0xac}, {&(0x7f0000000400)="f095c7ce8768808fcbad88ca287ff5d2816b068edf08d99fef1a3d6f86aba99dfb156ecce7086115b4813f51df062f7370fe0453f1343f1d81b79722677709df56937b635c7e6928c9db55fe9ddd7bd81368f047ecb67d5ba664f5d48a38b5d3f4b478bfd5f21a20df8d303049b9149100f20e0182c8a00df383017739c83e7230a9dca8b29e2f7002d49fc23f3ec377ad19b12f0516ec0422ca594cfc3046dfb9dc59a002c493e1c8ffd52d6ba7efb8e844fef4d08717a407ed0b2630266ac80f550cd90e6b84b3bcde1036e5701fb70bb7088eb866280c853c", 0xda, 0xff}, {&(0x7f0000000500)="086ffabda642c2bf3f61150d9e7065550806916e5d7c45776b123166efe5ca73226243c754215f687ec753d3f39e8dc7a9cdca751a0fea9f9be410cf07ae24c7326cf657a364ebb71ecbfe024524bd4480298a51324b7cd6e74ec6419255569b89f0e64f14896c9bf892ccfaa9119708c04b8c60f942e988d82b89ec8fb3b16aeeeee50e0af7dec7504195fd0a957ff1ce79e6bfe640515d2773f7eadcb26ec75a42b9c8999e90c202afebcdb8efa35a7cfea48a26e88256cb28", 0xba, 0x800}, {&(0x7f00000005c0)="49f57a20a2056dd4ef873f4181984a78326faabfdb20c34439fac714dfb098173d16e4e8c59b31d63b92c9945175e1da15f5105ab0f7d14a3e0d2eb270577890182f514479f306978312597d4284628145092ebfd2583a9e4f353c710e1dddfcf3d111b49a21b95cd56bf147663cecb49fc4261adbf1f88dbf1edcc634c0ed8e026f9715c8b9381e5a4bc79d3a649d29d57c38a032a186f1573b5d034d46ab57", 0xa0, 0xc8f}, {&(0x7f0000000680)="bb4c494588c3d587eec5cb70de1ea6eb3ed9659028cb1b2ba6cbb3b158215c6efbba3f4af6c785fd24344d4dfceb32f91f034cd9d6dbfc73687fa23c2ea26a5adbb6c1b98f81d7495035b22979b9ca234b6b07b7fa67cd53023e80f4a9a49ded883f10e09d87fcef5970f42c3d22a7e33cb801568a649911fddbf025", 0x7c, 0x2}], 0x7c808, &(0x7f0000000800)={[{}, {'vfat\x00'}, {'vfat\x00'}, {'.-*\''}, {'vfat\x00'}], [{@euid_lt}, {@smackfsdef={'smackfsdef', 0x3d, '!/('}}, {@fsuuid={'fsuuid', 0x3d, {[0x0, 0x19, 0x33, 0x66, 0x66, 0x37, 0x30, 0x37], 0x2d, [0x35, 0x39, 0x55, 0x34], 0x2d, [0x36, 0x64, 0x36, 0x3], 0x2d, [0x39, 0x36, 0x35, 0x38], 0x2d, [0x32, 0x30, 0x66, 0x35, 0x36, 0x61, 0x33, 0x63]}}}, {@fsmagic={'fsmagic', 0x3d, 0x2}}]})
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2794.496828] loop2: detected capacity change from 0 to 40
[ 2794.518032] loop3: detected capacity change from 0 to 40
[ 2794.543319] loop4: detected capacity change from 0 to 40
15:48:53 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 84)

15:48:53 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 78)

15:48:53 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f00000017c0)={{0x1, 0x1, 0x18, <r3=>r0, {0xfffff927}}, './file1\x00'})
openat(r3, &(0x7f0000001800)='./file0\x00', 0x80000, 0x1)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:48:53 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = fsopen(&(0x7f0000000040)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
renameat(r1, &(0x7f00000001c0)='./file0/file0\x00', 0xffffffffffffffff, 0x0)
fsopen(&(0x7f0000000040)='proc\x00', 0x0)
r2 = fsopen(&(0x7f0000000040)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x2, 0x2, 0x5, 0x3f})
chdir(&(0x7f0000000140)='./file0\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r4, &(0x7f0000001180)=ANY=[], 0x220)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='uid_map\x00')
pread64(r5, &(0x7f0000009780)=""/112, 0x70, 0x2)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r6 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r3, r6, &(0x7f0000000000)=0xfff, 0x1)

15:48:53 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 64)

15:48:53 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
dup2(r2, r3)

15:48:53 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 85)

15:48:53 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 60)

[ 2809.046499] loop7: detected capacity change from 0 to 40
[ 2809.049857] loop4: detected capacity change from 0 to 40
[ 2809.051420] loop0: detected capacity change from 0 to 40
[ 2809.062813] loop3: detected capacity change from 0 to 40
[ 2809.081793] loop5: detected capacity change from 0 to 40
[ 2809.087603] bio_check_eod: 7 callbacks suppressed
[ 2809.087613] syz-executor.7: attempt to access beyond end of device
[ 2809.087613] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2809.087949] loop6: detected capacity change from 0 to 40
[ 2809.089234] buffer_io_error: 7 callbacks suppressed
[ 2809.089243] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2809.096686] loop2: detected capacity change from 0 to 40
[ 2809.121761] syz-executor.0: attempt to access beyond end of device
[ 2809.121761] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2809.123742] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:48:53 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 61)

[ 2809.188817] syz-executor.3: attempt to access beyond end of device
[ 2809.188817] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2809.190608] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:48:53 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 79)

[ 2809.207595] syz-executor.5: attempt to access beyond end of device
[ 2809.207595] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2809.209411] Buffer I/O error on dev loop5, logical block 10, lost async page write
[ 2809.229970] syz-executor.2: attempt to access beyond end of device
[ 2809.229970] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2809.231776] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2809.243025] syz-executor.5: attempt to access beyond end of device
[ 2809.243025] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2809.244515] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:48:53 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 86)

15:48:53 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 65)

[ 2809.373852] syz-executor.6: attempt to access beyond end of device
[ 2809.373852] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2809.375366] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2809.396215] loop2: detected capacity change from 0 to 40
15:48:53 executing program 5:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
lsetxattr$security_ima(&(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000740)=ANY=[@ANYBLOB="02720763532a06000000db3a5fe582298f1a27a4b0f73a360d7273ff488e74644a3e3e61303d12bdacc2e86355920f7cece34abe7ba02a87855150c32445df0900dbda19874f2696d1718bbd7e04be44afce999bd4420f7b3859d8f17d8afb36b69a076bb84930e3e69e1e5f173ac8798d035834adfe0e2d6dd53b3fb84a5c96ba97e5ad72bbed07272c2e0d8f02558fb89089d720553503c95aabfd13383f4b5ba1c280e7bac0460413a061268fde7e6e4d3f97b7fd7955ef2470deb6c0ce3f60c0b90e288d99117900aa7852750c84e19931757a6f544bdbed31d8191a7fc9f55d55638e542695236b289a4f3ba44c19d71a497b60c574ec73c3628d43e360825d0906eb38b6a3fb60c5e6ea85991d9800b6f4c5c5b454dae3ee3a0039fc60c17105369be91729f07eadb6c198482c3f32d5ff695b2c4e93659e8add94eaded91fd26d8d01e2be7fca567298c99cd40940c84f9b4c15951982adc5f1b03217eafe3ddee0b4c4f3c8bd0523baeb878cc09630e30300262cff4ce452d020bb11a72cc9a540576c03ff7ed3dc3390475d086055bbaa7d1189fad869e436669db3cd876ad0eafe6da7c8f80df041056d68dd7db87d1a3e67ed77072a92c0d50f840f0fb22900bced70e5a1caccfd88a01ebbea9bae23a7360ee52e239c184162c0d9928a612c75fea07a562f764ed691125e7d3230cf24d04760b9ee3bc9ba965eace947efcac112"], 0x14, 0x1)
pwritev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="aa9ae1295b28058b03aaa8f7709f77d916288262780d341bbea1d52e83bb8162709846bfe30cfcf05d1bb646acb960c8c2a677baec3596b8570f80e7f32fd8f3f375e1b7", 0x44}, {&(0x7f0000000240)="8c1faf04077681dceb7c1f8da1a607e272f3857b24280fc16bbc3aca249d7331b24d892284b64b24b0dff905abcd568bac4fa7a6dfca0739a4341789308a7cdd94380a2aed203dee14d651a51a8fb3137a4b8ea2cdfe1711c2394f5867e4747a6fc83a82f8e8d8c596496a0109d56659cb3d4ee560642a953753cb581640200fe852348263a2f8fa0ebebd252ffdaada6ca7ce2f73aa4d48afded6252760735524f189ce87ff91cf69dc2b35c990c5c9171272f2fae2bf55e446522ad19ab2a43a3e8e08156ca9be19e5b5db020ab66c7bbb7e0778", 0xd5}, {&(0x7f0000000340)="32e9611ecf42b34d40da32a229c7445bbe024ec4880effdef6ccb2c58f93bc6080042c5f62e4e752c70ffb52d00077610a0387aeb183cb1faf061e5bfdc489c65166584dfa7b2e7f9bb7ca0727205bfab159bfb52586439b970d9ba26a00cc425da0d081c57d25df76c99fd0706765da3ffc1af7689fd9ea8f4d6fa304eb8544dcf343f0ed6e4904d5e9fe5f560f988e15fb8cd49431a1dcba5c00168f15ae067afa9cc01ed96d00c2eaf2cc7e49d0b628aa1ab4c1839b050792bfa1ab7440bcbdd6d25497aa01549ce4b75339b2620c90b3c5f6669f1787eb14d889b2f7e8ba", 0xe0}, {&(0x7f0000000440)="f833420805c095d8f4ad5c453730dd9f5ae75cd0f6fc8273a7d30d82d25cd128e3bf0979f64f30a38f7a30dd24810f859d9bd849e3b271304bcbc751bbba77a92b283e101abb1a945f9639d44a37ac4ebb835f8f331cf4fdcc958d41bc0ca4e4b00ad988572259ae16cc9d3b63dd79e8bbc608af4a3d3c8cf98ae3a1bd6a4a9f7f99328333f8b3c3e24f2460950504188b6dfb13de36864986c49f4059ceb4ddd15a767465", 0xa5}], 0x4, 0x8, 0x87)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xfffffdef)

[ 2809.424587] loop0: detected capacity change from 0 to 40
[ 2809.437062] FAULT_INJECTION: forcing a failure.
[ 2809.437062] name failslab, interval 1, probability 0, space 0, times 0
[ 2809.438478] CPU: 1 PID: 11809 Comm: syz-executor.2 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2809.439484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2809.440351] loop7: detected capacity change from 0 to 40
[ 2809.440476] Call Trace:
[ 2809.440487]  <TASK>
[ 2809.441768]  dump_stack_lvl+0xc1/0xf0
[ 2809.442284]  should_fail_ex+0x4b4/0x5b0
[ 2809.442812]  should_failslab+0x9/0x20
[ 2809.443310]  __kmem_cache_alloc_node+0x5b/0x310
[ 2809.443919]  ? iter_file_splice_write+0x169/0xcb0
[ 2809.444553]  ? iter_file_splice_write+0x169/0xcb0
[ 2809.445199]  __kmalloc+0x4a/0x160
[ 2809.445665]  iter_file_splice_write+0x169/0xcb0
[ 2809.446288]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2809.446982]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2809.447704]  ? inode_security+0x105/0x140
[ 2809.448280]  ? security_file_permission+0xb5/0xe0
[ 2809.448951]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2809.449638]  direct_splice_actor+0x113/0x180
[ 2809.450243]  splice_direct_to_actor+0x33a/0x8c0
[ 2809.450878]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2809.451553]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2809.452243]  ? security_file_permission+0xb5/0xe0
[ 2809.452903]  do_splice_direct+0x1bc/0x290
[ 2809.453461]  ? __pfx_do_splice_direct+0x10/0x10
[ 2809.454096]  ? lock_is_held_type+0x9f/0x120
[ 2809.454702]  do_sendfile+0xb1d/0x12b0
[ 2809.455231]  ? __pfx_do_sendfile+0x10/0x10
[ 2809.455807]  __x64_sys_sendfile64+0x1d5/0x210
[ 2809.456418]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2809.457112]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2809.457809]  do_syscall_64+0x3f/0x90
[ 2809.458308]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2809.458968] RIP: 0033:0x7fe077f6cb19
[ 2809.459462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2809.461760] RSP: 002b:00007fe0754e2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2809.462734] RAX: ffffffffffffffda RBX: 00007fe07807ff60 RCX: 00007fe077f6cb19
[ 2809.463643] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2809.464564] RBP: 00007fe0754e21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2809.465481] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2809.466398] R13: 00007ffda5f9e29f R14: 00007fe0754e2300 R15: 0000000000022000
[ 2809.467340]  </TASK>
15:48:54 executing program 4:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r3=>r0}, './file0\x00'})
openat(r3, &(0x7f00000000c0)='./file1\x00', 0x2, 0x10)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2809.481955] loop3: detected capacity change from 0 to 40
15:48:54 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 85)

15:48:54 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 66)

[ 2809.574001] syz-executor.7: attempt to access beyond end of device
[ 2809.574001] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2809.575722] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2809.626394] syz-executor.0: attempt to access beyond end of device
[ 2809.626394] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2809.627982] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2809.633745] loop5: detected capacity change from 0 to 40
[ 2809.666512] loop2: detected capacity change from 0 to 40
[ 2809.673974] syz-executor.3: attempt to access beyond end of device
[ 2809.673974] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2809.675673] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2809.679805] loop4: detected capacity change from 0 to 40
[ 2809.679984] loop6: detected capacity change from 0 to 40
15:49:07 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 62)

15:49:07 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 67)

15:49:07 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/fib_triestat\x00')
sendfile(r1, r2, &(0x7f0000000400)=0x43b51c02, 0x28000000)
r3 = openat(r0, &(0x7f0000000440)='./file1\x00', 0x100, 0x10)
r4 = openat(r3, &(0x7f0000000480)='./file0\x00', 0x2400, 0xa8)
r5 = openat(r4, &(0x7f00000004c0)='./file1\x00', 0x80000, 0x62)
openat(r5, &(0x7f0000000500)='./file1\x00', 0x4400, 0x99)
r6 = syz_mount_image$nfs4(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2, 0x2, &(0x7f0000000180)=[{&(0x7f0000000240)="5ebeb1e75025642f6d1d6e3baa02071420366f9a5753702cda99476dac93baa85fd489eff2127e1c3d8a11bb9480c5d856f1f40450c3c9d42722b32d0f40945baa2652a4f5901009148ad3ccf5cc2d52fabbe951805b78fcb568f4bea21ff3e32deb13c7e603b878d7374663f9ab38de0b50b205e522070f4672370835ac341a4af07bca8c286977da822c5c", 0x8c, 0x4}, {&(0x7f00000000c0)="ab609979284c871990287e74bc38dd1d424abdf8a65be13a881bcc101b4357d5342ae8180ba8629112af54ca77c434", 0x2f, 0x5}], 0x2000800, &(0x7f0000000300)={[{'o,'}], [{@audit}, {@seclabel}, {@fsuuid={'fsuuid', 0x3d, {[0x66, 0x5b, 0x66, 0x34, 0x36, 0x32, 0x65, 0x36], 0x2d, [0x39, 0x62, 0x33, 0x64], 0x2d, [0x37, 0x36, 0x64, 0x64], 0x2d, [0x62, 0x66, 0x64, 0x38], 0x2d, [0x35, 0x65, 0x38, 0x0, 0x38, 0x62, 0x36, 0x61]}}}, {@obj_user={'obj_user', 0x3d, 'vfat\x00'}}, {@dont_appraise}, {@pcr={'pcr', 0x3d, 0x1b}}, {@fsuuid={'fsuuid', 0x3d, {[0x34, 0x66, 0x38, 0x63, 0x39, 0x32, 0x62, 0xae], 0x2d, [0x32, 0x66, 0x31, 0x66], 0x2d, [0x33, 0x34, 0x38, 0x4], 0x2d, [0x64, 0x66, 0x63, 0x63], 0x2d, [0x38, 0x31, 0x65, 0x33, 0x0, 0x30, 0x65, 0x36]}}}, {@obj_type={'obj_type', 0x3d, '+'}}, {@fowner_gt={'fowner>', 0xffffffffffffffff}}, {@measure}]})
r7 = openat(r6, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r7, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r6, &(0x7f0000000540)=0x8, 0x2ba478e0)
sendfile(r7, r1, 0x0, 0xfffffdef)

15:49:07 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 80)

15:49:07 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 87)

15:49:07 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 86)

[ 2823.405568] loop3: detected capacity change from 0 to 40
[ 2823.407593] loop0: detected capacity change from 0 to 40
15:49:07 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
timerfd_create(0x1, 0x80000)
mq_open(&(0x7f0000000000)='vfat\x00', 0x2, 0x91, &(0x7f0000000040)={0x6, 0x3, 0x31d0, 0x4})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
sendfile(r0, r1, 0x0, 0xeffffffffffffff9)

15:49:07 executing program 4:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x18)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, <r3=>0x0, <r4=>0x0})
r5 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r5, 0xd000943d, &(0x7f0000056fc0)={0x9f8, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r6=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r7=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r8=>0x0}, {}, {}, {}, {}, {0x0, <r9=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {0x0, <r10=>0x0}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r11=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r12=>0x0}, {}, {}, {}, {<r13=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r14=>0x0}], 0x4, "63a4c51b3af037"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000700)={<r15=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000018c0)={0x1a96, [{}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r9}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r12}, {}, {}, {}, {}, {}, {}, {r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r14}, {}, {r11}], 0x0, "83b12698cb4026"})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000000640)={0x0, r15, "f95d1728b6d9763f76b9665d65e1ad31dd56977acbd62c4c5e1d94f7ddc53372db778e8a0b013e4117f42127f019f832abf123490d45b9dc254c530edee745caeb6c48163e3b9ef0fe851e8dea2b5467e3411b4770fadb3660b7ac237850a449552d4f46cf44ac9f525a8bae54218cf3045b76a12750a5e8baab16011bbd39aa7e9bfccc4b577b9a97322d3bd17f4aef0b072b26c1f6bc25884a21b4a75910554f58345f10a12e2cc4e0283d67c7ea6a39f168fa277811545c461841a936bd707a029c926de919f6290e7148d39356f783529eec5f675786c212bdaaf0839b211edf7c4d99d17d01e29bf931f09032ff8fa3fe4c8ab28d1aabf4e008952aeae2", "991435b0597965a44efae2ffd1835c003f99e53682b922affcdd06887fcdbf237c7b71d4a3a1a69c2b042ee700f4a2bf93c92eed589e6feb846f841ed40acf4bb3841475b32b5f40d35367f02fe8bc7937fabc142334259329d44c2e0e09b43e74de50dc8e5aa867a22b9d4ab55404f3be0361f12127fe14a95c7df90b5a67113eeca886cd0e78a49e5aeb013b35e928a0b958a793a9c22317095f060820acb83257320b8fbb0ebe561bc836822331ea38ee6d68ba595e4284f689136f89c5df8003f778d251d8a58ff61b2c8a152d7a8b782059ecc1e372279f47da4fd575eae33586f6eb35c23d5cca44f5a30d4ffb59dcebbca09fa51abcdcc2c9cd14ef5305b3d75be57c9c0fae00c31e5ab182106efb56a3b6981640dca123874bfdba05475d2d7096350a6c7b5bd161b4416d962b98f2619f6e5fcd0b3c22383be853247063a3d1370d0be8e84c07837a8266900e4f40766b396312182ffc6bea8cffe42f1170fb8adc9a83f90a817d0b64a02e0a4b0b9c3babee9f44685e0f262ce28fffc041a30915482504c355afa4fd7db01f84a585ab1962878385a0b6eca87e0066dc5749a619c8500e435dc6e94a3bf4282d33696b46673137a6c0128baf7277ba7d9b0cba14e40d96a5827c17cb006707d1a9e0327e68dac04c30c6aa2611f9c5e2f4bbf01fef1f43a7e936e657009cacd9f2ac7f365776e4b6da9a44fc42ae0cfa0a178181c8e28284c72d03bf7cea7b7dc52cb82c94ddb9e5be33985c4e157d58144ccdc4095f146ff71b0a9d9ca665aeb5b333a8f3b45cfef7f27f93bebb2ffd15f4433b6891bd9c6f21c7dfe7a0af22f1bd7d2ced147e1336ea2bdca200a443ff99efd0ddb10cfb2fceee468d3e7e1548f3b5ac8c97600093014bcb871caa7b1faf3de1481aa4734f5f03c8ec76582ead9a417800cd9588e229ba7449313433fa59b00a5935daea75cf9ea921b5fa23f07b7dccadf1245b716bcf9e88afd37909c1c313ae0a5dd4f1766690a3317b1b6ebc33b9298e6a139f8dd77fdc3e53af5776efab230734ac4e6cfc944eb2b31d8a8864b3430728a2adf256930f33f3dee481688df4ad92acec5cbe75e77b9d7963c470dfc34cd80b9737b7c89efdee73f6977e90d124d4d4114949c6d6d98e9eb1010eb13730fe5b4a47f0808880dceba5a1e9f5e54f7ea1f39a00ce8f17971abab693e856256d7f653c36b732ec53867dd639193c9c154231909caeed10fbfbe7b5320611ba5230837bcca84bd59cab86de28bf1907f332614742b961b3b49ddcbe1e9dae5356c6ab8a4757ed5cd9fb00e5a74d61e9199c0c5dac2104578075aa6592141c7265d7555f5c9d8e51c76b1f7a571850a6fca5d87dd06fcc93fade15456db2b3f372bce417a3481fa3f2bdbf78d17cde2d51c0c3438a542ffbc3f93503905133a68cd5623a157a94b58e0b6631a22d03514a8669963c92873860264750c8d0bf2c5452be780c31eda1f838861ed954ed5af25b88af02b730a5ce97532816e66a9271059bbc6f5ac09cbc835aa220fdd17bd7e792309ef01c3459ce9824d7416cca06593b3896427d9b12a1313b375ccbd8a934ad68fbb3a2ad6a18b33602cef7f581d476caedeac36b681048b57a3b65262a494b8e19684fb083525fb9871c747606ea24e1db007490b0ca9120fa862e6befc5e872692ef79c7fcab97d119562e0fd4f87373a4e21a99b7f0f9a3670c5296d95a643a6eadc0c670f5ed527e4afb1a78fa62449578c770f1a8e5226b5cc5766c11be8e08fbf78d19f5700f0d24a74b634ea7eb7d385642ebd52e60ee9870d9002a401e436308fd97e86e4fd4f1e27acbcf13835c5425bb16ae80a6376db1c0145c92508b06268bd67f5bad702e2576d91e85f2edef68455260e43d339ee9f3ebf729750be0c73ba470cbf556304fa1e84dae8c3ae2410123e5000b2cceeff77f2b5faae7dbe1b157665a11bfba8a4e3406b64319ab0902060b031c7d3f2cbca921ebf91c4c451091a115666b26b638174903b0ea1e82b9c29f448ae6d6cf317f98424af6a180cab6b81250850ab9ceb54021f2a9c1b4b23fda1f3974e3178222fe023e6275f1da4833541a0482b175af01072ecf1bf79b7eded879540eca3e308d7e9deaa0b4014ecd9acefd508231e124c623fceec9974d184fe4e52bc6311c291969fbc2b05d9d822e5fa2b5cede5e662019e7288f7fbf8f9defc4ef61acd8539c1a802593c39c6b056bc17694dd9e55d6c6e285354267cdfc737b62f341731d573b35dd9b97d8b299e9406df7a74a1fa8711e5749b7e2178aeec58b54f80871b167b4be785365a8e18d072f84352366ac22b9b1fb6539b943ff508559bff6bef6e1b62407f287488c618316563d1664e8d1a516081d563bc3254372d434b13a42f2c2ad642fa344ecb8a1b37724c53321b672d052aaddca6b981d32854d098bdfdd2cc4a8563d633a3c18f44b34c99f9cd0ea992c82dec38af7c056e5561a57e2adb3ba243cc17a675a309b6f28d08e9b2e9523bbc0ba60cd3321e40f8e90685b691376b6c642d4f9693b032b9b398facbe5c165c785e9735956bf55c9828c2a08eb7b7eef075acd20c2acff9daa73aa831934796857c719d60b896ed00ff4cd3dfb2da124f47d7dd099812ae66801af8d4739c20876d07138881c14707d19a2debd42754d1a050576fd0b7f610b72c050dcbda698f01e65f28eab8ff9881b5b73728e04dd1e48566b41d860c32ce7ca1d4c12e695a537b75c0006d1a42343fd9f4c27c51ac8e122119658314bc725fc68dd513ae8804a340098781aaf64024de09925481aa0137dc1b52a770c943cfcef97835d6be51407fa77b45a0f466a588a91d2fb9ce33f429e62e869f0c9f2e18ccbc3673e6cc05f55e20ffcceec122c991c015fe6278dcc1423ddba2c4ceb26af52ac828e690520e7e4c52955e993bce0f244de094aba2a13a181d7afba93fe16faabf536dcf5e26361af4fe3a6815d882d24758e54307308ab14ac8de35c570d0ce8c615f6797ccb2256e53ba8f9984e49723f9ce199b66b63e409fa57e01b41514639714613e301c4f4254de74534695235fae05fa0742109f8f968dee587c99bc5e22a59fd0f8d21710c77f5025b7e7b25cb6420cfd54c62e08146451dca0f85c0c2433b418f0f6a4ba7b2d3e33c78b3c5d771430f63057390bc6ce5cec4787bb9db9bb6355273ca0ac5777883aa1851d80285df6edb202cdd182b7595f872dcf254d0ff9f7297d68f2bb4046e210db7a1056272ba8cea70198249211e2e94c6222c0dc3ce464de84c318bc40ae9f97c9d32e6659da9e276287975eee261ca8a850d0cf6826aa7190fd6395438bdd9529deec14d836a856c18a2dceb8f3346db69e181356003a626ec0c96946812e84477552a42460f107c541098d3a3c57d0fae3ac48554f20c2bb8ae8b8681e806bccf3540cb1434a6aec491d0c091c84d9dcc9d51a8797780ab78c8095cac2383f73cead7a8d7cea90f4b577579a48fa2b83d2d423492075e687751fe60e7fc8851fa0edd4941b88d1aeaadb324943319355a5ec790a801f1b1028a4487404136068096fae40da0944c2acef25f43a1f72a386da8bc97cadc26fe813c6f73344599a10c1db122b108ef08dbf2da00d7ff5ff28a86ada7bb24628bc8e64b6fffc7b90e3dcd21408ffb786059c6c7c1fa817cd90818fa6d982096d137bfe0466df29d8521f04c3921cc8f82ffa02b36c5899dbadb5a82add84c9569e68fef182950483a50080e01752783e0185981ba186595c606be30622df4d5a6aaf92c9083b8c2eeb8847faf67938d0367681f8598e3b1b2061235ad779656fda737511e1af672135af2811c8123955805ab65b3ba2f6cbe51e05024a3f000f487006f11f3d815f7d90fdbeafe6a427171a8de7b284dce8b6b54f12c427d81403795f858fd864e2f3abd6805ca0beaab6a692a0f0addfce9aaeff8f49bc20559a1c3f4bac11c1cf69c8e7792e32dbca744c6593982b9065ce5485e41311b5497baafd517798bc43664cd9510ad2eb51ff7aeb50fe87b8195aaf40274b45a063dd7d14972da4c597f5ee886d68dc4feaffdad54d9b94ae4f156218fbed0f85cba37030f4c437d2ba31c4e150f97496617b308ae1dacef73744713d6544f5e73b56bdd646ab39402c7ac6b5cd945a31d4e1b98dc8d5a0d3dcffaaf07ea5681a3643cbca1dc5eeb80a07454959f33e4aef8da93c78564f55f5394905384c2a810a2ee9914779cfea6c1e9942760342045108d5aa3348f03874fbc5e63cef72922f1fdf72ac782e51d03cc376825d3f0421310f827c0a69a52ec80e237df857584b2b4c7164e92021ae7c152c7c69daa0e5dce1b68835d7a5a4a38d0217ef04ca40ea6a4ae56c1d4b414392e8917ce4c05014ade430930aee522fdf47597025e3140647feff746eefb178f8e01a3080184d42f3614eb690484c7271b7f51b2b3c280eb6c20891e53ebf10e074441c7c00038ac1104e64ca370b629c9f5d034fad42ffefe77ade565feb04269546650c7becc7b339f5feb306d0adfa7d9f4fadb75550efcdf4a80f7935fbf47e829b6e503a20467f26766fca55cfaf6016eecc94e9487c9abf0d6ad30b05ca291c8ab458929fc70542ddd31c5ad8019f754540ac6f00ab9ea27ec51f23fd43b0ecb62842d8a5a1c7cc3ab3497241502e4dfbc29eee94a621641b719aeaddf01feb8031bce8a5e197bd07effc06cc811776ab79e9e955d3d2c5b5b7371335914bb1fe933be15b68420d6a38f601f682a5acc95508c3c964337408f7fdd1fe066fa40a3ec099caa8e8ff9d443d8a50787839c660d5a269724f1d60786fa20559fae637f6e5b074745a5a34224afd03a6d48765c1b57bae782287d7210d9d584bfd9a3ffea19ccddb30e5f2866faa8a445dd08c05605969ec5a679ab45afccf2667d66b8f88b720262d6999464e9e9814f06b82113a03aa514b436e5929fc1aa100599b852e1019c35e657e0492178c333f7e0261ffaf50660da07c2dff97218dcf33cf87158e288e74645352920edeedb26654c05e86947fcf9dbae2cd40c78aba218c36a21c87d12e77a37176d423d3286c16113bdbc24739117ce25c0aa00ef71ab8afdae2bf00172bb5fe2c32e92bde2b3480c24bb0de14ca2bbc1932c56d0502ebdd7639d34bd03dddbe26c5e01174580b5279fbe63c0dd21fbee2a99f8ce4d2147756b2941ffa74e5062d133f1761e9eb0237c01abf59b6777f639e9fec48417c2621da2992a8c582c5733d6cafa56db01312a7d4cccaa554e237d8a37a6e8e509442b35cdb2b0107e300cd7e872b82f1a7b7976de22ebf5ec8056f7f0c591cd78214b4d4caafb00d95648c98ba0e13a938d82dfff14e2cbbddef964e117"})
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
r16 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
sendfile(r16, r0, &(0x7f0000000040), 0xae3)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r17=>0xffffffffffffffff})
pwritev2(r17, &(0x7f00000001c0)=[{&(0x7f0000000180)="af86b493607682f916af72cdc43892", 0xf}], 0x1, 0x9, 0x2, 0x18)
ioctl$FS_IOC_RESVSP(r16, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
mknodat$null(r16, &(0x7f0000000000)='./file0\x00', 0xc000, 0x103)

[ 2823.424364] loop7: detected capacity change from 0 to 40
[ 2823.444399] loop2: detected capacity change from 0 to 40
[ 2823.447484] bio_check_eod: 2 callbacks suppressed
[ 2823.447497] syz-executor.3: attempt to access beyond end of device
[ 2823.447497] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2823.448938] buffer_io_error: 2 callbacks suppressed
[ 2823.448947] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2823.455698] syz-executor.0: attempt to access beyond end of device
[ 2823.455698] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2823.456450] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2823.477716] loop5: detected capacity change from 0 to 40
[ 2823.482665] loop4: detected capacity change from 0 to 40
[ 2823.490926] loop6: detected capacity change from 0 to 40
15:49:08 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
connect(r0, &(0x7f0000000000)=@vsock={0x28, 0x0, 0x2711, @hyper}, 0x80)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x39)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:49:08 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 88)

[ 2823.518863] FAULT_INJECTION: forcing a failure.
[ 2823.518863] name fail_page_alloc, interval 1, probability 0, space 0, times 0
15:49:08 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 81)

[ 2823.520615] CPU: 0 PID: 11845 Comm: syz-executor.2 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2823.521830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2823.522940] Call Trace:
[ 2823.523306]  <TASK>
[ 2823.523633]  dump_stack_lvl+0xc1/0xf0
[ 2823.524210]  should_fail_ex+0x4b4/0x5b0
[ 2823.524806]  prepare_alloc_pages+0x178/0x500
[ 2823.525470]  ? __pfx_perf_trace_lock+0x10/0x10
[ 2823.526116]  ? __pfx_mark_lock.part.0+0x10/0x10
[ 2823.526782]  __alloc_pages+0x149/0x480
[ 2823.527357]  ? lock_acquire+0x19a/0x4c0
[ 2823.527926]  ? __pfx___alloc_pages+0x10/0x10
[ 2823.528576]  ? lock_release+0x1e3/0x680
[ 2823.529162]  ? xas_start+0x14e/0x710
[ 2823.529708]  alloc_pages+0x1a0/0x260
[ 2823.530275]  filemap_alloc_folio+0x374/0x410
[ 2823.530932]  ? __pfx_filemap_alloc_folio+0x10/0x10
[ 2823.531645]  ? perf_trace_lock+0xc1/0x480
[ 2823.532251]  ? find_held_lock+0x2c/0x110
[ 2823.532868]  __filemap_get_folio+0x285/0x8d0
[ 2823.533568]  pagecache_get_page+0x2e/0x120
[ 2823.534187]  ? __pfx_fat_get_block+0x10/0x10
[ 2823.534858]  block_write_begin+0x35/0x450
[ 2823.535466]  ? lock_release+0x1e3/0x680
[ 2823.536062]  cont_write_begin+0x4fe/0x700
[ 2823.536686]  ? __pfx_fat_get_block+0x10/0x10
[ 2823.537370]  ? __pfx_cont_write_begin+0x10/0x10
[ 2823.538048]  ? __mark_inode_dirty+0x68c/0xc10
[ 2823.538716]  ? generic_write_end+0x1fe/0x3d0
[ 2823.539396]  fat_write_begin+0x89/0x180
[ 2823.539990]  ? __pfx_fat_get_block+0x10/0x10
[ 2823.540662]  generic_perform_write+0x25a/0x580
[ 2823.541368]  ? __pfx_generic_perform_write+0x10/0x10
[ 2823.542112]  ? __pfx_fat_update_time+0x10/0x10
[ 2823.542791]  ? __pfx_file_update_time+0x10/0x10
[ 2823.543484]  ? generic_write_checks+0x2c0/0x400
[ 2823.544188]  __generic_file_write_iter+0x308/0x4b0
[ 2823.544926]  ? do_sendfile+0xb1d/0x12b0
[ 2823.545506]  ? __x64_sys_sendfile64+0x1d5/0x210
[ 2823.546203]  ? do_syscall_64+0x3f/0x90
[ 2823.546785]  generic_file_write_iter+0xe7/0x350
[ 2823.547503]  do_iter_readv_writev+0x211/0x3c0
[ 2823.548169]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 2823.548927]  ? avc_policy_seqno+0x9/0x20
[ 2823.549550]  ? security_file_permission+0xb5/0xe0
[ 2823.550265]  do_iter_write+0x189/0x7e0
[ 2823.550852]  ? __kmem_cache_alloc_node+0x1bc/0x310
[ 2823.551556]  ? kasan_set_track+0x25/0x30
[ 2823.552171]  vfs_iter_write+0x74/0xb0
[ 2823.552759]  iter_file_splice_write+0x73f/0xcb0
[ 2823.553481]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2823.554232]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2823.555010]  ? inode_security+0x105/0x140
[ 2823.555805]  ? security_file_permission+0xb5/0xe0
[ 2823.556498]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2823.557277]  direct_splice_actor+0x113/0x180
[ 2823.557936]  splice_direct_to_actor+0x33a/0x8c0
[ 2823.558107] loop3: detected capacity change from 0 to 40
[ 2823.558608]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2823.559682]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2823.560428]  ? security_file_permission+0xb5/0xe0
[ 2823.561143]  do_splice_direct+0x1bc/0x290
[ 2823.561759]  ? __pfx_do_splice_direct+0x10/0x10
[ 2823.562459]  ? lock_is_held_type+0x9f/0x120
[ 2823.563113]  do_sendfile+0xb1d/0x12b0
[ 2823.563690]  ? __pfx_do_sendfile+0x10/0x10
[ 2823.564318]  __x64_sys_sendfile64+0x1d5/0x210
[ 2823.564994]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2823.565728]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2823.566478]  do_syscall_64+0x3f/0x90
[ 2823.567011]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2823.567743] RIP: 0033:0x7fe077f6cb19
[ 2823.568271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2823.570762] RSP: 002b:00007fe0754e2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2823.571785] RAX: ffffffffffffffda RBX: 00007fe07807ff60 RCX: 00007fe077f6cb19
[ 2823.572768] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2823.573768] RBP: 00007fe0754e21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2823.574748] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2823.575727] R13: 00007ffda5f9e29f R14: 00007fe0754e2300 R15: 0000000000022000
[ 2823.576724]  </TASK>
[ 2823.580188] loop0: detected capacity change from 0 to 40
[ 2823.634343] syz-executor.7: attempt to access beyond end of device
[ 2823.634343] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2823.635994] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2823.636498] syz-executor.0: attempt to access beyond end of device
[ 2823.636498] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2823.637890] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2823.680268] syz-executor.2: attempt to access beyond end of device
[ 2823.680268] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2823.682071] Buffer I/O error on dev loop2, logical block 10, lost async page write
15:49:08 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
r2 = fsmount(r1, 0x0, 0x0)
pread64(r2, &(0x7f0000000000), 0x0, 0x3f)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
r3 = fork()
fcntl$setownex(r1, 0xf, &(0x7f0000000040)={0x1, r3})
openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)

[ 2823.702125] syz-executor.6: attempt to access beyond end of device
[ 2823.702125] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2823.703870] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2823.724008] syz-executor.3: attempt to access beyond end of device
[ 2823.724008] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2823.725713] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:49:08 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 82)

15:49:08 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 63)

15:49:08 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 87)

15:49:08 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 68)

15:49:08 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 89)

[ 2823.934154] loop5: detected capacity change from 0 to 40
[ 2823.951083] loop2: detected capacity change from 0 to 40
[ 2823.966864] loop0: detected capacity change from 0 to 40
[ 2823.998568] loop7: detected capacity change from 0 to 40
15:49:08 executing program 4:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0, {0x6}}, './file1\x00'})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000240)={{0x1, 0x1, 0x18, r2, {0xffff}}, './file1\x00'})
r3 = syz_mount_image$nfs(&(0x7f0000000380), &(0x7f00000003c0)='./file0\x00', 0x1000, 0x9, &(0x7f0000000840)=[{&(0x7f0000000400)="787215e8faf0df319d318b5df35a537d04aa17109ada8df8870f8233c8c2e1007545e7854746209b5d430877860726581d5cb145ca028c0f974f13bc15725acb91963ea2aa22488fb1047c2f670500bc4098fc18db16e70ec4c8f6f15abd40756904d3b8df9189ea9829e7c9f52dcd240e0b072fb6f065eeae05d267", 0x7c, 0x27a}, {&(0x7f0000000480)="b47b1f399e11541c66766f3007e9b74048787fedbd7f8c8bbb56", 0x1a, 0x1f}, {&(0x7f00000004c0)="48d82e40d5cb46edc4264c636ca53cf8a9", 0x11, 0xbd}, {&(0x7f0000000500)="c282c5b675c96b5a98e48d631f8b45de48d13d3518ce79aa10f4cb4c7ce3ab1aa81ea4d5ea19bc163b70eb600d00b708068415899ab2ec22e17355a65c66927557dca4bf0a594e", 0x47, 0x1}, {&(0x7f0000000580)="deb02e61316fa512c7b78353", 0xc, 0x34}, {&(0x7f00000005c0)="19a9c6e42922cd487b2ac31824372ab48a0f90ae4d58e2", 0x17, 0xfffffffffffffff9}, {&(0x7f0000000600)="1c40e908a7002028146498c97fcc995f9f0dc1ceb186d16200e756d2d476e1af4058a3c815dbd310a11e396e92354401558410874fd9c3158a23d96eb6e2ad6b52278a55132be6b697c7b2e3f48fc06af3af064d42e621a79fa83aa759240fa97623ba7b3d2712cb53efb5745ff1264d640ac43ff4fb39705d1b13288b775695d97cc401459f964fac5583b1fa50e0a85f3a9536f00a2752c7c7c7ef1e2da2a0d6186c", 0xa3, 0x9}, {&(0x7f00000006c0)="dcde8bfbf9b09a0f0b892d899b92dd162b9055d414eb6d8b17a6cdde1a5e5d7c7638a640b4b40d0cab7c5360973d9364d66beef3b3d83daa585e789a71c774146237647ef091e4db299ab9174fcf65c7fe68c644c4a0d9434d", 0x59, 0x4}, {&(0x7f0000000740)="a9e0e9ac347166d2bd28d69769a1c090dd0bde67c78a3fd0abf35a0e7a2bb57eec00eae410bb3d39e0b24b49a496f1a1937e55177d8a21f0e2538fc760ca3ce3413620fcadb0f861beda69d040581063584922963ae3b383600bc9724d27a75be9d2a37100259185e882722e82d00bc858ba4717d0b8d74ea3ee27bef1663d81291f30bb2e46fac82ac9d4ad4e904c872d27c2bb34fb5cdb5acfd4015e44b93d36f8f608e5e3e84f975a9ca103cb6232620f9aae5f34231e2054615bc9705e2303efb6a2378091a983c16fa16ddd814c8d8b7f69c2796a82d517d7eb4424a0b3f01c4a37c4f10e5678", 0xe9, 0x8a8b}], 0x400, &(0x7f0000000940)={[{'.'}], [{@smackfsroot={'smackfsroot', 0x3d, 'vfat\x00'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'vfat\x00'}}, {@uid_eq}]})
openat(r3, &(0x7f00000009c0)='./file0\x00', 0x61864131618bfbb5, 0x1ed)
r4 = open$dir(&(0x7f0000000300)='./file1\x00', 0x400, 0x4c)
openat(r4, &(0x7f0000000340)='./file0\x00', 0x400000, 0x6)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101440, 0x80)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180))
write$binfmt_aout(r6, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r6, r5, 0x0, 0xfffffdef)

[ 2824.073515] loop6: detected capacity change from 0 to 40
[ 2824.135281] syz-executor.2: attempt to access beyond end of device
[ 2824.135281] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2824.137206] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2824.161318] syz-executor.0: attempt to access beyond end of device
[ 2824.161318] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2824.163224] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2824.165453] syz-executor.5: attempt to access beyond end of device
[ 2824.165453] loop5: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2824.167222] Buffer I/O error on dev loop5, logical block 10, lost async page write
15:49:08 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 83)

[ 2824.204832] loop4: detected capacity change from 0 to 40
15:49:08 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 69)

[ 2824.254115] loop0: detected capacity change from 0 to 40
15:49:08 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 64)

15:49:08 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 88)

15:49:08 executing program 5:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r3)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r4, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
openat(r0, &(0x7f0000000000)='./file0/file0\x00', 0x80, 0x80)
sendfile(r4, r1, 0x0, 0xfffffdef)

[ 2824.363344] loop7: detected capacity change from 0 to 40
[ 2824.399057] loop2: detected capacity change from 0 to 40
15:49:08 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 65)

[ 2824.470829] loop6: detected capacity change from 0 to 40
[ 2824.552931] loop7: detected capacity change from 0 to 40
15:49:24 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:49:24 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x1000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000240)="730340d33fd039d454d9d6ca828c0987e0091194006255b23978f30741cbf9930ccc709a40297fe6b971b95e8abc22bcec24dfc793d614dcf6001ff04155e02ce3105e4a6cabcc54f03b9b5bd43d5934f813232826eed59b5f5fa111b392d44a83ea108731fc9e289f65383cec01e50fe03d2d2ac95244b4632748c5e3314f608587f9fa3b562f12b910fef4a0cf45b9d06728b02a2858b26d1225a4ce8dbf12afaaf3b949dbe68af4fe9234ade3", 0xae, 0x7fffffff}], 0x80020, &(0x7f0000000300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}, {@commit={'commit', 0x3d, 0x29}}, {@usrquota}, {@nomblk_io_submit}, {@discard}, {@sb={'sb', 0x3d, 0x2}}, {@sb={'sb', 0x3d, 0x9}}, {@barrier_val={'barrier', 0x3d, 0x3}}], [{@dont_hash}, {@subj_type={'subj_type', 0x3d, 'vfat\x00'}}, {@euid_eq={'euid', 0x3d, 0xee00}}, {@obj_user={'obj_user', 0x3d, 'vfat\x00'}}, {@subj_role={'subj_role', 0x3d, '{'}}]})
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:49:24 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 84)

15:49:24 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:49:24 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 89)

15:49:24 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 70)

15:49:24 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 66)

15:49:24 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
ioctl$LOOP_SET_CAPACITY(r1, 0x4c07)

[ 2840.373683] loop4: detected capacity change from 0 to 40
[ 2840.383620] loop6: detected capacity change from 0 to 40
[ 2840.388967] loop7: detected capacity change from 0 to 40
[ 2840.420146] loop0: detected capacity change from 0 to 40
[ 2840.425478] loop2: detected capacity change from 0 to 40
[ 2840.428795] bio_check_eod: 9 callbacks suppressed
[ 2840.428805] syz-executor.6: attempt to access beyond end of device
[ 2840.428805] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2840.430124] buffer_io_error: 9 callbacks suppressed
[ 2840.430132] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2840.432405] syz-executor.7: attempt to access beyond end of device
[ 2840.432405] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2840.433299] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2840.437424] syz-executor.4: attempt to access beyond end of device
[ 2840.437424] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2840.438352] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2840.439329] loop3: detected capacity change from 0 to 40
[ 2840.515921] syz-executor.2: attempt to access beyond end of device
[ 2840.515921] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2840.516939] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2840.516987] syz-executor.0: attempt to access beyond end of device
[ 2840.516987] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2840.519108] Buffer I/O error on dev loop0, logical block 10, lost async page write
15:49:25 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 90)

15:49:25 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 67)

[ 2840.525119] syz-executor.3: attempt to access beyond end of device
[ 2840.525119] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2840.526000] Buffer I/O error on dev loop3, logical block 10, lost async page write
15:49:25 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 85)

15:49:25 executing program 4:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffc, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000300)=ANY=[@ANYBLOB="c688011c2b43e16e253d04057f791f14d1edd8d179d312e2d686d342010aa8b5917c4a965432d8271f8076af963da0602dc0420f5a6efd0ecf8ec77f43f74821609a162fcfc0eba1d4d13c4b15929ef8ff6931687fe055c5c6ba7f38bde588564abac0c10449e1e803896485ff251a6e4437603f835f18baf4c56aaf3c974e79da96c37460f45c1b234de69b58b9c622d0361130b6f14ff8e333ad65676cf07cc7f4f7b941030000002028fd14c84d11c2a7c0e8302c77c7b88cfa0469129983566f1907d6401a8e0d118a812325366e0f2f113d8216", @ANYRESDEC])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0xff, 0x8, 0x40, 0xff, 0x0, 0x4, 0x40080, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x0, 0x3, 0x80, 0x1, 0x1b22fefe, 0x8, 0x100, 0x0, 0x3, 0x0, 0x10001}, 0x0, 0x2, r3, 0x2)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
pread64(r4, &(0x7f0000000400)=""/214, 0xd6, 0x8)
fcntl$addseals(r0, 0x409, 0x8)

[ 2840.615538] loop7: detected capacity change from 0 to 40
[ 2840.633891] loop6: detected capacity change from 0 to 40
15:49:25 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 71)

[ 2840.638273] loop0: detected capacity change from 0 to 40
[ 2840.658975] syz-executor.0: attempt to access beyond end of device
[ 2840.658975] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2840.659909] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2840.666585] loop4: detected capacity change from 0 to 264192
[ 2840.668323] FAT-fs (loop4): Unrecognized mount option "ƈ
+Cán%=yÑíØÑyÓâÖ†ÓB

[ 2840.668323] ¨µ‘|J–T2Ø'€v¯–= `-ÀBZnýÏŽÇC÷H!`š/ÏÀë¡ÔÑ<K’žøÿi1hàUÅƺ8½åˆVJºÀÁIáè‰d…ÿ%nD7`?ƒ_ºôÅj¯<—NyÚ–Ãt`ô\#Mæ›X¹Æ"Ð60¶ñOøã3­eglð|Çô÷¹A" or missing value
[ 2840.686293] loop2: detected capacity change from 0 to 40
[ 2840.723153] syz-executor.2: attempt to access beyond end of device
[ 2840.723153] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2840.724102] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2840.748462] syz-executor.7: attempt to access beyond end of device
[ 2840.748462] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2840.750091] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2840.770285] syz-executor.6: attempt to access beyond end of device
[ 2840.770285] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2840.772015] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2841.493329] loop4: detected capacity change from 0 to 264192
[ 2841.497525] FAT-fs (loop4): Unrecognized mount option "ƈ
+Cán%=yÑíØÑyÓâÖ†ÓB

[ 2841.497525] ¨µ‘|J–T2Ø'€v¯–= `-ÀBZnýÏŽÇC÷H!`š/ÏÀë¡ÔÑ<K’žøÿi1hàUÅƺ8½åˆVJºÀÁIáè‰d…ÿ%nD7`?ƒ_ºôÅj¯<—NyÚ–Ãt`ô\#Mæ›X¹Æ"Ð60¶ñOøã3­eglð|Çô÷¹A" or missing value
15:49:40 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0x8, 0x3)

15:49:40 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, &(0x7f0000000000)='\xa9@\x00', &(0x7f0000000040)='./file0/file0\x00', r0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:49:40 executing program 5:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000180)={0x0, 0x0, 0x5, 0x205})
openat(r3, &(0x7f0000000040)='./file1\x00', 0x101480, 0x20)
sendfile(r1, r3, &(0x7f00000000c0)=0x4, 0xc00000000000000)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
mknodat$loop(r2, &(0x7f0000000240)='./file1\x00', 0x2, 0x1)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={r0, 0x7a4f, 0x100, 0x9})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendfile(r7, r1, 0x0, 0xfffffdef)

15:49:40 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 68)

15:49:40 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 86)

15:49:40 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 72)

15:49:40 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 91)

[ 2855.957792] loop3: detected capacity change from 0 to 40
[ 2855.960667] loop0: detected capacity change from 0 to 40
[ 2855.961794] loop7: detected capacity change from 0 to 40
[ 2855.961911] loop2: detected capacity change from 0 to 40
15:49:40 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
openat(r0, &(0x7f0000000000)='./file0\x00', 0x8000, 0x108)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2855.990158] loop6: detected capacity change from 0 to 40
[ 2856.016023] loop4: detected capacity change from 0 to 40
[ 2856.040113] syz-executor.0: attempt to access beyond end of device
[ 2856.040113] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2856.041124] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2856.065321] syz-executor.3: attempt to access beyond end of device
[ 2856.065321] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2856.066183] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2856.078495] syz-executor.2: attempt to access beyond end of device
[ 2856.078495] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2856.079293] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2856.081059] syz-executor.7: attempt to access beyond end of device
[ 2856.081059] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2856.082852] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2856.085696] syz-executor.6: attempt to access beyond end of device
[ 2856.085696] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2856.086472] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2856.091332] syz-executor.4: attempt to access beyond end of device
[ 2856.091332] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2856.092164] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2856.099876] syz-executor.3: attempt to access beyond end of device
[ 2856.099876] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2856.101689] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2856.111094] syz-executor.4: attempt to access beyond end of device
[ 2856.111094] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2856.111878] Buffer I/O error on dev loop4, logical block 10, lost async page write
15:49:40 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 73)

15:49:40 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 87)

15:49:40 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 92)

15:49:40 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x0, 0x8, &(0x7f0000001540)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x100000000002800}, {&(0x7f0000000180)="43dd20c6a21b7724da3fd16c702cb65a42ee4f0d7a4411d650705c01e4aea625433b5b073d8e44a7f5e78d7d0de1e8355874eef18a80852270df2de823a404c0b9d62a230bd4f384e8a131620f669a094f8eecb6be72c9ba218dfa546552d4260a3888cf49a975d161f368a118d1b5e0c7b869c1f1f032eab2033259f01e038cf8111fe596d587afab9c556afabad8dd5c93e5d9d8c35d8e6cc3cf214ca758d818a24b275629694ef27e088d782ef5d54e6b4711371cd0c794687f", 0xbb, 0x3}, {&(0x7f0000000300)="3e624d54bd9d1e48ca9a468ffb2642685f9731ba18362850504f7ffca995770a3ebe03e04550e467e8e6223009cf2303a77985966fa2bf293c2be336b4f7bef6995a6fe6ce2cf725911667dd03fd34559f2ac67d03000000000000002e548a0e3f8307824bd68525c37f8754524dea85c5288fbbe38c3630022eb492277d875f986286c8eb867c4b03814a53ebfb50e4964270a8cd5a739369ef6d19d5ff96dcd80932403431d7b78836", 0xaa, 0x6}, {&(0x7f0000001600)="fbaa6c95537587de90f3aa0861617375a580869298153c64f62dd305dcf018185b33d1965abe0dae487afc8d92284e39822f0fc23e9a9c9f1d700ce1fd6e4b46a4defcf68f39aba34bd082f53e6c58546fca0e3651e0d83c64754b86033a4bcb4e2b8aa80fb4265055cc1fb36d6fa213b3d8ba05947c28cecd692956a453414f78577d8437e0bc4abc3f176cc98d9c991f8c909b8c7881950a3fef11ff1cf0a2a4e8f94e937a52a7ec90736249531bc7ab61ccb71f26fa87b73777b724e752b301f6398bded73fd90d7dad8c4eb763f9bae5fdb60510e73869368e77856bf439cdbe131a4a175072250e29dabb1929fe4a98cc253e86452c4c371af8814daf76e98dd9a7fb4b47afad32f4343bfd46d857a2a05323d08368c6c54c1ff653ecf4fac8f066bf8039e068b7e6a93000fced0bdf1c73c8bccd744951ca8a7a48e7c1033c509cbd93ffef73437a456accb8f5bc7640f05f30527c592c983a5f005d4887597d1168aad1f740f16e5ca5e9d02053fed727fe79afe1283328b2994747667041447dd5b6c9d027a582cca1cba96bb9c74afc8cc459ea3f918e82b4dac5b869e721f81a27e2143215d09c503018b505f13db6ebb1c31d42331f6f888bbc7b5fdd1ce5ee5de5fd67fd875b1e0dce75e30ac55c8e8551c46f7c1f6cb68be347306eddfcad9f6a571e386286089bd2d13dcaf268ba74ddcefde3bcf07f3026092d9e23db64c20d9a7e9921a0bda9dd6b5a75c409a92affdad62ab953cd9e830fc4dd1feb57a41bd654c21630b538c494c1543b83d0aeb88bc66552383013d470dff14c3649c852aa4c52830abfac209e4a3adb9affbe990c9f6c24714eb4dfb49f280b9465e70ee2700334fa9cd37503c80eeb1527a50ec82513f74a4dbe012c54259431e60c27f75b24c1bbdbe781ca957f0483187155e74033877f3aed114d49b5bdd9353868a5bbc187cdef0c2f34c182781d72d9f363478a7e9bd4d69bfc66e1909a4c6b120218ea61e78dde2b9e6f5319e2b162162bb26691542baf605d47cd608ffd3d4acf0d0487e9e9fa522402d4c0096a742e3474970e4a61a2f83e76b9371885e20d1bca5e714605439bf8d26bf95642025f49c5d1f5514687105cde619301a2e1e9030d5784b7070b31973ef5c19425fb3fdd850ce3399c9ca9729152d46f859b2121de99f0400e5159121e09ab168bbc8ef430020000000000000a2b23e1d6e5476e473e93a1606e948d36573f7c2f64e850d5a8bc232a4e88c770cbb974ab95608577800bbc274b4aac0c0b70995deeb480704925af3b03c2a98407e61cc1161760c92bbb79f14cf3e2cdc38aa51d0a88b4c1d153fce6cd4c55b68eff8a861daaeaa339f8db41bda6bc4f64b9b799c51af32a4b131380d526910fb19897b8672be75358e85df6f758cc160e175d1bc297340f9f930a9ec3bf0a8eeaf5b924915743668968aa9a92bbae4368f6ed0337a52b5dfe7ee0ce90001657af87de449fe75cb1c258517054568540e927f0902832ad738a77f16e93ee78c8acd2be41c46697fcbe6e6941386e7baf5c453d29fa78ef1ec155e0c03e78633fbd2c867b4dca287238040709ae35d97d80f02c8b01e5214471f7e76ffef2a35114762ad3d480bea597bfedd962121c89c4073d455a4deb4cdcd244ed3b20ba8bfd58a7e225415fccc3cd306fe82460f3bfe3801b80b0240036502cc7a62ca881f6cf1e0a04186b25c5054e98b943501ec47a15b12b2c730fb7304328ffbed21174f9ea9da5ed124f4f0dceef6856f1278eb51caf29bc132886df6898e309a615ccccf192532a3cf0d12660f9aaf2f48d0607679218f59fcde4253c80368e2190d30242591539be15bee50cbef92f6f69719239405bcb99c342168400d1b19d53a179242ddbf73fb2fa7360ebc1b7f14c88b63d3370f8db2e0a08d00b3a76e534e674cb203716434d8f075b245b364bce38146e89da9690f9688a4a8f190b143b1181930e7404f279c929fff3a096309913a89b2613b105ca88d05b8982d4a46f5d348cd8667c2b843c1de096464d3fc33714e3647019df41330ed288de0b2e8c16a0ba6562eef76294d8b09b5c3363ffc172ff83f354ed14e1e8309c2081b31bd83926aa12b0a3f31b74588f72accbde820e57d852265d5b75ff48d1b211dbf90dab7733c78a853ee300d1b58cc5d669a071e9fb1b08eb0e43cd0d2e4500a9828d918d853c0399d8c6bf66fa27f3dd86498b9c087409640a28d265e1e58b3e2102094aa06c421ef2aca00c7c599dc8ab6afe95e6c41007df46041124abcb46db4142dbce8ab35f6596b4a362c7e8b94d2bd47803c6627341cc70d6eb24718efa5617590e7036475252b9fa9fe59f4bfe630112bb4022777cf0ba9892e1185edd6cd1ea5f8caaadc439f11193f8fe8400b59a5e8751559bedda1cdd1e0ea98dfdf0be8f302e998b18463a1781beb888af7d432bbb4a8433695a7c47af8e00857775ec46d304b1f985d3cfc193af3d0a7822157e80f8fefc80c5606193af2d38c93729f07c19b1f32128a56e30f612049adc8dc7f8e3eb8bbc8e10c877e13447cc39bf7ced14862db0149165c772951e6dfda243b8b1b013500809e865b9fa045280342841f58658b417f7c2cd38d7b2cdd61eb8745d7f6ba5d21539ef85ffb394775c91e9110100d806a7fdbc16a0594de2a9d4f3c42981438ad334d9f1e9788c506e2d8d3c84783226d82ed01a93db008d8f57b5da0afa8a69d7b9cb5183f2ec78882fedb280d471f051a6594ad365e793a9045a5868d9b7cc09fd4b0add326b7580bb959d94a32bf5354038555978c5115f4769c7be93f4a290ca318dd3f399301051a0c03dfefc93596fe746be999820111259840a7c81552f59446853ad68acafeee5fc2383399ea6f6a7e1eef06fdd1a8d6196f9f32630fb2e4c3c259f1b3b96f329e6db4e20943fac25ab4433083f38427041029b0f99442e864926b1f6a7234d556954a32ec461995a1284d88660d70d7b6753e1cdb460c974df13d0c0784e527fffe3bd4ea6a3cac5b55c6953066057acf2fd0f44a513d543bdbf23e7de702e11f65d024803f0cd5bccce70c218ec76a196a18fa1058cba145c59b5dd09d830c3f7f8fca72a75531368192f5deb0d6ff4feba5f1a760275522590aea7296f788f0eb7cd6f6b6f6cc434c32a5e3fed8381f811d66f9bcc2164aae354cfdc6b6db8a00e11e5ad9d30afd1d9d1579a43cb92c237b9efb62bec5100a49c056a0b709f0431ceb57267c35242ec5462030a36403a98115d557bc505516eebe12e6c4bbcfa22123961487cec04c4d41c5e67523eae1a45a89cdbee3a2530bca9f4850b46223a876edf5bd7ddc4539ed40c26a4455466d5698f25f548884a4e0fb05154272c5a740a732291bf87e3aeac4e3f46356b8a9f4b5f6e1babfafd28a212834e6b3320ae23d60bdb48d9db2d208a2129dfc109ae0a51eb568656d121f0f6412d6b27ef56a698c859f2eb0f268cfcc14d8d42639ecebc6465d8121baea6b97cf680f5ff9266c174bf8cf27e9d9151fd623cb990fb5742a0495dadad507acc6d7bc0057143fc47c99c3cf885e3e25f342047c29b997abc67688132c4c549dfca317e1296a9aa405d843624668c30af6f65c907dde99abf6fb3cd2f7557c9e3bea0d3d4ddc3069396b41a5fca34fd4076d6127b8e16b5ca2b7909bff85d052cb007127bac16d9020cc334f9bfc9ddba07df8f509ebbdc9e39a03f3171bb4b84fb0ba168d79f730f86cdd73779ba2b2a3db2ea201f81a405a16fcde526ffea4341692d11b9ab338b0b94c6f02e0668db55f48f6ece2f47680491246f8ad2d543d77792346438736ceb46680a2e5882c803bc95be09bc0a06613c3906bbcf9eda4e414c7100b14472862a1b347b6fb5071128e97d0543387997b77c4c1666bb027f0e599abbd8fe480ffc162c1d6f6866430e11629412498801def895ad63edba8ff71840be42c4f0107ad19b6221b0574ebe2f3872b120adb6afa9c7d30db59f27fe7481d44d540a2c33e7915ad497b7663f98e4aa4d5ed2b4fa5efeb49a1168ad2e76218c73c352fadb4be29150f848f742c94a359ccd04ef5dc3d995c534e82ba6e4c11e542e44618be22c85d4be56ba3b46397a35f5efd58b1f45235ae89875faad0c3359e3ec828e7491b9435d51967f18475762470f7a45b9f7add7faeee69c16caf53d0fa33fe155780d5edffce81ccbf90acdc7986133ceb3593e08d31c2ae8f03314302d9721c31db4681dde2184acd7104c11b38d3224195d1e8239557c5c092b28194355e090587a36f0dd2b5fd06248c629e99e9552e74e0e66a994ae3600b83bab11e2f4c907bb3960ae071d3a7bde8dfe2856e88ded4909db2d4eceb32ecad873946c42a228a4655fb30263b7047c2c8ff55389e195e1d4a0043227440928a794286ff0f3e4e296f94588f5f011ba07302bbb7b0e0fa8db2fc37a755460f3dfdc2b8925822a65c574a44ef4aec2aab9149ef72fbb58844fb77cf68e1024fc81c88ba3efebea7a209a5e6e88753b22e8230f668c4e6defbf6f0d59a8fac45e306454d2ae3f79c18a9101cd76ecb585d2db48437f13c73359e3da078985a3987ddd4d66386b476d84694686064b0872d719d19d6406ea1c9fac5f474e96668244d71d475423521fc5f9d72de5ea2a3973901dd57a4f1b2a4f7ac755bd94349bbb32143007a0813fd0d669662a6d40bdc2410d4e1bfa85d75a14aef0548e3a2c22ff8552721d085dfe10ec55374cb87202520a4be88eb88e6067dfc25bfd73dc7a749ff169b6fe054a3be3134489d91c723096066886a147cf51883da036af547ff740a58c16703159327d81a9aec611138c92da33ed55381b659ba2c275820fffc340d2dfc0152c1b071ebc8e73bb715a537c8602ee9f848b89488de5aa01afe63a1eebb16fdfbde807675022f230612c3553b19688d43ef672bca8b2370b09b4163dd426ac989bf2af9d154ec2ffd88d6cb2d9867e8ea1551ddf4033137e6155c39c6011f6c02d7af042de5f96eec8ca545162004cd02919b3e07343afe0674816d0ff2af25d7a094c63e420b69e0263549348febaf9c048a4f3944e1aa054edf0d92f1238afedf43835339d2b9e863ed58cb8768b7b27df376669b14072c366534aef615aa2ba77e18b46a7ebdc4009ef7f3d923e92bd4639066413354350040c6bf4d0924a454214c883128ad07042dba77e59a6771b143c52a74e29327a60790c86814c35d8789f84a7f9d57d5c91bb97cf67fe5ac6f2af9ff417c9b374a2eacd20394500989c620582c36d79e6d0357dd0113e7df76509df11f599f9c118baecab82dda483e60f3d57bf7934c0ee9ab39ac0b05674e2c51d520e6c8f7e30e8526fa52c2572be80a01910a2c470f8af3cb48b67b56f356785652928ae7fe57f9d8849ead924f41f2d1e2600a27a0d5bbb1b815760f835b24391595012f226b65de454ec69c44f1ce0b0bbccb446287e298e2af9df578c786ebf8d3d35fc554e99538084ca03ade35e5b1ce1dbc9aa4020b7644c54dc7aeb72a81b213af76b596a469250d3c758026b1b941bd6c590d5e3d55afa008a030556d5d12e8455479df0566ead34b248363cd8f9c0463bd75f8af9dcb999ee4a7bf18ff3e16435ebf1227692c2fccda26d233fe68080b279ec25b0347dcfdab50e929c892bf31b2e9f87060eb2742d4be40120b782b06af371ed6a2c2c8b6b94f99cd031f36689f80aff4e3d8326d984e1895d24ed2ca5ab4cf0702b34a0e0e319d41d9f139163f48438", 0x100a, 0x8}, {&(0x7f00000013c0)="a350db978d3cce8704d86cdd0985205581cfbd8876b904cd77c4348f6c02e9c9806680fcab8e1966fbf9a2ae699cdd89938a414b42e87e9b08cf5e0d5eb9e23c0a1f9e33f62acf3edb32df1bb8cc7737afbe1d2dabf3c4f4012ba8fb3444c20143a84613977175a5cd2ab30672cabb57ff6393d6d085d879d669a914a1dff0f52f04e36734433cd5268a0cd9d339870cc990704cc162b797f1628ef910cfd6c1987a", 0xa2, 0xc7f}, {&(0x7f0000000000)="4306a8d1377429d185bee5e0f6437ec312ef7d92a526599b36f6d61de0ac85ce886a9e8b4f49eafc11e4fff86fb76204040a19a195a6af4ff84590d9664d9849198823d6a027d861ce8f786d29b62ccd3c43e89b988b19fa619971554ac3bf6877c1fe2d983d4a9caf48297909e17defc319c37814fa037e77106c9e8e281aa9", 0x80, 0x10001}, {&(0x7f0000000240)="e93df69a364fb143f22432277085cd42c63f486532cd1e1976c75788c60c040fd7f9965eaf60983b06aee076588ca030e787545b93ba383a4ecf59f9b99477568eab6c12cb18d9fe4eae67a4d04901a1194db0826d3ae0bc82dc8f56aa540f87b697e229aa6c3af602836efb3d", 0x6d}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat$cgroup_type(r0, &(0x7f00000000c0), 0x2, 0x0)
r3 = syz_open_dev$vcsn(&(0x7f00000002c0), 0x8, 0x4100)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f00000003c0)={0x8b, 0xffffffff, 0x5, 0x0, 0x0, [{{r2}, 0xca79}, {{r3}, 0x401}, {{r4}, 0x1}, {{r1}, 0x3}, {{r1}, 0x80000001}]})
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
pipe2(&(0x7f0000000480)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x4000)
fcntl$notify(r5, 0x402, 0x1)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:49:40 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount(&(0x7f0000000000)=@nullb, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='incremental-fs\x00', 0x1034081, &(0x7f0000000180)='&\x00')
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2856.212722] loop3: detected capacity change from 0 to 40
[ 2856.222203] loop0: detected capacity change from 0 to 40
[ 2856.237815] syz-executor.3: attempt to access beyond end of device
[ 2856.237815] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2856.238743] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2856.240962] loop2: detected capacity change from 0 to 40
[ 2856.269341] loop6: detected capacity change from 0 to 40
[ 2856.294289] syz-executor.2: attempt to access beyond end of device
[ 2856.294289] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2856.295096] Buffer I/O error on dev loop2, logical block 10, lost async page write
15:49:55 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 69)

15:49:55 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 74)

15:49:55 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffd, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x28, &(0x7f0000000000)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
openat(r2, &(0x7f0000000000)='./file0/file0\x00', 0x7fbbf9f48f99947c, 0x2)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:49:55 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 93)

15:49:55 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 88)

15:49:55 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101003, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000003, 0x810, r1, 0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
r4 = dup2(r0, 0xffffffffffffffff)
inotify_add_watch(r4, &(0x7f0000000040)='./file1\x00', 0x4)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x3, 0x0, @fd_index, 0x0, 0x0, 0x0, {0x2000}, 0x1, {0x0, r3}}, 0x5)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:49:55 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0/file0\x00', 0x511000, 0x10)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:49:55 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x209410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000002, 0x13, r0, 0x0)
syz_io_uring_submit(r1, 0x0, 0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_NOP={0x0, 0x3}, 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x18843, 0x0)
write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0xfffffdef)

[ 2871.005344] loop7: detected capacity change from 0 to 40
[ 2871.014413] loop0: detected capacity change from 0 to 40
[ 2871.046802] loop6: detected capacity change from 0 to 40
[ 2871.056585] loop3: detected capacity change from 0 to 264192
[ 2871.060094] loop2: detected capacity change from 0 to 40
[ 2871.075384] bio_check_eod: 2 callbacks suppressed
[ 2871.075398] syz-executor.7: attempt to access beyond end of device
[ 2871.075398] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2871.076933] buffer_io_error: 2 callbacks suppressed
[ 2871.076944] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2871.078275] syz-executor.0: attempt to access beyond end of device
[ 2871.078275] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2871.079315] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2871.150180] syz-executor.6: attempt to access beyond end of device
[ 2871.150180] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2871.151317] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2871.154353] syz-executor.2: attempt to access beyond end of device
[ 2871.154353] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2871.155556] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2871.884563] loop3: detected capacity change from 0 to 264192
15:50:11 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 89)

15:50:11 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r1, 0x8008f513, &(0x7f0000000000))
sendfile(r1, r0, 0x0, 0xfffffdef)

15:50:11 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:50:11 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 70)

15:50:11 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 75)

15:50:11 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 94)

15:50:11 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d895a700d4355323d33ca21baaa901", 0x17, 0x2}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(0x0, r2, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x2, 0x3, &(0x7f0000000340)=[{&(0x7f0000000240)="b8e92f6e8485286f0c10794a7bb44da1236bbe526c87d82ee35f70dbb1b580ee52ad269c74639d3ac03e4ea2cf1efaed270d1dedd2ad4775cadc29d8fa6dafe97839da7c3cd09606e3d7b2f49d8d8f030f65a48f0d033eb32c8722537b1fe8ad09eab7afb9ef6b86c32e9ad00e5864d21d830b118fb856d1d203b18daa1d49b1a348f78ce1140779511026370408d5536bdc6711a20a22be5c2281797a06066e24b6186989e1fa514780d9eee7c235fe72bc304f26e1eba48eb46501d185f4a0525c5d18b979c4f52b7893d737e818dd8ee995666381ab2290ec603aeacf520c5d70873ad3796fccf5e69e8e14b232737b79f3e6", 0xf4, 0x6}, {&(0x7f00000000c0)="c863c47b6afd7a0455440107708b70aac27a771a822ad9fee596", 0x1a, 0x5}, {&(0x7f0000000180)="66b0b6c486d4122eff0175c3702a93373a3e2585dc8abe23502f498b599c5ff316e67691f8e0e81ced25047590ce5bcee4d5c3b21094018678f0fc435a24a160d098f4011a4e5f5a97727b2a7cd2da0719d4ccafac7b0ab6b5d8037304e7d1f1f826b0e101", 0x65, 0x400}], 0x20000, &(0x7f00000003c0)={[{@usrquota}, {@journal_path={'journal_path', 0x3d, './file1'}}], [{@euid_lt={'euid<', r2}}, {@appraise}, {@obj_role={'obj_role', 0x3d, 'vfat\x00'}}, {@measure}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'vfat\x00'}}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@obj_type={'obj_type', 0x3d, ']'}}, {@dont_measure}]})
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:50:11 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x410, &(0x7f0000000140)=ANY=[])
listxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)=""/93, 0x5d)
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)

[ 2886.859179] loop4: detected capacity change from 0 to 40
[ 2886.910156] loop6: detected capacity change from 0 to 40
[ 2886.912026] loop3: detected capacity change from 0 to 40
[ 2886.913054] loop2: detected capacity change from 0 to 40
[ 2886.916202] loop7: detected capacity change from 0 to 40
[ 2886.922175] loop0: detected capacity change from 0 to 40
[ 2886.932302] FAT-fs (loop3): invalid media value (0x1b)
[ 2886.933306] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 2886.982442] loop3: detected capacity change from 0 to 4
[ 2887.041258] syz-executor.2: attempt to access beyond end of device
[ 2887.041258] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2887.043247] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2887.067070] syz-executor.7: attempt to access beyond end of device
[ 2887.067070] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2887.068916] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2887.076149] syz-executor.0: attempt to access beyond end of device
[ 2887.076149] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2887.077970] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2887.101454] syz-executor.6: attempt to access beyond end of device
[ 2887.101454] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2887.102982] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:50:11 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 71)

15:50:11 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 76)

15:50:11 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3ff, 0x2, &(0x7f0000000180)=[{&(0x7f00000000c0)="1a531013ae5b137df9d28f9c31933842f1e663c63d687f351597cffd2ab1d3e288ee6daa7bd27a3ef46a96b6acd1b686e91d70b75185d2068c0c7ef8fc", 0x3d, 0x5}, {&(0x7f0000000300)="c34ed811a0ed7e27a4a43b9e9b7ed0dc7b35c7fac3f8dce3998697e94f59f4c2409ace13d2ff0301c734bf3079a48b357cb272ec64ca522f23d092744ebe1b1eeafd46ccb999a587d19cf5c5b93813d8e244ecbb65924684528e7bd4206b5525e3e5e9a00290e02d42a69dd8cd0f5e9ac2c3d5f776839db10c77be856fe118e43cac83c85cbd27773dab5417e277a1937daca260dde2a18fd24902a812cf4b143c1da168f7b287efb3e4b712388a31f9db2c67df29beb1839be49c5a7e52e9a0a92a056ec078", 0xc6, 0x4}], 0x20, &(0x7f0000000780)=ANY=[@ANYBLOB="75737252756f74612c6d61785f6469725f73697a655f6b623d3078303030303030303030303030303030362c757365725f78617474722c6a6f75726e616c5f696f7072696f3d3078303030303030303030303030303030302c64696f726561645f6c6f636b2c626172726965722c6e6f626c6f636b5f76616c69646974792c7573726a71756f74613d2c757365725ffffffffffffffffd74613d6a6f75726e616c2c0037e2cb05190b084bd6b457789bad7b026c95"])
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
chroot(&(0x7f00000004c0)='./file1\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x2, 0x2, &(0x7f0000000680)=[{&(0x7f0000000540)="476d8c6772bdb30d89b819b25ef918489f1001b5c8a2a348ae683babf7eb4ea1f0670ed72e6f595c9491216143014690dca202016748cdb5acb98c05014b188beacbc3903fff8632b0afb1416509c2aa48a3c98f990a1ffbfe70558d9a7b33400da014341d0ac3d4090627f3bc83b348c1ed1a2fff1fa19ce20066b1f2814adfe3f87bf709398c685d0aa642e6ec1d0c71caf59eebb96a7134b59551d1f1123bb6c00dca18e324b904db298920457d07c761ccbbeec3decb1252b5a0219a28e977e889ad215ba4ba0ef820ddf2d106", 0xcf, 0x4}, {&(0x7f0000000840)="263b9ca71f2ef1a4266b5bc0f467eee674a741cfcf3a8ea744f8612a874b15d2399ca8061785e3d8a0527969c00f184de30d0b692bbb261ed495745b572a4925b277b7b53795960bbd95ed624925257bac1044df94e5d70dcff58002a9bc991101d44a8d3bedad98af64d3e93882c8718d25b2bd998d56b04b2a912de1c072c0cdb5229019621939da477401f0c510f3ff3689860a241f458eba34cf302b3a904a5fc1a150b8f8d5bb89d3f576bbe6347cedcec0746d388d28f6339da543e601e30ed12088df71a05ec87826d5af104757431b00606a4b769afe4efb2c99de6a6deddf3bbc5fc0d74c3a47a30da324ab653313ffe08a0ab889205e3192a1a0b3ea58252cdec2a5e114abc2d09f1d77fd055aaa3b3ec32ea60b07d896feb7f83ac128bf5b0c15a5efd9fc528a35cbecefc8a960567828d4f1763de8e724474d239eaf0c91c8ee0a461b64da93562c9a6971b342b65cae451ede0d", 0x15a, 0x85b8}], 0x220000e, &(0x7f00000006c0)={[{@block_validity}, {@nobh}, {@commit={'commit', 0x3d, 0x401}}, {@usrjquota_path={'usrjquota', 0x3d, './file1'}}, {@data_err_ignore}, {@discard}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xfd}}, {@data_writeback}], [{@obj_user={'obj_user', 0x3d, 'data=journal'}}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@audit}]})
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, 0x0, 0xfffffdef)

15:50:11 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 95)

15:50:11 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 90)

[ 2887.298049] loop7: detected capacity change from 0 to 40
[ 2887.300548] loop4: detected capacity change from 0 to 40
[ 2887.365981] loop2: detected capacity change from 0 to 40
[ 2887.388991] loop6: detected capacity change from 0 to 40
[ 2887.434604] syz-executor.6: attempt to access beyond end of device
[ 2887.434604] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2887.436343] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2887.459885] syz-executor.7: attempt to access beyond end of device
[ 2887.459885] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2887.461600] Buffer I/O error on dev loop7, logical block 10, lost async page write
15:50:12 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 96)

[ 2887.473513] loop0: detected capacity change from 0 to 40
[ 2887.549351] syz-executor.2: attempt to access beyond end of device
[ 2887.549351] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2887.551081] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2887.604008] syz-executor.0: attempt to access beyond end of device
[ 2887.604008] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2887.605775] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2887.636617] loop6: detected capacity change from 0 to 40
15:50:12 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x60080, 0x6)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:50:12 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 72)

15:50:12 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 77)

[ 2887.770937] FAULT_INJECTION: forcing a failure.
[ 2887.770937] name failslab, interval 1, probability 0, space 0, times 0
[ 2887.772729] CPU: 1 PID: 12060 Comm: syz-executor.6 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2887.773718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2887.774667] Call Trace:
[ 2887.774978]  <TASK>
[ 2887.775261]  dump_stack_lvl+0xc1/0xf0
[ 2887.775745]  should_fail_ex+0x4b4/0x5b0
[ 2887.776249]  should_failslab+0x9/0x20
[ 2887.776731]  __kmem_cache_alloc_node+0x5b/0x310
[ 2887.777374]  ? iter_file_splice_write+0x169/0xcb0
[ 2887.777982]  ? iter_file_splice_write+0x169/0xcb0
[ 2887.778610]  __kmalloc+0x4a/0x160
[ 2887.779102]  iter_file_splice_write+0x169/0xcb0
[ 2887.779756]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2887.780393]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2887.781079]  ? inode_security+0x105/0x140
[ 2887.781626]  ? security_file_permission+0xb5/0xe0
[ 2887.782275]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2887.782933]  direct_splice_actor+0x113/0x180
[ 2887.783511]  splice_direct_to_actor+0x33a/0x8c0
[ 2887.784105]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2887.784746]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2887.785397]  ? security_file_permission+0xb5/0xe0
[ 2887.786074]  do_splice_direct+0x1bc/0x290
[ 2887.786620]  ? __pfx_do_splice_direct+0x10/0x10
[ 2887.787226]  ? lock_is_held_type+0x9f/0x120
[ 2887.787784]  do_sendfile+0xb1d/0x12b0
[ 2887.788341]  ? __pfx_do_sendfile+0x10/0x10
[ 2887.788885]  __x64_sys_sendfile64+0x1d5/0x210
[ 2887.789465]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2887.790203]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2887.790950]  do_syscall_64+0x3f/0x90
[ 2887.791471]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2887.792194] RIP: 0033:0x7f746e5b1b19
[ 2887.792664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2887.795280] RSP: 002b:00007f746bb27188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2887.796243] RAX: ffffffffffffffda RBX: 00007f746e6c4f60 RCX: 00007f746e5b1b19
[ 2887.797055] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2887.797893] RBP: 00007f746bb271d0 R08: 0000000000000000 R09: 0000000000000000
[ 2887.798747] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2887.799611] R13: 00007ffcd6c9647f R14: 00007f746bb27300 R15: 0000000000022000
[ 2887.800526]  </TASK>
[ 2887.841453] loop3: detected capacity change from 0 to 40
[ 2887.855198] FAT-fs (loop3): Unrecognized mount option "./file0" or missing value
[ 2887.880143] loop4: detected capacity change from 0 to 40
[ 2887.885355] loop7: detected capacity change from 0 to 40
[ 2887.918427] loop2: detected capacity change from 0 to 40
15:50:12 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 91)

15:50:12 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x1f}], 0x81080b, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000001280)={<r1=>0x0, 0x0, "6a108927c7da5da87ef207c086ee932001c4c58949b41fa4e9606abb43ad6437c4d685a86f8bb04dabf6be0e8187b43f6a0ba23317623c7acd3ccca8199ab233db37b73372193c61ddc3e7e3b581d377feea90f3bd5b18350d968b0f559a3b2b85711f362e0be2a54884ad2e38335e0d9889741b24796f84f25814910d4037d609bd2136948e611d366c294e477d3ae10ea50529954ef2103af336052ff433032c903066a12e4dfa12aabb4969e76f90f8fafeabd9b15b20342968ecfb18238dcff9bcbd5c7dd8d07f7371393e9e6c693d8c43ea01f6aa33a91a7ef250d79ba777bba40750b6479d745229e83033764e4742baa0be86d3f3ce376e5114d265bc", "83a8a501a3298c050c28e76bbe641e2c18a6c539e52c9e3250b08949d59401e0c517bc002bc3fb78a3965136688ae19d4a14515b4335dcf032899de52fa54596fdd3a81125c4cf9970cee093f786fa56eb6dadc6ebb198f0c1ada52133592979505492e8a0016b28068cc19e9d472c49e2dfe4858b30551b2950e4ac2436a37e0b1357af7a28ef8d645c158c0f74c605ae9ef33d7316f000e85eb03f4b0bb6284415ed17e91dc97581b4ec8a39adf6d8e0e20c50711b3498f900b7d8a984bebaf138969bf43f1f1f4302348123e6276e0e693ba282aef1f3dc40dce32bd59b6f179071357edd061536ebc4d2bc3b11a7e01a3aadb7d4ce8a94de4794ca9dd86ac911a54cb6063da0a88ee2c13159e72a4345219b075347d09f68881926815333e21701c812faf9dac9153a76369d806bdc1aacbf3fb1e75ba9b740a6f65ac5be0984fc3dbd0b2b269296a3e71e700c7c5e70690090d4e17467ddb04bfe080f211ec5ca5644ddb95977b041c623f71eb2c2047336d2016c276cb3f0f96373cdd5b96e90313082ef639cb10523172fd8d6966e50d17db6f598a7ff0f4867472bfa78c7db541a36fed3b66a32283d369ca9e69f2e222480a9d8ca1bef1810abcd2c06ebc5b299f6c863d12d5fc47133f9dade6ba71b8e4d53b12c843a0b8ae0075d029dcb59d9efd83f3b597bbef1d1dac5046683827072130c442a1ec8fe4c6b78490e6835c0629018f47b4ed78cc59c83437b6dc581df6e299cc1b16f912b16a586c11df21a7bc4810f3ed5f256b3c53e34d9c134722c78eb2aa1b1e2eef14187bc9261493392dbd08bdc2e8eee3815657d9057f00bf57a7c3a65fc5f5548de8f2503720d2a1cd9ee9d4e486eaf1c3527c8e4ffb082e2100a0a00fa165a24d7e4c97f059eface7a10bdbdea5883441117e90bcad4670c7221ec399634c85cc6d6aa3e7f76954d506566879206ce629e1767258dc606b327c0805b8c658167afedfd7887cf2490a9af648bba8d603df4af0ceb7050e2ee12f2b3b6d983fa15b205ee351b22437edab80d42104a7f51e6b5fcf6da3f6fc9efc09deb98c6caa7fa1edbf17d6ca039e795c031b55875f5244c5a555fd950f4fb8918ab54f75c4b7f8dbcda166105a0feb12cd042d556b899250ec164a0a00b6fa0c1ec2101c7f222dccea60e40127942aed7ee736d1e009921a2f640191e021d6fafd371f92cc6a2de7722dd0df64895220b1d262db93c7221d5479e7a6072ed795625686ff0034f173ec9ad12aa7cbcda1f447731b3da90b4fe763e4450e22923c8fd64e0b348031a9ce64887e0933305b89021b5a5d5d92446143f0f4a77c2b74217d2900fde84bddd327cd1a4bf0d9f70c222af5da01971f270af59d090b7156355851d012e13ae1d9d1ca1d2d152aea3b9d9f1b3d3ec48733e0698d8381682b71c8b7891ab4b5e7dd74bf5766d9ca62ad014d6fd6650e0bd0914a2ed4911b1b0b049c50342212b372008f9cf1858cdb77870c62a55265ef963f5a4ae59512b3566dccdb55d169cc2da1b3d90784baaf93daa13d2a1b7264351287eb2258586d9f5b672b98978e2300a2c007bae1b11ebfdaafebec84ae659e4e85eed647132e4bd8cb759d0e2f8e3f239b9f524f3fcb72c17bf22b64183f000fe1f3f2367e67bd1276523f5624c475fc072d62bb2b500f68c5318c8ad80abf3d6537d5a106d6ab4f076fd8365ff28b9216a2c24665f068b8682ac44064ca2dce2feb4b4ca179f6bd97dd43584e3f0f70faa284ba075d34dae08621246fcb9e77184ae45f33ee83aeda24d79a99687f3b59ce5299e7d0949235ada30c2b3840b9e52a89d2e1d01b635953dac534e5944d9383296f9753d6b3eaa02f8f22e16a870eae7e10a0b8391fb6adbdc5a15931485382389115f6e46b05b1f9c1312929c198b068039e996920475bacdc09218c0bec9b799bb46b78e4e2b67ded5d33890e37cf5773834bd40f4074a3d5607c07046edfeeb169d032692e370f2f5f1b94793dac564c5b5e8d92ddfb145931029fe40109881d13fd5ee3e4565bc1704428779df75f39b618871efb91abba625a28801cd9b137d1b8a90e2aab270a53a46c63382dd199ebd856efa7785fb5b44164fee8d7b708ee95c179c8c5864e9835a2f3b5f8c516e6873372d6151652de2e3016f5117e14aabce09f09378279ef0abc7020014a8e0e194dcd933385fee9fe600dc4212b63d9ee024669236571e45be099ea9c8eaac5ccac2883fd815a70fcb334a43bc3990aec45d82af3dc725ce549aad5e71390bc87cf9be42066bfa91e9de928ff9a32664b9aa6801dc0bad7d9c2c63ab13c84b6bf60154526e89090df34089b3954d44efac2d061f5d719b506ab615f54750174b04dff44740868eb8cbd5842353100ebff293ec0080696bd661527df3361d07ab348b60f8cfde9f480e6f87f58d9005865e3370ad8164a200098ae6ee310d4561d817483b7a9568882d808029a7d01656e99d2e1d2dc67f4c45156e2db0e35709bb847cbf82bab030e31ba1128b3f076e5f008b4629fee6d8d6ba55ecab274fb460bf80ee16dd26c6a9cc322f247a08e76c1b5e86783eab907cc8ff91f6dccddc09b9a13ac7bb3b0e3ccdb3c6f4696080aa79cbea521e1261f73db7f889af7879e9b2ffd029e75eadc10937938810b61512a0539973c91f7e9c87303a2d27c1281aee40a5ad2f5907c2756496420c3e88d634ab574a60b720b6642b7195a058c780a898e2fbb8862f64f0ef387f58af8592b43a14e454982154e5608ba38cf9a551f609a7cd41fc8497201b348df164bf3983b7c8d6a4b1d8d8f2eb7c6cc6c4c2c6533bbaebd86b63705078e5da47ab48886afab92d708622cfc05a458d6c85ff2f167cdf62c0d7a84a852607af81222cf8f9c9e27c99bff3b75cfa160526a090e04eb9a502d0248861d787f1ff2842d9454269335ebb186d8ddd4f0f49c2388d566792e481d483c2df6b557a0285c629f3a646f99eb13e953e782d3f1863d2d4b8d8da1c4f8001f662678ecfd9d35b4783da4577f7c7d70975c4094c3b69f14bf2ecd38cf86169057e79c942f16ac6a14c808176fdcb751810611f2d80ee69094a5f74846cf270835300a8e8aa264f1d240257d6a92186daca114f60718a212c7f51f7417fdee58100e674592fc9f0b24fb9f7e5b27abe98b0facb2efcd85d5ac08dd52551e0b2a51961a681c9b0b570efcd72982b8628d6198645bf35f293af277cb23b3fbc2852f754e3ad559c2c77931c17fd49ce9738fac7795c25b62d57b859f199c01ce1cd623f5188a60aacffc450fc3b0aa4d02d1348c6b9fe458a1bf18e7ee3c8c64345ed0d06f6e06018212b8485bfab0120c8d74e99065d5a8f81ad7065c8b34fe121b1e08ab87f20d131d4431e041b3558d7b1b8543af62888bb0603c85c551e8d81d6a7f32ec643505e6650724ccaa4f1e5ce7d0ac01ebe47d05aedbb493138dab2e6c3271496e16e14821649c6a37f5368c00bf83198239f38d024d280bd08ce48e401a4d87128a034ccd2ea6a0b9e5d81093021a280f0f10ba18f5fa5150c81810e15900e3b3b61348f6be520860800680945d23b222278361888af6e50b2b58dc708bec418e57726646290968fd7de7d3757e0873a4e417d6d9cc3e43e45522e5816fc074e897566da7021c83d71f4bac04ebbbd4e6bcd7353ff0be7137608417d8c2da001aa8d1285eb47ac544fe8130647529463655f4838a864e78082a96b4efe5548877f87887b7752e2627242997eabf68fde20b1b27f8ee821d43fbebaaf38a954633902cefe6f3627176d8b1a5e25b73df1ffd1a6c6f835f4204e67d15123f80c45e5e83b76a1e65afa70cd182a1403407768b627ec5c329947a476b6cf4edad204f36a2212169bca489411440ced4ddf4163739220a05fe3cb74a4dbfbd273130c46913e8c22055c708a2592e22d4211fda544ac9403f05113f68c5468b12d7d6171409d38705e598fd78d809e1769304f3a11f6775ba410757559de64acb00f512b0190376582765ffdde03282445f9e0ace336f4b09673a9ef160d1c66cf856e04dbbd41c597376d3c4c21c8c34c6392945ab58e382786687da1df68eaf5a7318fddf3654fa6adb617baa432c85a7bfeb5d63fe16c1012fe4440a5d8cf349d9a8b1f75027bc9f2c6a56dd20275f2a899ed54f35d7c53feed5bb37828651c979d0920fc2b4bb8e0f540163f20ea2a5566d56696abdc6a9aa9db917ef8b5cc826049998b6a0b604dcf9f7b276e2489d0fb8daf7126db72f1e8d615e8ec001c142391c1d9e392ec2987bd5a7259059392d15416ec2b476b37944b3d0c550a42d9f36cb9c6c2ddca93d1665e4c5f61e3c5a101aa10c10bf11b615e1f718143efda59ef6edec961c6afafd2f7620f864e31ff4336a220970a9783e17eed18b932803441e172a2d9d01c7caa572052efa1f1a7e63af445f033e8e923c9142a868764490ababf181fceb75e47fad937487230f6720d4a8f2833e4f3094513bb2ecfa904741bb0b003354e84f2fe00f3938d820968ff73740e62dd68cee6eb5e3016f35327ffdadfa428a74dd66fbac07afa7ffdfd5259a58f3338629eab653d7632b1d4ee5de10dfebecc0dec740f2aef44aba211fc1919532c358d8e5a2a5f1879ec0afd5bade05c028a5e74f0740ea33d0d13f43888d218860c78ee8fab965112d977ba8f8c8d11a265a762646820594aba42a993a523f4771137471c2d9b3933e8b90c24bd275dd639b073a22b5fcf23303dcd828e7e2845912353aef23582995b779181c2c525f37b22a873611b5bca2f2678ed7576922be31208fec0d2806d0363e8837364a34ac3bf76a3682c93b7d79f5b01321bbc2f432cb7255f85e758c35bf70344b0119f92e2d20c6e380028af56e8aa10614677de3d9b001b66c319fb86e42540380c45d019b5f0aeaeab94a887addd8e12062b9125efb6d7a4b6222b0fdaf0b7a84b3dea501d43de2d98f13166aa2d3f4e1e11bc114d924ddf5e8ddf37c287fe94e245f3dafa605da051c012d95ff1b82a345af0e512ed18da2a3bdb1734f063d48bf97b4d8e2daf95c0a679aedd503b68f7ac4c4139e15d1deddcab04db34fdb0834246b1b36f8b52250a2e75687d4a98994ebe0fc65c8e2c7be446c2ffa766206a52cc4f7dc508f8c8156baf8e7dac0a305d88c65fb5c96b5d34bd9cdf3eaf534025fd4a70555e22b5450e050df9457e55bfac21dfe825ab1b6e11c70d39ca93e16cdf16231935e5d3185806919a23dcbaa9227361bf25276b815cf0375a4cea3162f38995bb530a08b5c0e2c0d96a316cf42ff3e3ca1a35360fddb3426cf5ade1be89d81fc8ed2016e6199d1c2580e0dc3030f39531fe0dfc41f5a6825bde42846c95af104d85"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000038c0)={0x0, ""/256, <r2=>0x0, <r3=>0x0})
r4 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000001280)={<r5=>0x0, <r6=>0x0, "6a108927c7da5da87ef207c086ee932001c4c58949b41fa4e9606abb43ad6437c4d685a86f8bb04dabf6be0e8187b43f6a0ba23317623c7acd3ccca8199ab233db37b73372193c61ddc3e7e3b581d377feea90f3bd5b18350d968b0f559a3b2b85711f362e0be2a54884ad2e38335e0d9889741b24796f84f25814910d4037d609bd2136948e611d366c294e477d3ae10ea50529954ef2103af336052ff433032c903066a12e4dfa12aabb4969e76f90f8fafeabd9b15b20342968ecfb18238dcff9bcbd5c7dd8d07f7371393e9e6c693d8c43ea01f6aa33a91a7ef250d79ba777bba40750b6479d745229e83033764e4742baa0be86d3f3ce376e5114d265bc", "83a8a501a3298c050c28e76bbe641e2c18a6c539e52c9e3250b08949d59401e0c517bc002bc3fb78a3965136688ae19d4a14515b4335dcf032899de52fa54596fdd3a81125c4cf9970cee093f786fa56eb6dadc6ebb198f0c1ada52133592979505492e8a0016b28068cc19e9d472c49e2dfe4858b30551b2950e4ac2436a37e0b1357af7a28ef8d645c158c0f74c605ae9ef33d7316f000e85eb03f4b0bb6284415ed17e91dc97581b4ec8a39adf6d8e0e20c50711b3498f900b7d8a984bebaf138969bf43f1f1f4302348123e6276e0e693ba282aef1f3dc40dce32bd59b6f179071357edd061536ebc4d2bc3b11a7e01a3aadb7d4ce8a94de4794ca9dd86ac911a54cb6063da0a88ee2c13159e72a4345219b075347d09f68881926815333e21701c812faf9dac9153a76369d806bdc1aacbf3fb1e75ba9b740a6f65ac5be0984fc3dbd0b2b269296a3e71e700c7c5e70690090d4e17467ddb04bfe080f211ec5ca5644ddb95977b041c623f71eb2c2047336d2016c276cb3f0f96373cdd5b96e90313082ef639cb10523172fd8d6966e50d17db6f598a7ff0f4867472bfa78c7db541a36fed3b66a32283d369ca9e69f2e222480a9d8ca1bef1810abcd2c06ebc5b299f6c863d12d5fc47133f9dade6ba71b8e4d53b12c843a0b8ae0075d029dcb59d9efd83f3b597bbef1d1dac5046683827072130c442a1ec8fe4c6b78490e6835c0629018f47b4ed78cc59c83437b6dc581df6e299cc1b16f912b16a586c11df21a7bc4810f3ed5f256b3c53e34d9c134722c78eb2aa1b1e2eef14187bc9261493392dbd08bdc2e8eee3815657d9057f00bf57a7c3a65fc5f5548de8f2503720d2a1cd9ee9d4e486eaf1c3527c8e4ffb082e2100a0a00fa165a24d7e4c97f059eface7a10bdbdea5883441117e90bcad4670c7221ec399634c85cc6d6aa3e7f76954d506566879206ce629e1767258dc606b327c0805b8c658167afedfd7887cf2490a9af648bba8d603df4af0ceb7050e2ee12f2b3b6d983fa15b205ee351b22437edab80d42104a7f51e6b5fcf6da3f6fc9efc09deb98c6caa7fa1edbf17d6ca039e795c031b55875f5244c5a555fd950f4fb8918ab54f75c4b7f8dbcda166105a0feb12cd042d556b899250ec164a0a00b6fa0c1ec2101c7f222dccea60e40127942aed7ee736d1e009921a2f640191e021d6fafd371f92cc6a2de7722dd0df64895220b1d262db93c7221d5479e7a6072ed795625686ff0034f173ec9ad12aa7cbcda1f447731b3da90b4fe763e4450e22923c8fd64e0b348031a9ce64887e0933305b89021b5a5d5d92446143f0f4a77c2b74217d2900fde84bddd327cd1a4bf0d9f70c222af5da01971f270af59d090b7156355851d012e13ae1d9d1ca1d2d152aea3b9d9f1b3d3ec48733e0698d8381682b71c8b7891ab4b5e7dd74bf5766d9ca62ad014d6fd6650e0bd0914a2ed4911b1b0b049c50342212b372008f9cf1858cdb77870c62a55265ef963f5a4ae59512b3566dccdb55d169cc2da1b3d90784baaf93daa13d2a1b7264351287eb2258586d9f5b672b98978e2300a2c007bae1b11ebfdaafebec84ae659e4e85eed647132e4bd8cb759d0e2f8e3f239b9f524f3fcb72c17bf22b64183f000fe1f3f2367e67bd1276523f5624c475fc072d62bb2b500f68c5318c8ad80abf3d6537d5a106d6ab4f076fd8365ff28b9216a2c24665f068b8682ac44064ca2dce2feb4b4ca179f6bd97dd43584e3f0f70faa284ba075d34dae08621246fcb9e77184ae45f33ee83aeda24d79a99687f3b59ce5299e7d0949235ada30c2b3840b9e52a89d2e1d01b635953dac534e5944d9383296f9753d6b3eaa02f8f22e16a870eae7e10a0b8391fb6adbdc5a15931485382389115f6e46b05b1f9c1312929c198b068039e996920475bacdc09218c0bec9b799bb46b78e4e2b67ded5d33890e37cf5773834bd40f4074a3d5607c07046edfeeb169d032692e370f2f5f1b94793dac564c5b5e8d92ddfb145931029fe40109881d13fd5ee3e4565bc1704428779df75f39b618871efb91abba625a28801cd9b137d1b8a90e2aab270a53a46c63382dd199ebd856efa7785fb5b44164fee8d7b708ee95c179c8c5864e9835a2f3b5f8c516e6873372d6151652de2e3016f5117e14aabce09f09378279ef0abc7020014a8e0e194dcd933385fee9fe600dc4212b63d9ee024669236571e45be099ea9c8eaac5ccac2883fd815a70fcb334a43bc3990aec45d82af3dc725ce549aad5e71390bc87cf9be42066bfa91e9de928ff9a32664b9aa6801dc0bad7d9c2c63ab13c84b6bf60154526e89090df34089b3954d44efac2d061f5d719b506ab615f54750174b04dff44740868eb8cbd5842353100ebff293ec0080696bd661527df3361d07ab348b60f8cfde9f480e6f87f58d9005865e3370ad8164a200098ae6ee310d4561d817483b7a9568882d808029a7d01656e99d2e1d2dc67f4c45156e2db0e35709bb847cbf82bab030e31ba1128b3f076e5f008b4629fee6d8d6ba55ecab274fb460bf80ee16dd26c6a9cc322f247a08e76c1b5e86783eab907cc8ff91f6dccddc09b9a13ac7bb3b0e3ccdb3c6f4696080aa79cbea521e1261f73db7f889af7879e9b2ffd029e75eadc10937938810b61512a0539973c91f7e9c87303a2d27c1281aee40a5ad2f5907c2756496420c3e88d634ab574a60b720b6642b7195a058c780a898e2fbb8862f64f0ef387f58af8592b43a14e454982154e5608ba38cf9a551f609a7cd41fc8497201b348df164bf3983b7c8d6a4b1d8d8f2eb7c6cc6c4c2c6533bbaebd86b63705078e5da47ab48886afab92d708622cfc05a458d6c85ff2f167cdf62c0d7a84a852607af81222cf8f9c9e27c99bff3b75cfa160526a090e04eb9a502d0248861d787f1ff2842d9454269335ebb186d8ddd4f0f49c2388d566792e481d483c2df6b557a0285c629f3a646f99eb13e953e782d3f1863d2d4b8d8da1c4f8001f662678ecfd9d35b4783da4577f7c7d70975c4094c3b69f14bf2ecd38cf86169057e79c942f16ac6a14c808176fdcb751810611f2d80ee69094a5f74846cf270835300a8e8aa264f1d240257d6a92186daca114f60718a212c7f51f7417fdee58100e674592fc9f0b24fb9f7e5b27abe98b0facb2efcd85d5ac08dd52551e0b2a51961a681c9b0b570efcd72982b8628d6198645bf35f293af277cb23b3fbc2852f754e3ad559c2c77931c17fd49ce9738fac7795c25b62d57b859f199c01ce1cd623f5188a60aacffc450fc3b0aa4d02d1348c6b9fe458a1bf18e7ee3c8c64345ed0d06f6e06018212b8485bfab0120c8d74e99065d5a8f81ad7065c8b34fe121b1e08ab87f20d131d4431e041b3558d7b1b8543af62888bb0603c85c551e8d81d6a7f32ec643505e6650724ccaa4f1e5ce7d0ac01ebe47d05aedbb493138dab2e6c3271496e16e14821649c6a37f5368c00bf83198239f38d024d280bd08ce48e401a4d87128a034ccd2ea6a0b9e5d81093021a280f0f10ba18f5fa5150c81810e15900e3b3b61348f6be520860800680945d23b222278361888af6e50b2b58dc708bec418e57726646290968fd7de7d3757e0873a4e417d6d9cc3e43e45522e5816fc074e897566da7021c83d71f4bac04ebbbd4e6bcd7353ff0be7137608417d8c2da001aa8d1285eb47ac544fe8130647529463655f4838a864e78082a96b4efe5548877f87887b7752e2627242997eabf68fde20b1b27f8ee821d43fbebaaf38a954633902cefe6f3627176d8b1a5e25b73df1ffd1a6c6f835f4204e67d15123f80c45e5e83b76a1e65afa70cd182a1403407768b627ec5c329947a476b6cf4edad204f36a2212169bca489411440ced4ddf4163739220a05fe3cb74a4dbfbd273130c46913e8c22055c708a2592e22d4211fda544ac9403f05113f68c5468b12d7d6171409d38705e598fd78d809e1769304f3a11f6775ba410757559de64acb00f512b0190376582765ffdde03282445f9e0ace336f4b09673a9ef160d1c66cf856e04dbbd41c597376d3c4c21c8c34c6392945ab58e382786687da1df68eaf5a7318fddf3654fa6adb617baa432c85a7bfeb5d63fe16c1012fe4440a5d8cf349d9a8b1f75027bc9f2c6a56dd20275f2a899ed54f35d7c53feed5bb37828651c979d0920fc2b4bb8e0f540163f20ea2a5566d56696abdc6a9aa9db917ef8b5cc826049998b6a0b604dcf9f7b276e2489d0fb8daf7126db72f1e8d615e8ec001c142391c1d9e392ec2987bd5a7259059392d15416ec2b476b37944b3d0c550a42d9f36cb9c6c2ddca93d1665e4c5f61e3c5a101aa10c10bf11b615e1f718143efda59ef6edec961c6afafd2f7620f864e31ff4336a220970a9783e17eed18b932803441e172a2d9d01c7caa572052efa1f1a7e63af445f033e8e923c9142a868764490ababf181fceb75e47fad937487230f6720d4a8f2833e4f3094513bb2ecfa904741bb0b003354e84f2fe00f3938d820968ff73740e62dd68cee6eb5e3016f35327ffdadfa428a74dd66fbac07afa7ffdfd5259a58f3338629eab653d7632b1d4ee5de10dfebecc0dec740f2aef44aba211fc1919532c358d8e5a2a5f1879ec0afd5bade05c028a5e74f0740ea33d0d13f43888d218860c78ee8fab965112d977ba8f8c8d11a265a762646820594aba42a993a523f4771137471c2d9b3933e8b90c24bd275dd639b073a22b5fcf23303dcd828e7e2845912353aef23582995b779181c2c525f37b22a873611b5bca2f2678ed7576922be31208fec0d2806d0363e8837364a34ac3bf76a3682c93b7d79f5b01321bbc2f432cb7255f85e758c35bf70344b0119f92e2d20c6e380028af56e8aa10614677de3d9b001b66c319fb86e42540380c45d019b5f0aeaeab94a887addd8e12062b9125efb6d7a4b6222b0fdaf0b7a84b3dea501d43de2d98f13166aa2d3f4e1e11bc114d924ddf5e8ddf37c287fe94e245f3dafa605da051c012d95ff1b82a345af0e512ed18da2a3bdb1734f063d48bf97b4d8e2daf95c0a679aedd503b68f7ac4c4139e15d1deddcab04db34fdb0834246b1b36f8b52250a2e75687d4a98994ebe0fc65c8e2c7be446c2ffa766206a52cc4f7dc508f8c8156baf8e7dac0a305d88c65fb5c96b5d34bd9cdf3eaf534025fd4a70555e22b5450e050df9457e55bfac21dfe825ab1b6e11c70d39ca93e16cdf16231935e5d3185806919a23dcbaa9227361bf25276b815cf0375a4cea3162f38995bb530a08b5c0e2c0d96a316cf42ff3e3ca1a35360fddb3426cf5ade1be89d81fc8ed2016e6199d1c2580e0dc3030f39531fe0dfc41f5a6825bde42846c95af104d85"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, <r7=>0x0})
r8 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000001280)={0x0, 0x0, "6a108927c7da5da87ef207c086ee932001c4c58949b41fa4e9606abb43ad6437c4d685a86f8bb04dabf6be0e8187b43f6a0ba23317623c7acd3ccca8199ab233db37b73372193c61ddc3e7e3b581d377feea90f3bd5b18350d968b0f559a3b2b85711f362e0be2a54884ad2e38335e0d9889741b24796f84f25814910d4037d609bd2136948e611d366c294e477d3ae10ea50529954ef2103af336052ff433032c903066a12e4dfa12aabb4969e76f90f8fafeabd9b15b20342968ecfb18238dcff9bcbd5c7dd8d07f7371393e9e6c693d8c43ea01f6aa33a91a7ef250d79ba777bba40750b6479d745229e83033764e4742baa0be86d3f3ce376e5114d265bc", "83a8a501a3298c050c28e76bbe641e2c18a6c539e52c9e3250b08949d59401e0c517bc002bc3fb78a3965136688ae19d4a14515b4335dcf032899de52fa54596fdd3a81125c4cf9970cee093f786fa56eb6dadc6ebb198f0c1ada52133592979505492e8a0016b28068cc19e9d472c49e2dfe4858b30551b2950e4ac2436a37e0b1357af7a28ef8d645c158c0f74c605ae9ef33d7316f000e85eb03f4b0bb6284415ed17e91dc97581b4ec8a39adf6d8e0e20c50711b3498f900b7d8a984bebaf138969bf43f1f1f4302348123e6276e0e693ba282aef1f3dc40dce32bd59b6f179071357edd061536ebc4d2bc3b11a7e01a3aadb7d4ce8a94de4794ca9dd86ac911a54cb6063da0a88ee2c13159e72a4345219b075347d09f68881926815333e21701c812faf9dac9153a76369d806bdc1aacbf3fb1e75ba9b740a6f65ac5be0984fc3dbd0b2b269296a3e71e700c7c5e70690090d4e17467ddb04bfe080f211ec5ca5644ddb95977b041c623f71eb2c2047336d2016c276cb3f0f96373cdd5b96e90313082ef639cb10523172fd8d6966e50d17db6f598a7ff0f4867472bfa78c7db541a36fed3b66a32283d369ca9e69f2e222480a9d8ca1bef1810abcd2c06ebc5b299f6c863d12d5fc47133f9dade6ba71b8e4d53b12c843a0b8ae0075d029dcb59d9efd83f3b597bbef1d1dac5046683827072130c442a1ec8fe4c6b78490e6835c0629018f47b4ed78cc59c83437b6dc581df6e299cc1b16f912b16a586c11df21a7bc4810f3ed5f256b3c53e34d9c134722c78eb2aa1b1e2eef14187bc9261493392dbd08bdc2e8eee3815657d9057f00bf57a7c3a65fc5f5548de8f2503720d2a1cd9ee9d4e486eaf1c3527c8e4ffb082e2100a0a00fa165a24d7e4c97f059eface7a10bdbdea5883441117e90bcad4670c7221ec399634c85cc6d6aa3e7f76954d506566879206ce629e1767258dc606b327c0805b8c658167afedfd7887cf2490a9af648bba8d603df4af0ceb7050e2ee12f2b3b6d983fa15b205ee351b22437edab80d42104a7f51e6b5fcf6da3f6fc9efc09deb98c6caa7fa1edbf17d6ca039e795c031b55875f5244c5a555fd950f4fb8918ab54f75c4b7f8dbcda166105a0feb12cd042d556b899250ec164a0a00b6fa0c1ec2101c7f222dccea60e40127942aed7ee736d1e009921a2f640191e021d6fafd371f92cc6a2de7722dd0df64895220b1d262db93c7221d5479e7a6072ed795625686ff0034f173ec9ad12aa7cbcda1f447731b3da90b4fe763e4450e22923c8fd64e0b348031a9ce64887e0933305b89021b5a5d5d92446143f0f4a77c2b74217d2900fde84bddd327cd1a4bf0d9f70c222af5da01971f270af59d090b7156355851d012e13ae1d9d1ca1d2d152aea3b9d9f1b3d3ec48733e0698d8381682b71c8b7891ab4b5e7dd74bf5766d9ca62ad014d6fd6650e0bd0914a2ed4911b1b0b049c50342212b372008f9cf1858cdb77870c62a55265ef963f5a4ae59512b3566dccdb55d169cc2da1b3d90784baaf93daa13d2a1b7264351287eb2258586d9f5b672b98978e2300a2c007bae1b11ebfdaafebec84ae659e4e85eed647132e4bd8cb759d0e2f8e3f239b9f524f3fcb72c17bf22b64183f000fe1f3f2367e67bd1276523f5624c475fc072d62bb2b500f68c5318c8ad80abf3d6537d5a106d6ab4f076fd8365ff28b9216a2c24665f068b8682ac44064ca2dce2feb4b4ca179f6bd97dd43584e3f0f70faa284ba075d34dae08621246fcb9e77184ae45f33ee83aeda24d79a99687f3b59ce5299e7d0949235ada30c2b3840b9e52a89d2e1d01b635953dac534e5944d9383296f9753d6b3eaa02f8f22e16a870eae7e10a0b8391fb6adbdc5a15931485382389115f6e46b05b1f9c1312929c198b068039e996920475bacdc09218c0bec9b799bb46b78e4e2b67ded5d33890e37cf5773834bd40f4074a3d5607c07046edfeeb169d032692e370f2f5f1b94793dac564c5b5e8d92ddfb145931029fe40109881d13fd5ee3e4565bc1704428779df75f39b618871efb91abba625a28801cd9b137d1b8a90e2aab270a53a46c63382dd199ebd856efa7785fb5b44164fee8d7b708ee95c179c8c5864e9835a2f3b5f8c516e6873372d6151652de2e3016f5117e14aabce09f09378279ef0abc7020014a8e0e194dcd933385fee9fe600dc4212b63d9ee024669236571e45be099ea9c8eaac5ccac2883fd815a70fcb334a43bc3990aec45d82af3dc725ce549aad5e71390bc87cf9be42066bfa91e9de928ff9a32664b9aa6801dc0bad7d9c2c63ab13c84b6bf60154526e89090df34089b3954d44efac2d061f5d719b506ab615f54750174b04dff44740868eb8cbd5842353100ebff293ec0080696bd661527df3361d07ab348b60f8cfde9f480e6f87f58d9005865e3370ad8164a200098ae6ee310d4561d817483b7a9568882d808029a7d01656e99d2e1d2dc67f4c45156e2db0e35709bb847cbf82bab030e31ba1128b3f076e5f008b4629fee6d8d6ba55ecab274fb460bf80ee16dd26c6a9cc322f247a08e76c1b5e86783eab907cc8ff91f6dccddc09b9a13ac7bb3b0e3ccdb3c6f4696080aa79cbea521e1261f73db7f889af7879e9b2ffd029e75eadc10937938810b61512a0539973c91f7e9c87303a2d27c1281aee40a5ad2f5907c2756496420c3e88d634ab574a60b720b6642b7195a058c780a898e2fbb8862f64f0ef387f58af8592b43a14e454982154e5608ba38cf9a551f609a7cd41fc8497201b348df164bf3983b7c8d6a4b1d8d8f2eb7c6cc6c4c2c6533bbaebd86b63705078e5da47ab48886afab92d708622cfc05a458d6c85ff2f167cdf62c0d7a84a852607af81222cf8f9c9e27c99bff3b75cfa160526a090e04eb9a502d0248861d787f1ff2842d9454269335ebb186d8ddd4f0f49c2388d566792e481d483c2df6b557a0285c629f3a646f99eb13e953e782d3f1863d2d4b8d8da1c4f8001f662678ecfd9d35b4783da4577f7c7d70975c4094c3b69f14bf2ecd38cf86169057e79c942f16ac6a14c808176fdcb751810611f2d80ee69094a5f74846cf270835300a8e8aa264f1d240257d6a92186daca114f60718a212c7f51f7417fdee58100e674592fc9f0b24fb9f7e5b27abe98b0facb2efcd85d5ac08dd52551e0b2a51961a681c9b0b570efcd72982b8628d6198645bf35f293af277cb23b3fbc2852f754e3ad559c2c77931c17fd49ce9738fac7795c25b62d57b859f199c01ce1cd623f5188a60aacffc450fc3b0aa4d02d1348c6b9fe458a1bf18e7ee3c8c64345ed0d06f6e06018212b8485bfab0120c8d74e99065d5a8f81ad7065c8b34fe121b1e08ab87f20d131d4431e041b3558d7b1b8543af62888bb0603c85c551e8d81d6a7f32ec643505e6650724ccaa4f1e5ce7d0ac01ebe47d05aedbb493138dab2e6c3271496e16e14821649c6a37f5368c00bf83198239f38d024d280bd08ce48e401a4d87128a034ccd2ea6a0b9e5d81093021a280f0f10ba18f5fa5150c81810e15900e3b3b61348f6be520860800680945d23b222278361888af6e50b2b58dc708bec418e57726646290968fd7de7d3757e0873a4e417d6d9cc3e43e45522e5816fc074e897566da7021c83d71f4bac04ebbbd4e6bcd7353ff0be7137608417d8c2da001aa8d1285eb47ac544fe8130647529463655f4838a864e78082a96b4efe5548877f87887b7752e2627242997eabf68fde20b1b27f8ee821d43fbebaaf38a954633902cefe6f3627176d8b1a5e25b73df1ffd1a6c6f835f4204e67d15123f80c45e5e83b76a1e65afa70cd182a1403407768b627ec5c329947a476b6cf4edad204f36a2212169bca489411440ced4ddf4163739220a05fe3cb74a4dbfbd273130c46913e8c22055c708a2592e22d4211fda544ac9403f05113f68c5468b12d7d6171409d38705e598fd78d809e1769304f3a11f6775ba410757559de64acb00f512b0190376582765ffdde03282445f9e0ace336f4b09673a9ef160d1c66cf856e04dbbd41c597376d3c4c21c8c34c6392945ab58e382786687da1df68eaf5a7318fddf3654fa6adb617baa432c85a7bfeb5d63fe16c1012fe4440a5d8cf349d9a8b1f75027bc9f2c6a56dd20275f2a899ed54f35d7c53feed5bb37828651c979d0920fc2b4bb8e0f540163f20ea2a5566d56696abdc6a9aa9db917ef8b5cc826049998b6a0b604dcf9f7b276e2489d0fb8daf7126db72f1e8d615e8ec001c142391c1d9e392ec2987bd5a7259059392d15416ec2b476b37944b3d0c550a42d9f36cb9c6c2ddca93d1665e4c5f61e3c5a101aa10c10bf11b615e1f718143efda59ef6edec961c6afafd2f7620f864e31ff4336a220970a9783e17eed18b932803441e172a2d9d01c7caa572052efa1f1a7e63af445f033e8e923c9142a868764490ababf181fceb75e47fad937487230f6720d4a8f2833e4f3094513bb2ecfa904741bb0b003354e84f2fe00f3938d820968ff73740e62dd68cee6eb5e3016f35327ffdadfa428a74dd66fbac07afa7ffdfd5259a58f3338629eab653d7632b1d4ee5de10dfebecc0dec740f2aef44aba211fc1919532c358d8e5a2a5f1879ec0afd5bade05c028a5e74f0740ea33d0d13f43888d218860c78ee8fab965112d977ba8f8c8d11a265a762646820594aba42a993a523f4771137471c2d9b3933e8b90c24bd275dd639b073a22b5fcf23303dcd828e7e2845912353aef23582995b779181c2c525f37b22a873611b5bca2f2678ed7576922be31208fec0d2806d0363e8837364a34ac3bf76a3682c93b7d79f5b01321bbc2f432cb7255f85e758c35bf70344b0119f92e2d20c6e380028af56e8aa10614677de3d9b001b66c319fb86e42540380c45d019b5f0aeaeab94a887addd8e12062b9125efb6d7a4b6222b0fdaf0b7a84b3dea501d43de2d98f13166aa2d3f4e1e11bc114d924ddf5e8ddf37c287fe94e245f3dafa605da051c012d95ff1b82a345af0e512ed18da2a3bdb1734f063d48bf97b4d8e2daf95c0a679aedd503b68f7ac4c4139e15d1deddcab04db34fdb0834246b1b36f8b52250a2e75687d4a98994ebe0fc65c8e2c7be446c2ffa766206a52cc4f7dc508f8c8156baf8e7dac0a305d88c65fb5c96b5d34bd9cdf3eaf534025fd4a70555e22b5450e050df9457e55bfac21dfe825ab1b6e11c70d39ca93e16cdf16231935e5d3185806919a23dcbaa9227361bf25276b815cf0375a4cea3162f38995bb530a08b5c0e2c0d96a316cf42ff3e3ca1a35360fddb3426cf5ade1be89d81fc8ed2016e6199d1c2580e0dc3030f39531fe0dfc41f5a6825bde42846c95af104d85"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r8, 0xd000943d, &(0x7f0000056fc0)={0x9f8, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r9=>0x0}, {}, {}, {}, {}, {}, {0x0, r5}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r10=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r11=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}], 0x4, "63a4c51b3af037"})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x430002, 0x191)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000700))
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r4, 0xd000943d, &(0x7f0000056fc0)={0x9f8, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r12=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r13=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r14=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r15=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r16=>0x0}], 0x4, "63a4c51b3af037"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000700)={<r17=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000018c0)={0x1a96, [{}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r15}, {}, {}, {}, {}, {}, {0x0, <r18=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r16}], 0x0, "83b12698cb4026"})
ioctl$BTRFS_IOC_INO_LOOKUP(r0, 0xd0009412, &(0x7f0000000240)={r17, 0x4})
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffdef)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f00000028c0)={r18, r12, "f374960e6eace49a6c1f74ddd7b3019dc4c936129ebd6c7c5e1cc8fea7b6408a1698d2734ebd34b042ff176e5a1e8210312a3c8d4d220f3331b68ba69856eaabfc31c00fa737d95cd19daf66f6e9dcc02bae01fb3c4b491fe01d5ba3569297b98e8b158af4d16f3446cf0bf62de9420337fdd95945b546beb5fdb098af7cd5309cf5597e3be3e003bacb064f944877cac8c522c9cba69d98ca2b7e45be0345f08057171ec514c2dee208cd64ac9029f9cd6a9f4e746db3ed7190598d51283c3dc4b163cf5a903539bdeac48dd4315bc49c9aa5132e9fa80639383390b7a7f800c872b0076fe8a4d5051650892d21b04f51a20fd58892a7703cf4b0eab1f06361", "e36f4329df0079b8f977879a9e0ad7e7fa318c5e344e7b3dd0927c6997d0b6f72e62793dcee7d79d0605f058ae309c6e74cb2cbe1c6cc68479ae5acbbe515f01414576369f7aae0ab149a4de7f9cb1d859e3626566fd2a71f22316e6f76a82d2e41d5106b35db876e13f54d53af09d5e56fc2e7a2e3b2ea2709aea114f20026e8ded8c13c03d39c75b6bc4aca6a6cf36806fff3a724bb833a998d4277efa2e5bed96f2e0b0802b7a4b9329ce2a671658b05a9e174f63ad35df579b8ca230cc3daa6ae10b328a28966492a5f6ead24fae5ad2ff489906d3e84ee88e210472c115865b0ddfe80ed3139f6c582a3b6779463d321ab9021a5f58754765fb04d05febeaaa91184adb0ed0570ebbe3b77b0610a1456551cbf8ad293b3c9c3494006a26e704eedaae493342a7adfc980259435b63f882b20a109093b737a5d4656d11d286ca0eb9627ccd80300fabf99449e51a53aedf24ad2c3a7c5509125ed2f332c04606c7fcd185720848a524b3abc0a19570a289cd65d025b61d977fdfebd3c310ac1430debd2d539cfc8f1dfb427a5d8fbbaffcc04476c9e060b1556fa9d866dedeb8485b0c0ffb1f2a927495522dfc2a9838df11c0cedbced0dd2ae25cb57da04d82c9d25e1f6ea463c8999ec3a009258360b0a0c0303ac146e168d692df2ccdea3db30303640d227d975f58eac9948be02cf9a6aa138d19d1a3b148ab937e970b51f4f89c0be8c30406705fc86f70ad60575d7e8ada359b227f4af8a869dfd56b317a9e0fb6bc3bfd6d9860d12fa67e5487adf414e77dc4fa4fa6fc61750a4bca4c9d58b8206019c1d8e7f526087de75b18717ff5572cb83121720d9204e5c88997d7bf2527e534f4dda3b168aadb2cf1d364fc4b4dc3429ac40fbc8461b7d0f7e9df58b53c6e2cbc0eef2e0f884237dbd9d24c4b84b2cc4b565bdb4da27b9ed532e59b3af3817b290590d40b5ab0c0c1411daf593781ed4240796b00d5ffe148ea3f936e7944bc0d25b365d3f913d39d7bfdf70e8cc2df3e4edae9bec60f9712107371defaf8952c0a8e0f7c6116ad3dea77254ebc98b6bb52bede5318258121d30caa26d58dd8adfa71dbafc1ec2ff1aa69435b4a41c71a9f93138f94ad1b1842639008b3719a2ec77535cbf71739a86a7a14a5e39f0b238b8f9cd393442cda62679502e7fa1d30537ae164dabb477de5069f731779d66026d3ecc686f46791ec31bc5a032783c6ec0529889814870deee9a3b7d2512170901137b1d3d0c330e0ae12467f906bf0975d1116c7bd1bc8799cea6845d0256461e3559c215bc801ea9235c81804e3dbf650ef2532bccf4db55793c8746fd7843c6363c73e1af7c7893def35cc3fc99367f4242ca26a6f83d1b8a464942f62538c049f399609c0e7cd5aba256129bf6e5b491d631b56ca460ed0b8e8a7da5847817a37e7e33ff566854683354adcc2492fe7110b4f43beba01e5cd7801a35eb6d8ddce912c6239b2ba7dc763caeea490b43d57b499b9307bc9e224c04274b87b979d0714f8c502765b6d7e79b2051ca382e47965671e2559d30811a88f01cbc0e29b2575e371c79971dda2ab5bda7edcd1869c5c373455bfee6bbb97909f490311e4ad93686e7fb9888df95a740d4e8f08f1e3675751254aded4c2f9c3438aba9693be862013876765d2540ac95f91fd4b57095d1908b7e07369888cf5d135044e04e2f40bfb456625747cbbaea963b428edcc0ea26a0ccb2b86883cf80fd98ea3247886e4726159632a6de0d2c0eb7143bb14277bcee599b91aa63ed82e7415c93797bfdeba2bfd2caa0aab6922045dd855869298a301368335a0bab6371e03c39be8e60a308ba8f9955446bdbeb084693db0c7a500ffb5afb28c5425a92df26a9dfc1dc330cc40ee3ac01fb8d8a0c30aa61a692aa503eced81bc3b1269c06e616037928be93ff8667d2ee73668aec632be4be76112637202b539ecec23f51d70e4163009524c97227e736e082ace117946b0a5aba116ea339d32dcf98030da1fa5c477ab832c87b173d7aaf3e073dd3478f8984267906d6d05456b849fbfb8d0381d9052809aa4112fc48cb479972109788c7b0992083350c82c4e0cd019f4c65f9e9fdf669bec793ecc07cc64ff70ebb43a4043003bdbf64d93b3b0f7244d549857368343d0cf2ceee2bf42bb0a6b66b95cc97bae08e154c0727f1b41a740c03b1dc4ad8f6a8b73726a6cf980cb86f7e8c88a507ab45d619df9e8751f113d89097747d165e7cd0f69d8ee7de417893b880018748e77db10a62268f91120223d428dfda91f0b883271b60617d5b2f056736c86d549a341dd33f6308a951e87a4004f774a9ac51eefc91803db90b3a95bc798afea39cd1679463fb6e2c1a665af815ba86bad187158b216e5e21623b3be990b2c95d1dcff90c31c67abbfa1567959eddb090a00024b10b0a046027c913e6c9454c4a73f880fcdc6542bfd7ca806b70bf5e9894c91c04923a05c5b5f22e6aac7f5f104b07ac13b37904b571e9504a93b5a53cb67a0ad4a585c1242f570a45ef6703f3a244339b47bd89077bf586f48ad68c5c0142d56d07b21287ff5cf2e8c4ac02fba5a9611fcae637bd30e6eaa706eadfcb2d41787cf7dcca9619054f99e31f215b7ffa1e7b5a7b01cf2fae0c0d347dfd3a08ba4851b528c8bfe6ef878c3d425a1aa558fbed32b6d3e35d8758c3e5976b761f29cd63179b3ee3b1a88c555c8f477495074d17c1e3eac09831e4758e55ce0b77abb513a66f78e8384b00bc9ea854e6e9a06f215ed284fa3858514f52b9615d5c9427dbfaa53cf5a86d414c4414fee6d7c03b884fd9dc33c20ec76549d9da6113e6207823bcf7ef90ff6efb65db697ff73802ef3251c218d357fc7ab2172791d8c62ed99e52b71be35520dfc417ec2e438d5a6f2b6dcfbd2fbc6a9c2ef48f0d9de3572fd402f512799c9d0fcc4b6fbcef465f6821e87f14274bb2fcd2c2a26caa7d4d4de047bc77a43f923e4b1b1ad378dca641a822ec3ceafe5ed50d4b436e5872b90ca75e96b275d60991d9cc38edb81df64f89a6ecd323f2f34958882b50c36c901283f25ed0abcd05d54c8aaf06bbe533ad01aefd20079a3913c9c9a5a5f175fdda96a9c22c493bea6487159ea58928a6274a36009aea5c2f299c794a559f7cc77a91b04fd0193dbf8807c01e0b916a77674ef34e9eee12bd5633c8beab38b6ccdd188d82e77e57cb30f0488d77427b8a846381e90245fbf774a5ec863af71cc3245d908334440f418d3d7b743561d1d250a0091eb1315aeacfbd74b88c3e783e55793fcde77643a323e16b3f03062ee0339516c2dced09f81dcf1ad3f475fb5ae19237ae351645a65f6c31d2fd74468100c6e4fd2e51048a25e3f057d14d83a14bd769571b93f5444e3c013ef5a29c0e00ba205612b80cca947866284a308d7afe019c3eec3016dbb7e56b73c10a248c6b08bbaf8fb786641cc01c45cc5834623b79cc35163557241c22fb2515901fe15855a878e1da55492ee2844f975fc17a6b5002e5e77a71d86c7bf683ffbe9b5a0a3175a3ad6771f1952f73462d256edd9ef27de700376a6809d58b3d53a275ce8eb0f35e2b1952dd4986be43f512f78f30f3ec7a215d46b8962d0ac37fdb664e1206e28abb8ca55ea4369ed8c0d999bdcd05ed0eb72e72972ee4ac6b805c69f08e2f45738ff63da8fd0dcbdc42e9269703e08cf663cc4bf56de9288adb3c78ea9d436440719d02c0587693c3bbb3a3202f637e00e07381e44e4dc02eab5ea7e2ccb9972686c7fe816332cb1ecce909bbd203bf42cfaf551c86dfd81307908ff5acd680a05627e313be8a97c81e4e57726ca2b53353cf59b4bf27eaefce98fe761a5e66092004842c215776698d88591c98a6fc6aeeb7e3f722eb2b6207a5461104023ce609da6dbb30e4a757575c5ebdedfc80465f6a7d574e2fde89f212690bdf3dffadfe9a708e31d38b213ec990505528732f975703c7546f1553dd1dc92ec966f477647d7c70450f676062eca2d0efd246b2a3e93c3d567454aa7a3b50f0fcc0447becd9dbc8daf7934794372937090bb22ce1e7b16e99358b331ece73bb0a95d99f3c5fc3c0ab5a7f6371f7ffad382dc6989480de9ffdd3ead9258d95f3d028722f323b5e51a1c2f65c5d139d0d5c0c878e9cca7b2272de61ce14ebc93d50e8d68c3fc9a762dba1b3dc98f2eb6197d484b5c69bde427fe05d854c64df5839519fd38468498fa8bf8fbc3d424a4a5d83b5819d1558d26832966c1c199659d6c8fd0f12eb82786f89036592952034129041191620b625a09c5878518bd8b9b699ac100dd5de8a175a75aad22684a4859b7305e345ce9ca13cf890c14ebaf8b60d9154f9ec9022b9d8aebca39e98247edc4cdbf1e655d8ec3b93571f0e46ad125575f42a15ead16cc9ba81dfd918eff37aa754b34741d5ae5634e6ea19f5a7f80c59ed3644c50af547897056164da4aef71ffaec830859eda62dff4ed83611a41ab8722549df82d69cacbbb2cf3b52f9bd27395db4c28d365e2e86b8c7041b3ca1701774da6368203eaab4a74b82dd2dddef3a588bcf155bf42c8f1911ed78b4fc250642d96c36b913a40948ef94febba7528057164c97cd78de2b1ae52516f3e4aa3c498ba6bc052351535515d5686d860bccbe6808195847ac1af6128acd1aa3409741094474a0386476b6a8fe455c7bdd0fdf679a9db1f24a3443c0acaf02eba4930a6771fff4279676291a5b43afa268801cddd3b30dd53aa651f9bf9c36bbc256b66f9196bd9392eaa37dbc24a9a2abd56e977d29013b43aca438d4f82de31895ff23d583a9298763b08a7a5ad06b2bf1343a0c196a1a9b569e2f35170b937e847858f35d59551690dbe1b915e3fadd5c6b617735f72b3716e703b028134e290413297dad84d995c2cdd20e1d26fede520f3648fc9dbb61b9732af69d73076d1b9a1c4c7a6fcb67ae7718bf15a68b94c99721695a0aa3ecd996ded365172dd694bbb567fe6ac3d53b3ea7e281138b7346f6c4be198a76e1764f1e53264134024b9665dad3cb0c24350de1841291af5917331f5bc4550dbda0db86012796fc5f516828e7434d31be87768e0afa22b86d31b85349da228a83a29fbf74220cacb18b7baf56434c114acd4b722dd23c87c4e8877c954233160be4668c2772ce45b2a9bb3d11848376d615d338ed6a93a0e8fbebbdb086b0a1ca58b26b83206871c025edd45cb5e218c74ef53653b3f3587f706ade31ef98ecac359f229edb7b69eef7725632d40fa1ad06f00ff3b3a2ca92ec5b550f2c03b9c08fdcc379f61970dc1496c4313e44273bc7dfc0cfa59482f259ae92663a108dbaa686bd2a63305efdba0376b43ff6b75faf98c221dd124e6724498e42ae4c895a8e0242c"})

15:50:12 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 97)

[ 2887.966238] syz-executor.7: attempt to access beyond end of device
[ 2887.966238] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2887.967957] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2887.978054] syz-executor.4: attempt to access beyond end of device
[ 2887.978054] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2887.979736] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2887.990151] loop0: detected capacity change from 0 to 40
[ 2888.050503] loop6: detected capacity change from 0 to 40
15:50:12 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresuid(0x0, r1, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
accept4(r2, &(0x7f0000000440)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @empty}}, &(0x7f00000001c0)=0x80, 0x800)
mount$9p_tcp(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', &(0x7f0000000180), 0x18040, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000000004e24,fscache,dfltuid=', @ANYRESHEX=r1, @ANYBLOB="2c63616368653d667363616368652c6e6f6465766d61702c63616368657461673d76666174002c667363616368652c6e6f657874656e642c63616368657461672c63616368653d6e6f6e652c61707072616973655f747970653d696d617369672c61756469742c00214ae2531f339ef465917b4b95a3e50ef9a4e9738170eb50e9fc2ba67b2772e4e9fac06dcbf07ae4589188ec32314d317048a120aaa321"])
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x2001, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000300)='./file1\x00', &(0x7f00000004c0))
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)

15:50:12 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 73)

15:50:12 executing program 3:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./file1\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000000)="04000000646f62ff3d40cace7366d8a02b00080101000440002000f801", 0x1d}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000240)=ANY=[@ANYBLOB="983265980963f85d7690bb0ecff84a33763610d084ad10d299d06661ecf5ce5f30b661f86317fb75a661d82a98c362a50edc4efd79260f36985cc3f79a5c4c076f698a3035152dbc48bd2c6b626aa947f70f02bf2e991d61de0289c27b5a6a2eb83b51d0b4dbaeda09f68f8b506e49aa4dec4194f8c5efce145a306f05cc6b58410e4b01c302c855898ad518d843f9e9ee7c2d617269c951b5fdbcdfc6b4d7965260bece8b3376c1f760d247f7b2d25f702f7349f9f889446813eb7e4845e680ea0682a24b7a8616445d5c287483f28553f7859363f6", @ANYRES32])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
openat(r0, &(0x7f00000000c0)='./file1\x00', 0x2142, 0x8)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2888.140146] loop3: detected capacity change from 0 to 40
[ 2888.143824] FAT-fs (loop3): Unrecognized mount option "˜2e˜	cø]v�»ÏøJ3v6Є­Ò™ÐfaìõÎ_0¶aøcûu¦aØ*˜Ãb¥ÜNýy&6˜\Ã÷š\LoiŠ05-¼H½" or missing value
[ 2888.152759] loop7: detected capacity change from 0 to 40
[ 2888.157480] loop3: detected capacity change from 0 to 40
[ 2888.158439] FAT-fs (loop3): Unrecognized mount option "˜2e˜	cø]v�»ÏøJ3v6Є­Ò™ÐfaìõÎ_0¶aøcûu¦aØ*˜Ãb¥ÜNýy&6˜\Ã÷š\LoiŠ05-¼H½" or missing value
15:50:26 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17, 0xe1}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
syz_mount_image$nfs4(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x1ff, 0x1, &(0x7f0000000240)=[{&(0x7f0000000640)="d32bd19dba57a2c8550c8ff7cd49e9ed0eaca00f69b514d296fe97dbeb4f08e30a9a47f6e0a78491f5e51e477b1d7fe994d1e94482be0f4a665db8f1b55eb9ebf22b519223f804f06e9c88df938daca7866883a5480fcbc3c1ee03c763e8019021eb0e638148e846c61af116874022b6f1374e8c68da4384ff0ce69dc176b77957f9a45b088c27f6ada82ef8f1190f8d0943956391b51a84fffbb3b21f499b8bcc99a6d70c889ef3394a7c52aacdecdc4cc30517d7002f3fa5cee637cc38075f41ae095f4c42d6565f2a12be117596a7fbf84e", 0xd3, 0x9}], 0x10000, &(0x7f0000000540)={[{'\x00'}, {'*:@'}, {']%!.-(\\'}, {'ns/net\x00'}], [{@measure}, {@dont_hash}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00')
ioctl$VFAT_IOCTL_READDIR_SHORT(r2, 0x82307202, &(0x7f0000000300)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={{0x0, 0x2710}})
sendfile(r1, r0, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
setns(r3, 0x20000)

15:50:26 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 98)

15:50:26 executing program 3:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000000a80)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)="02a932cb8117defc208b3b9c1898422fb6f774e1143b3ddef13d6750f2cb050a83af6299aef3262fdaed3925cdd9d0671ba8d474574658bc1dcea4dbc0a1235575d206501243", 0x46}, {&(0x7f00000000c0)="0541630531fee66d2f3e13c48b2e3c3f103e832114a815c3722c763ca2f934e4ebaddb4b7d076bb5de9eacab1bbd427a1e4747ea", 0x34}, {&(0x7f0000000240)="25686a05f62ae97572445120372da6db8e28c2d57770f18fdfc9eab281c327e308074ba59bff7ac0d8ca477c1cb249f3750041098e0f5f6704bcae04c1006d34ee06933b80b22f70b0f319376e78a790c695ac671e5eb9b02449951df85320be43bb52f7076af16942abad1e3091e1128c57a6902760b854dfc5748b669be025b7c7708da501545c63ff6c94632e2144c6a5472e08ba38d0dc14ee1e21d74b5af581b1cc690ae69fde2f7e321e12d2522b1eab81dcba7469821fe5271bb7de1aa7a997458ff6cb79745c58e35b8d629ec0e79c641bdab11019b74ed1ab5b875a4cc9e4bc2d0e6cbb1a245ab60d", 0xed}, {&(0x7f0000000180)="adf6d8c57f9f9a56aa75a6bbab43c73ae2ecef6f30582b90db4a84a934e087df1ddcca62690d265f1bd31d7cb9fb904bea6b77bf4e9e8027283b8ce24cdd0f2e5371917cdbb12c360896f7b2df865b90ea85020038272dc145074670801c6b9bec295764f05b610a79a683a488dcc152ddb3d64060e44d87c47f790423c4", 0x7e}, {&(0x7f0000000340)}, {&(0x7f0000000380)="bb0a3347f3cd81c6f6738bcb0008850703912a0a0adc8254521b72777717863e18d9781553c4d1b48b150180b4f618902800447c38f0ff6c6667becc44fc035418e390fde43c8ba7a6a20558a622a33ee5d34d", 0x53}, {&(0x7f0000000400)="4138dcd69ff53fd067b330529d3964817fa46acad46448f2b31e7cf9d6d29b55546769ee8a3e51c1abf9f86aec5ef982744d821273a52e108f86b8a6ce7443e39a73957cabe3e3b76046b58814495f7f26444a5835fcb1242cdca6eefc5a655c3722adb8e1fd7b297f3b4a7ddbbf3766bfaef6f5f2d2a180e8cd1ed4e51121b572422fe6f2116f8931ae1bf56aa8df8d4e312aff099103562f4e8fd9d0d34ecbc6bbd22eb8507b9f884eb151732c50af31fac74aa8c77f4cf7a25335ca0c113a4a9e79406701cc4112131763f82fc7b8e14454bf4f607d0b5306f1484928096c", 0xe0}], 0x7, &(0x7f0000000580)=[@timestamping={{0x14, 0x1, 0x25, 0xffff7fff}}], 0x18}}, {{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f00000005c0)="f7bf8626018796f30bbf0a4dd3", 0xd}, {&(0x7f0000000600)="bc3888b491af4cb3cb9f9d282d7e816ca8d3bdfc56bcaf5d0db584af0139d115e3d38b0e9a098f21bbd9b4c9b3e68973753fb44880bf038e1403df0acb8d78b5926054649fc3d9916c402d0f5093290bb62b7396528d7bfcf03d", 0x5a}, {&(0x7f0000000680)="a5b76281d2adf7f5e44e8848b757fe1612b32ee27d34122ec760e5ad49b738f5e4921dcc181873a0c87946686db92b9086c8711d86f720d5fe5ef86106478645f263368211b2df276dcdb9985cb539eca76b4780b7627aa3bbf25ed7ed32789c68dd917dd8d779fc3911c8d2547f6bd3a209ec2924d5d05286ce424a3b45243e360d296160c05a3c", 0x88}, {&(0x7f0000000740)="43625252c3ce8c11841cee85837beca1bd1a3b6976e83fd230bc7eff26538eeaae15f25240a02b585130c354b59a3454b75dc9a8320901d6bec34534736e42ed76e62d9a02c50a85a1f9d40bc390221f49bc1d3102a3e5f5dadcfd808c7cc257a6f894dcef07191f5b3565ad0bc26718", 0x70}, {&(0x7f00000007c0)="e61c31d561e88dca69d523f42e2c43daba6709255ccc4ba6113fe8976d05428e29996b661a97d0087364f07259dd173616327758e09fde8cbda2b058ffff0e3c2e6f74213c069932da048c5fa4adea1b90e5c418a881da47af914b9aaa5f8658109e49de8ef438985ff6cc3a2ea954c8f1b002278c8873cbaa1a7c21dee7a739918d89154b1c0f17e740dbb87c5d", 0x8e}, {&(0x7f0000000880)="03cc843e536169525e92b923ff1d3326a08e9547e3b3d53e0122033b530e8e68ba25193a9a7b64457e724a313de4e0fe647beac9d29197c520f6ac486b1a55f86febeb452a7e13a6b17fc249dfbf3055a36fc14ab1d49f9c2123ee580e2b6e86f7d0b1ddb56102ff072370cd16b14567858161d558e4e9f75c577533b71468bb649e9e7e35a6892125858101e3b1f2dbf4381f082f575a401bcf095246ba0c420f22dedb594b198832677e875dbc2202a3aa2ceb40f4432b807c42c4402c1e8dc29880d8677a3085677f884fe22eeda3369c279a7a2ed13d93e0d4e362b6846e225177c10b294bc72656b1e778", 0xed}], 0x6, &(0x7f0000000a00)=[@mark={{0x14, 0x1, 0x24, 0x40}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @mark={{0x14, 0x1, 0x24, 0x8}}, @txtime={{0x18}}], 0x60}}], 0x2, 0x4004)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000000b80)={{0x1, 0x1, 0x18, <r3=>r0, {0x9ee, 0x35ab}}, './file1\x00'})
fsconfig$FSCONFIG_SET_PATH(r2, 0x3, &(0x7f0000000b00)='vfat\x00', &(0x7f0000000b40)='./file1\x00', r3)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r4, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r4, r1, 0x0, 0xfffffdef)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$BTRFS_IOC_SCRUB(r5, 0xc400941b, &(0x7f0000000bc0)={0x0, 0x1000})
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$AUTOFS_DEV_IOCTL_VERSION(r5, 0xc0189371, &(0x7f0000000340)={{0x1, 0x1, 0x18, r6}, './file0\x00'})

15:50:26 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 92)

15:50:26 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 78)

15:50:26 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0, {0xee01, 0xee01}}, './file1\x00'})
openat(r1, &(0x7f0000000040)='./file0\x00', 0x8000, 0x8f8ee6754d569efa)
r2 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x70880, 0x80)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0xfffffdef)

15:50:26 executing program 5:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x5}}, './file1\x00'})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x40000, 0x24)
setxattr$security_selinux(&(0x7f0000000240)='./file1\x00', &(0x7f0000000180), &(0x7f00000000c0)='system_u:object_r:tpm_device_t:s0\x00', 0x22, 0x1)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:50:26 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 74)

[ 2902.049459] loop4: detected capacity change from 0 to 40
[ 2902.061491] loop0: detected capacity change from 0 to 40
[ 2902.061992] loop3: detected capacity change from 0 to 40
[ 2902.064130] loop2: detected capacity change from 0 to 40
[ 2902.066699] loop6: detected capacity change from 0 to 40
[ 2902.071774] FAT-fs (loop4): bogus number of reserved sectors
[ 2902.072510] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 2902.077649] loop7: detected capacity change from 0 to 40
[ 2902.088032] audit: type=1400 audit(1683820226.627:10): avc:  denied  { relabelto } for  pid=12100 comm="syz-executor.5" name="file1" dev="sda" ino=16077 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=file permissive=1
[ 2902.153562] bio_check_eod: 5 callbacks suppressed
[ 2902.153584] syz-executor.3: attempt to access beyond end of device
[ 2902.153584] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2902.155974] buffer_io_error: 5 callbacks suppressed
[ 2902.155991] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2902.205052] syz-executor.6: attempt to access beyond end of device
[ 2902.205052] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2902.206653] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2902.210333] syz-executor.0: attempt to access beyond end of device
[ 2902.210333] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2902.212033] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2902.219149] syz-executor.2: attempt to access beyond end of device
15:50:26 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(r0, &(0x7f0000000100)='./file1\x00', 0x101042, 0x180)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2902.219149] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2902.220979] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2902.253811] syz-executor.7: attempt to access beyond end of device
[ 2902.253811] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2902.255437] Buffer I/O error on dev loop7, logical block 10, lost async page write
15:50:26 executing program 3:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x2)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
write$binfmt_aout(r3, &(0x7f0000000640)=ANY=[@ANYBLOB="eba22af1f419c1d0f0fe8046175c09ec8bc529bbea92216ae52923a6a0157f27832181bbb7d97ea074e2683390de75e86d74d7a3ab49cde1533a16535c61f2ba5bf0a9f2c91b544e7f366334d8ccc3bb4ccabbda295c074ac0fa4258066f3a7fc2d8", @ANYBLOB="5ddaec548c3c09fba9af4b05c7d12b20a8eebd8af8b7fdab58a1a1a96d0a1b45f6111a671d31b69b4a513f43660a56cb61680ba96970b9ca4e8e56625595881770d3d47e929b50f0410da89384856f572bdb1f5bf29aa1745a09af6ce49176b6f87944e9437ff6157c289901d8138297d3bb22582e46ccf236c9afe1f0b9677116d39a26c60998e2e9a6f40e2fab00d8d479969188119a247c4b3a394393175beefd66b60649b75a9f95a6fc8b1bd0edaa546a805d192e6eca613cf94d9ac4085251c264715786e6c2126c8498f710c55f436463139b02f5acf15bd0b6127c2db2ce100f01b1b4cd324195239058c3eea8dd287f92dfac48e14f31a2135bc17e71a2b4c77408b5b1bfb57d2d8a1c5fbad14054685eba8057af4f8f302b3b910c0201efd975e663aa8112cbcb692276bfee73cc0880f1c74bf3f4b73ffeb627bd1edf47091e2c5f25b9488445ece622f32e5a298119689e3170d99a3827d33004475a8495221791632a962cbbe2952ddf2f8470f7ad6e3b9dd7e400fd381aae1fca1f5b64d0a94f6cdeb563f7944d1c19efc89db4f272b0eea405c3c4cd31153ee155c1af66975e080d088d576b979339b533ce1c00505fe92514c67a5c033f175bcc951fdb81fcbf24e5fcbab4db676f9a63e2353eb4d4d931ebc47ac87e895df7ec8832f3b48284a5307dbdc6afa0d14a1329f4940171ff4b942d374d814ddcb079ce27ffd9f60952cedaf7cbcf45549fdc88deea1aa8cb30e7399faf45d4383971b537d1914a5ecc97bd0408cfe7dbdae3542aefc943c59c3c6dbb745bec91143df2026bb4ca930eae4181fad9df83c4689f424b7732ce60390a5ced180580cd1aafb6be226348e0bcdf610952f4d8f204e47d4d1fc2ea05cb4099c6feda23f04aec8d29630985ee172767078ee50f88d5c9c4d489739dfa3517b98c1d648dedc4462f504363f1fb4c9848493d89411900b0b34a070cb912bc7471e9e24e8bb3f91d119bf666dc12bf169e8ede9a12d27e24c466a8743288d3c7ed731c4d7d433489a83fd796be8025f9f426c8565dd68e7e11438ed8fecfdf69c151dd0a8fcfb1c9303e4c5c1195f291b9521d6ef8311afa2b402e47c16a8ec7279190d798a56140f93570016add9d6cd296bf0a347c9dd5c9d3d387f6502868731685fc9aa9eaf356dca39775063160fd14374a956e3dbc85e218fdabe3405154dcbb5750257830134b0028f284de6694794cd2d7c122830d703e79129870ed0b9d9b5ff7d9e2dd5a64b0ca44fcd197a9bc3cbdc896bd526c7ff1aefd79a656251d2e4c04eed0dee8f133af2ce57f7a039faf1092e717455f97ee74d3cb9584c01c7942d19b9e96d3cbdc6b364f3f78570716c17d1023f1ca80d6943dc012bc4eb93cfe64322ee3f56eb51553e7ebca5b3a90363c46e0e87b1aefc53bc343e9c7263c0738b2983ee4a9a297e5075c37d559e416c0c39dcdca809e3581255b6cedbc9235cac4c73ad5ad3cee6ca767487b03f90072fb87977eae0a4a3256a21734501f1d022005cfc87d55572c27cee62e23b75746aed3df88574ea3e20a3369ad7f6214fa0e3c64bc5ed8214f79bd381c242210f62dae571a2ef3cb59dabe7d16da4d850c497659549fba9d46aa5574f6da857639da2d0ccd24a77566816a8d0b05a9cdd20689c0be204985bdacba2750fefdb1106c8e12296023020f65efdb681ba530dead97cd0382fa375490abf78e13115134d5801ce3f38ec6710190d93e55e13ab2c8fcb11b2e8a5b8254e87ac3dd9f4b863afcf3b77ee2521088fea456789f1d23018c0f38bf7de1c1875c8b3205b07d2038634b88ecb55ba9a27ccd21b7a770cabae0af68c1e77a47403bfafacc57a50749e98ca07e216f763f6e54bc98507743a78430d65645c8ca5750963efda77cf4919e1613575554260b908f370b2d4626f777031dd4b35f39d49cedbccbee5a46150868a4eaa69a8cde41e5c9acfcbab5586da88c8a2f5ea8f6469013d5e58102a91e3f2c2826b1ed6e13c88a7cd61f2024ce84e871bb1d7c98e168a143503e3c0fc20fa2d61ef468fefd0f040c564dd7899ca25e2a891686edcc8454b5ee7df10030a43e42fc0dcfc57eb6942972082a17b3db8094bdd2c342993a967a13aad1701a69300cdc87d428ab0e97f129a33a5618e4e4eb2e0e388f030244068832053a46eca7273351ad570c1da7ac478119becf36176457ebabe91bd3d438792580eeacab303e55243b5afc89b337cabbd7362cdefa55947456620ac98f4cce8dbd248f004bc61b808c0d4017bc7a04df2f8ccf83bfb6ee3a5c834366e81c22ee09c4c54284bb0a3484944189a94e00b81e0e4fde15e1d81241f426bce9c3ac6eb63defec5697d562b54b0e7be032f3e7a20779e7bd828052d8bb5541ec41d31ccdf30357db37159d27b0018fe704584a4c79737e6e7bf86d6e26361933271c4c7b85e0b7d051f5e2f1446ae25ea23bfac6685a8543f8df43b8243974901aa0abe3582381ff270923542dcfa4403f48e5b05b31d88a7a919a348f50fb0d94a33910c969424508ed3e74286b6b1eea3666df9c084a6ea15f88e2584e9b30b8fd7c569adab229a52bc8ed3cc25a29b6722bed7d9fc7d9bb9ad87924d4c066528351f5d429e45cdca8a4fd550761412f6af28e4934c8bfc8a7dd08e999731d6cf8251793d8576f751198ddd850641d908ceca8ea742d046b365274bf8f3c5600f30802079aef5d37504f52af49e255393af0153b6ec5439b5f9fb905e14c7987afe878401e8c3e12d7a75e694a8c4c1987f91445f6212b8e964e72c39dbe5ad65e9e5f54e218691415854caf0c00c62fe1d2a4e92d6d4200b09ed838d57eb843233da3e5a887ad6aaaccb1cbedc3f06639c0cfb1dc0cf2ba4486bc359671e8907d85f4736ad4afa86ff998319e550863e27ac3ad6bc76cce1e742b41acc0210c6727671041468c6aaf2e4d600fe3c5a2c128930a755b47e678ee0b867658d43c61449c08e7d0d3b6436f0124336cb28ff6bda70eb90dcf8bebe13400574b67c9626f2cd436dbf0f31a55341506411f64ee12e3e7c9efbcc760bd81f8ac259c96b60ddb5595a56c599072ac7149437321bccb3e2ee69544f1aba7b15c78d92f23c6f715a53bb98c5f1cecadfa1d9ec77d67df7548c4dd422d4d342aa2cf33a96f0891bed9887add35c31be3b34d470c5b8e7dadae33f8f942275779736cf5c3739e981094d58404176265e9e7b3b5b0ac2bc5451ccc650a2ebd8287060cd905c38307b3d309b84307586c36bec57e7540dac9fe67f2d84fa816dd20ce4ad27c25b05d00a3643b1961b00fb996240a625c062d90c195853f6bad675387d5a0fd654ea481b68b7583510acc1bda2bb6971d21129fcde1714a645177fe5220410155c906861150fe15bdc960099f6c75369d30410c351ea47d4f7bfdae83b037fa1de044acbe9af395e7904ef94452d5db0ec2a48b7a1c6f6007320a978131b096f672b29f67124272ed96a9fcb9bdb908991554414a6efa82333c25d5476d3a0bc0a27f724da0335354c62a0c7b06ecc4365bb17b32078ce6138738db72efa44800649085479e902f4a917906c256c12efd64b3d37e5a192063b71c6bcb332c3d6094a30663a90b77e1d51bebd29359f38dbd984daaf43447da55ca2fd37c2054d4de3a1ee1805ced652d628d2cce11025ef855462e10a63cca0089478e15dd4e8599aa12394943efe9385f33404ac50637251e565ec37d30c7d7c702b24c134615a316850aa1901ab95ee9a89da729a4e3d08cb3f1d8bdcc3432f5a2b5608d819dc597524e7bab0f2c7ec95dbd6775dabb46744f211ae1da0dd59bd4709c27123d525ead724bf025a476332ecaeee3408cb31ac05875e2ce5dcecaa9530425836b09422978265eee9c89713adc898d9ff9d286663c3d5cfbb3124723b8a0a2837b43360610d773e6778634a924b662c504cba2bf6bdde381dbf143d67e9b85e4f5f57a590e37e6783c5065168869fbaaa43f09ecca41ec39c51500beba063cc8fb1e7b71d625d26a0af5387e7d1a887be3518be951d9799e14bca7d5f9219285a0f608e91cb215be9f2fe970fb44c689794bdfc7df9e5372ac6bbf663f1a50898a3fd9f15f16078588340d85c730c15421dfa27e78e2f13831977eb8f36f234e5541d130182df21f7d43eb8cc6c0c2e988cb5559e7d3bb16bd94d150335d65da2860c82ada969d32e5daf17600263445334ff22c8ee49554761b74864f0bef3909933a2c11578a9f97bed76a16c93bc2b4ac1677481ca3ae699937f5eb1383ab803e7e45002fd2448b010c8b768e7cb14520cfb1227f387a18811db6dbd54c5938b66b0ad1ae4fd01884edfc9438a41efa4937c4c709b91ab46225ac84c274bb4c24b1578cfe9440ffef227bc4a7cb7224ad9aae78620be5f143d0ab6e216288df74d6d387e208c3308ec3692cbb508fe954c9864336d27976bb9ab4a42782261e1d524271ea163547c85792fa990ddd47228d83e6935ee1da5363e101e78495335cfe83fed4d057669324aa8705718146aa88ff41bf6abc1f068b7aa1a30e488333dd8ea22bc2a44f1dc7129bf9649c0046b626ee58c7640aacdca3c2136c4ae84ad5fcce1fff4fb360c4112d78b0d30996462c05ce23bed28c608dcaa34bd8874bff64f3f32cd02d33f7f55c60ed3ff2f48da05fe20ae01926d67c289ea0ba04a4cd42fc12a5dcf04cb0e7a4be15d90d5377c47fb37cad9fe22e4101b9bc0f283c73afeb26f856a3269c023511626d8dd38aed94e8f948524613db1c672a46b65bb3aa86ec48826c26ecf461d1e76754823342b16b64e4b474654205b1a0458563add8bd2aae0fc9dbd1231e9fd2276527091c835d23db4b48861299376109fbc39363a8b8fe68d613d2e1fc8a6367e7be454f5c7773e5130d691ecc198a12784e94a5b1567d09ec097786bf672d879462fbbd2df59d6e100f84072cec82efdcd938153df5dd4f991831a3d384678e298ac84ddfc05830e73118b88151c70514dbc65e59f7eea002bd18264e8d8dd4a3dda5e637af0aea64fe842a53c13b169fba1f6837fd14efba0b9dd6a25de4d409f7d05b2792671cf865d2fff393f81e6c477f881b0a53146b774c440a3c7b70bc3eb4bbcc8fd562f0db1b8715b9bde2ac0b198a1d672d844a5ed28a6999197067860cd62abe66610389dcc8c9ae2a1f1ebf8c05f0003b7c68a271f97baad09a8fbd2874e277446371ef8756e5935a1f4b177f951b189d22cb6dc44bb964aa86b695710cc5b49eefaba6be40035f1342dbbe92cd32653ba373d77795d91da8736642d5d8db84cff3c487be1bae418d4ba5e6a56ca7442ae53667a17fa03ac9ca12695d1fa99cd6b8a3fcf9338b58199aea270dc621af17bec40bdc9fbdf2d30db09dda071ec4b30da78e38b9ca5cd51107816c4712fa5359072c112023b85e3c5d55e10dc1fe621f9b96af5fea0fa7cc1edef39f7a26e21b7cbc770078a36602b5b37484573fc925a0cb0417e7551503bcbba3a8aef95f0295e7d177e803f8afd639ac786d274746ab20dafb280a531e1434c809e8d09b57aeb3718087df87377295840cb96daedb5e96e372b337baf8d7026d139bdacde7890df1bd684801e7f2d505137e1560f069de49e1b2e4ab61e16a40f8f80e360b16989b2011eac668c50e004338964af018d9197d477a622ed7141b93028a9399ce96aaddbb8068f372ae0229c9cb20762dbd793bb60244c58da6cd05d8a704adcb75def6bdeebf005930776a", @ANYRES64=r4, @ANYBLOB="844524cb46f893e67d6ddd8b707e837bf00c3c8fa84e959fa3847ecfe6d67206eb7963c0e77ac3aee0bea3f196aaf8270d1b409f1e401940112e93a749995b30f59701936ddea014bf09d23c13d993980b01adfa"], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r1, 0x0, 0xfffffdef)
openat(r2, &(0x7f0000000040)='./file1\x00', 0x40, 0x2b)
openat(r0, &(0x7f0000000000)='./file0\x00', 0x202740, 0x954631c497dfe055)

15:50:26 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 99)

15:50:26 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 93)

15:50:26 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 79)

[ 2902.398609] loop3: detected capacity change from 0 to 40
[ 2902.425513] loop0: detected capacity change from 0 to 40
[ 2902.550210] loop2: detected capacity change from 0 to 40
[ 2902.551616] syz-executor.0: attempt to access beyond end of device
[ 2902.551616] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2902.553448] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2902.561004] loop6: detected capacity change from 0 to 40
[ 2902.688181] syz-executor.6: attempt to access beyond end of device
[ 2902.688181] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2902.689758] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2902.695179] syz-executor.2: attempt to access beyond end of device
[ 2902.695179] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2902.696863] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2902.891295] loop4: detected capacity change from 0 to 40
[ 2902.892221] FAT-fs (loop4): Unrecognized mount option "./file0" or missing value
15:50:40 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 75)

15:50:40 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17, 0xfffffffffffffffc}, {0x0, 0x0, 0x2800}], 0x4000, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
accept$unix(r0, &(0x7f0000000000), &(0x7f00000000c0)=0x6e)
r1 = openat(r0, &(0x7f0000000180)='./file1\x00', 0x101042, 0x1c9)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:50:40 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
truncate(&(0x7f0000000000)='./file0\x00', 0x7)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:50:40 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 94)

15:50:40 executing program 1:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
openat(r3, &(0x7f0000000040)='./file1\x00', 0xa4c41, 0x2)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f0000000000)='\xe1])\\/&&\xd0&\x00', 0x0, r0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:50:40 executing program 3:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(r0, &(0x7f0000000100)='./file1\x00', 0x0, 0x8)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0xc6)
write$binfmt_aout(r2, &(0x7f0000000000)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r3=>r1}, './file1\x00'})
write$P9_RREADDIR(r3, &(0x7f0000000240)=ANY=[@ANYBLOB="be00000029020006000000100400000008000000000000000300000000000000040000010300000001000000000000008b8a0000000000000107002e2f66696c653001030000000200000000000000ffffffffffffffff0307002e2f66696c6531400200000002000000000000000600000000000000a507002e2f66696c65300400000000030000000000000003000000000000000407002e2f666900001e0b0000000000006807002e2f66696c653000"/190], 0xbe)
accept4(r1, 0x0, &(0x7f0000000040), 0x800)

15:50:40 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 100)

15:50:40 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 80)

[ 2915.973564] loop2: detected capacity change from 0 to 40
[ 2915.977404] loop4: detected capacity change from 0 to 40
[ 2915.981051] loop7: detected capacity change from 0 to 40
[ 2915.983598] loop3: detected capacity change from 0 to 40
[ 2915.986450] loop0: detected capacity change from 0 to 40
[ 2915.989267] loop6: detected capacity change from 0 to 40
[ 2916.097815] syz-executor.0: attempt to access beyond end of device
[ 2916.097815] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2916.099615] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2916.126814] syz-executor.2: attempt to access beyond end of device
[ 2916.126814] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2916.128413] Buffer I/O error on dev loop2, logical block 10, lost async page write
15:50:40 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 95)

[ 2916.154504] syz-executor.6: attempt to access beyond end of device
[ 2916.154504] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2916.156246] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2916.173911] syz-executor.7: attempt to access beyond end of device
[ 2916.173911] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2916.175558] Buffer I/O error on dev loop7, logical block 10, lost async page write
15:50:40 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x200, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x1a0a4a0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:50:40 executing program 3:
bind$802154_raw(0xffffffffffffffff, &(0x7f0000000340)={0x24, @short={0x2, 0x1, 0xaaa2}}, 0x14)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17, 0x7}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000040)=ANY=[@ANYRESHEX])
chdir(&(0x7f0000000140)='./file0\x00')
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240), 0x4000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(r0, &(0x7f0000000380)='./file1\x00', 0x2000, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$security_evm(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), &(0x7f00000001c0)=@v1={0x2, "eeb4aa40a194d463"}, 0x9, 0x52422893b9c76efc)
sendfile(r2, r1, 0x0, 0xfffffdef)
chmod(&(0x7f00000002c0)='./file1\x00', 0x28)

[ 2916.265842] loop0: detected capacity change from 0 to 40
15:50:40 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 81)

15:50:40 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 76)

15:50:40 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2916.378025] syz-executor.4: attempt to access beyond end of device
[ 2916.378025] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2916.379580] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2916.387269] loop3: detected capacity change from 0 to 40
[ 2916.392223] FAT-fs (loop3): Unrecognized mount option "0xffffffffffffffff" or missing value
[ 2916.424121] syz-executor.0: attempt to access beyond end of device
[ 2916.424121] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2916.425876] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2916.428451] loop6: detected capacity change from 0 to 40
[ 2916.429407] loop2: detected capacity change from 0 to 40
[ 2916.456526] loop7: detected capacity change from 0 to 40
[ 2916.466144] loop3: detected capacity change from 0 to 40
[ 2916.496447] FAT-fs (loop3): Unrecognized mount option "0xffffffffffffffff" or missing value
15:50:41 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 96)

[ 2916.591241] syz-executor.7: attempt to access beyond end of device
[ 2916.591241] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2916.592988] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2916.594918] syz-executor.6: attempt to access beyond end of device
[ 2916.594918] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2916.596801] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:50:41 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0x706, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000300)="52c97387b705af409f001bc672bde933b28390460b32f1b7bb82139ea0a43a5012f4d8a90df70946ed1e657b0c66316621ccca65ba79029aa5f425a6a7465add3e47e384fa6a749c4c9569e5320e7f8fd18d59c1396335ac71c51a9e8a37d8b85245790f598a772c7bfb3e3ba46de830de1bbf68ca0f11be97156e331daf76d40714d355c7e5c59fb2b7f06b4c4eea4e58bf7da61853c1d34a98db8b8f926456642fb982ae1efed1343ed7179cc7ccacd148f47c9f03d6a022b1e776b58a1caed7e4ec39868b9b94cc6613360dcf14d4e1df93530437574e82d6e1539ae6bd38c108fafb28bec2351a31", 0xea, 0x6}, {&(0x7f0000000180)="4997ffd57bc69a2423117a19b41ac315e960ec62ce48a7f666fa0e6e19a44ba4a96b3cdd", 0x24, 0x6}], 0x22, &(0x7f0000000240)={[{@numtail}, {@shortname_winnt}], [{@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]})
renameat(r0, &(0x7f0000000000)='./file2\x00', r2, &(0x7f0000000400)='./file0\x00')
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2916.605039] syz-executor.2: attempt to access beyond end of device
[ 2916.605039] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2916.606666] Buffer I/O error on dev loop2, logical block 10, lost async page write
15:50:41 executing program 5:
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200), 0x410, &(0x7f0000000040)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0x0, r3, 0x0)
mount$9p_virtio(&(0x7f00000002c0), &(0x7f00000003c0)='./file1\x00', &(0x7f0000000400), 0x2000800, &(0x7f0000000440)={'trans=virtio,', {[{@loose}, {@fscache}, {@cache_loose}, {@access_user}, {@access_any}, {@cache_fscache}], [{@uid_eq={'uid', 0x3d, r3}}, {@subj_role}, {@dont_measure}, {@fowner_lt={'fowner<', 0xee01}}]}})
r4 = openat(r0, &(0x7f0000000080)='./file2\x00', 0x80000, 0x1d9)
setxattr$incfs_id(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000240)={'0000000000000000000000000000000', 0x31}, 0x13, 0x0)
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$AUTOFS_DEV_IOCTL_FAIL(r6, 0xc0189377, &(0x7f0000000200)={{0x1, 0x1, 0x18, r1, {0x7f, 0x8}}, './file0\x00'})
getsockopt$inet6_opts(r5, 0x29, 0x37, 0x0, &(0x7f0000000300))
stat(&(0x7f0000000280)='./file1\x00', &(0x7f0000000340))
openat(r4, &(0x7f00000001c0)='.\x00', 0x1, 0x792d5af20ef6eb75)
sendfile(r2, r1, 0x0, 0xfffffdef)

[ 2916.704009] loop0: detected capacity change from 0 to 40
[ 2916.711240] loop4: detected capacity change from 0 to 40
[ 2916.751305] 9pnet_virtio: no channels available for device syz
[ 2916.783350] FAULT_INJECTION: forcing a failure.
[ 2916.783350] name failslab, interval 1, probability 0, space 0, times 0
[ 2916.784942] CPU: 1 PID: 12186 Comm: syz-executor.0 Not tainted 6.4.0-rc1-next-20230511 #1
[ 2916.786175] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2916.787177] Call Trace:
[ 2916.787506]  <TASK>
[ 2916.787799]  dump_stack_lvl+0xc1/0xf0
[ 2916.788450]  should_fail_ex+0x4b4/0x5b0
[ 2916.789047]  should_failslab+0x9/0x20
[ 2916.789682]  __kmem_cache_alloc_node+0x5b/0x310
[ 2916.790328]  ? iter_file_splice_write+0x169/0xcb0
[ 2916.791068]  ? iter_file_splice_write+0x169/0xcb0
[ 2916.791823]  __kmalloc+0x4a/0x160
[ 2916.792394]  iter_file_splice_write+0x169/0xcb0
[ 2916.793111]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2916.793791]  ? __pfx_generic_file_splice_read+0x10/0x10
[ 2916.794635]  ? inode_security+0x105/0x140
[ 2916.795320]  ? security_file_permission+0xb5/0xe0
[ 2916.796096]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 2916.796800]  direct_splice_actor+0x113/0x180
[ 2916.797464]  splice_direct_to_actor+0x33a/0x8c0
[ 2916.798198]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2916.798965]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2916.799636]  ? security_file_permission+0xb5/0xe0
[ 2916.800401]  do_splice_direct+0x1bc/0x290
[ 2916.801052]  ? __pfx_do_splice_direct+0x10/0x10
[ 2916.801817]  ? lock_is_held_type+0x9f/0x120
[ 2916.802420]  do_sendfile+0xb1d/0x12b0
[ 2916.803067]  ? __pfx_do_sendfile+0x10/0x10
[ 2916.803765]  __x64_sys_sendfile64+0x1d5/0x210
[ 2916.804352]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 2916.805126]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 2916.805881]  do_syscall_64+0x3f/0x90
[ 2916.806433]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[ 2916.807189] RIP: 0033:0x7fb41b187b19
[ 2916.807774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2916.810332] RSP: 002b:00007fb4186fd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2916.811486] RAX: ffffffffffffffda RBX: 00007fb41b29af60 RCX: 00007fb41b187b19
[ 2916.812442] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 2916.813511] RBP: 00007fb4186fd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2916.814696] R10: 00000000fffffdef R11: 0000000000000246 R12: 0000000000000002
[ 2916.815561] R13: 00007ffcd9ca88ff R14: 00007fb4186fd300 R15: 0000000000022000
[ 2916.816607]  </TASK>
[ 2916.857941] syz-executor.4: attempt to access beyond end of device
[ 2916.857941] loop4: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2916.859775] Buffer I/O error on dev loop4, logical block 10, lost async page write
[ 2917.557338] 9pnet_virtio: no channels available for device syz
15:50:55 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 82)

15:50:55 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x4, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

15:50:55 executing program 5:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x800, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@fscache}, {@loose}, {@cachetag={'cachetag', 0x3d, 'vfat\x00'}}, {@aname={'aname', 0x3d, 'vfat\x00'}}], [{@obj_role={'obj_role', 0x3d, 'vfat\x00'}}, {@appraise_type}, {@dont_measure}]}})
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)

15:50:55 executing program 1:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
openat(r0, &(0x7f0000000040)='./file0/file0\x00', 0x4100, 0x1)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000180)='./file1\x00', 0x1, 0x7, &(0x7f0000000700)=[{&(0x7f0000000240)="b8846ef0626e6f24708c0f78b6a17edfd7e7f4f24931cbdeaf5feeafb71a6eeefcf04d737cdf9116297c064e066f9c616e6af7a15512c02ad08929fe20d3e00956cfab106ae48963bad6d60f0bbbc06daf350bb420da4608cf66ce767ca0d16f75b517511650d89ccd62f6dc7fc6cb5727f6fa49136d6789fbbbe96895b052a98e6200fe34262f44d20c4de4397b879ab005993c23", 0x95, 0x2}, {&(0x7f0000000300)="617392df5c327ef7c529fdb201dbb8da471d5428f2060918c4e3328b101a880ad35d43631f839796265db9b939e035fddc629fce90f37f8cdd3c2c2f0020f2169dd8af35e9f5079fb704f6b73eb24afd0a0fde6bf48db307fb4bf547d1eb9bda99206b0b78e49c201a72c5fc8f76db3e4244df7a9f1c7cbe", 0x78, 0x20}, {&(0x7f0000000380)="0b5db73a413c7e976ad0e95153c28a4d6e096a31f8cfdd9d73a34f3ab003ffa600f0c4b0683b53f1c39dd3ac5c9f1645ed19052c4b2143c42b47b9497c44b77214d091548a7d3373f39186934ff9af27a8c0a515d23b11edc42613d5a0245d087e2413a83111b0d977b775955887a0b9d6a2461ca74b12839f67228e211a232db967c6511bc36f9351b9bdcf1ae8c05f7ba28de9aba425", 0x97}, {&(0x7f0000000440)="7d8f0b6db3e05c84e028be3658a7c564010d4eed550a9261a288081375d524fc7e28867bba4032f407cd91c062f4bf76eed66b99fe9c4d590ff4b62e8ca4eaed703fb0f5544aeba847f35c9839cf7343e0e1c59ca95234ddf45d070c77db", 0x5e, 0x6}, {&(0x7f00000004c0)="caeba922ae196bbe7b3cd4e6e4d77a6a6b38489a24f7ad33cf107ea0218092883b3c50591d8b0a43b5019836c9fb7eb453090923d656813d3eb3872597ea82d28a9a3b84b1334fb84658f4fa58f0f4a879497cc7653ed140e681ffb0ca9696bc966245b8f17fdb4f90dbee2bcca4e0927d9fd267c399a288febe56a7739adff815c8b8b6f60c0322f8653025deed2617fb5ccfe349d95a88249e91646131ea174200fdba756c0e16424a24dd445b6394aadb", 0xb2, 0xffffffffffffffff}, {&(0x7f0000000640)="2dfab260f77bb70b9196c8b74de582230835f9af212bbfda6e17bd2addb6462537d761684bf5301a451e38f2682f685cc5358d93d9e85b54036d2a25e7a853577e163e2428bc2de9ca035117c0465711e560b3f0a796a64a77875fdb496bdf6d5372be940c636072d7009f1baeebe51a0d89afffec8716ee434ca413d2db2f50db32563507f799ef2a23969b5310b419f1", 0x91, 0x8}, {&(0x7f00000001c0)="5956927e8138b5", 0x7, 0x8}], 0x804020, &(0x7f0000000580)={[{@rodir}, {@utf8}, {@shortname_win95}, {@shortname_lower}, {@uni_xlateno}], [{@uid_lt={'uid<', 0xffffffffffffffff}}]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
r2 = openat(r1, &(0x7f0000000000)='./file0\x00', 0x0, 0x6)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f00000007c0)={{0x1, 0x1, 0x18, r4, {0x1}}, './file0\x00'})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r5, &(0x7f0000001180)=ANY=[], 0x220)
fremovexattr(r2, &(0x7f0000000800)=@known='trusted.overlay.origin\x00')
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r5, r3, 0x0, 0xfffffdef)

15:50:55 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000040)={@rand_addr=0x64010101, @dev, 0x0, 0x2, [@remote, @initdev={0xac, 0x1e, 0x0, 0x0}]}, 0x18)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
add_key$fscrypt_v1(&(0x7f00000001c0), 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(0x0, 0x0, 0x0, 0x0, r1)
add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)="8b", 0x1, r1)
request_key(0x0, &(0x7f0000002680)={'syz', 0x2}, &(0x7f00000026c0)='\x00', 0x0)
request_key(&(0x7f0000000240)='dns_resolver\x00', 0x0, &(0x7f00000002c0)='\x00', 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bind$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x8}, 0x14)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0xfffffdef)

15:50:55 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r0, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat(r0, &(0x7f0000000000)='./file1\x00', 0x200200, 0x8)
r2 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef)
r3 = fork()
ptrace$setopts(0x4200, r3, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$setopts(0x4200, r3, 0x800, 0xb)
r4 = dup(r2)
perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x81, 0x0, 0x9, 0x5, 0x0, 0x40, 0x50108, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7fffffff, 0x2, @perf_bp={&(0x7f00000000c0), 0xf}, 0x400, 0x9, 0x4, 0x5, 0x3, 0x5, 0x80, 0x0, 0x1, 0x0, 0x8ad}, r3, 0x3, r4, 0x0)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r1, 0x8030942b, &(0x7f0000000240)={0xffff, {0x4, 0x400, 0x41, 0x100, 0xff}})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
wait4(0x0, &(0x7f0000000300), 0x8, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r5, 0x8008f512, &(0x7f0000000040))

15:50:55 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 97)

15:50:55 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 77)

[ 2931.302770] loop6: detected capacity change from 0 to 40
[ 2931.310210] loop3: detected capacity change from 0 to 40
[ 2931.364122] loop0: detected capacity change from 0 to 40
[ 2931.365179] syz-executor.3: attempt to access beyond end of device
[ 2931.365179] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2931.366185] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2931.370798] loop7: detected capacity change from 0 to 40
[ 2931.374091] loop4: detected capacity change from 0 to 40
[ 2931.380917] loop2: detected capacity change from 0 to 40
[ 2931.390938] syz-executor.3: attempt to access beyond end of device
[ 2931.390938] loop3: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2931.391983] Buffer I/O error on dev loop3, logical block 10, lost async page write
[ 2931.492682] syz-executor.0: attempt to access beyond end of device
[ 2931.492682] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2931.494225] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2931.525284] syz-executor.7: attempt to access beyond end of device
[ 2931.525284] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2931.526745] Buffer I/O error on dev loop7, logical block 10, lost async page write
[ 2931.553547] syz-executor.2: attempt to access beyond end of device
[ 2931.553547] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2931.555220] Buffer I/O error on dev loop2, logical block 10, lost async page write
15:50:56 executing program 3:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e21, 0x7e000, @empty, 0x6}, 0x1c)
chdir(&(0x7f0000000140)='./file0\x00')
mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0xc0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
r3 = socket(0x26, 0x80000, 0x40000000)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(r3, 0x89f6, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x29, 0x40, 0x2, 0x400, 0x9, @private1, @local, 0x10, 0x8, 0x9, 0x8001}})
write$binfmt_aout(r2, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0xfffffdef)

15:50:56 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x10)
accept$unix(r2, &(0x7f0000000180), &(0x7f00000000c0)=0x6e)
sendfile(r1, r0, 0x0, 0xfffffdef)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x80049367, &(0x7f0000000000))

15:50:56 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 98)

15:50:56 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 78)

[ 2931.659112] syz-executor.6: attempt to access beyond end of device
[ 2931.659112] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2931.661014] Buffer I/O error on dev loop6, logical block 10, lost async page write
15:50:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 83)

[ 2931.710854] loop3: detected capacity change from 0 to 40
[ 2931.777981] loop0: detected capacity change from 0 to 40
[ 2931.794045] loop7: detected capacity change from 0 to 40
[ 2931.853010] loop2: detected capacity change from 0 to 40
15:50:56 executing program 6:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
openat(r1, &(0x7f00000014c0)='./file1/file0\x00', 0x200, 0x20)
r2 = syz_mount_image$nfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1, 0x3, &(0x7f0000000180)=[{&(0x7f0000000240)="35a60a5d09279bbb42e6d6be3cf5d3dc865ec3251030681d31e50c41ab62b27be34b5bd358fcf09abab390399f6d16b1d1c0e21c846e29a371f16ce5edeb5c9f85ef2a3e68a3bd897b6ffe05be59e1dc0f326c9f3b1e8230292d5e436127a1a5a3eb817d3ebb75719adb50a863de5439fcdd9364e52fb77e48fee40810a4a4dcc5a8ae519d6499908b482b99efd4c90bf96dab41cec4f39222d2d46651ac64df9d40facc4f1f34c4cff44e902b64c417f816556fbec690ddf2942db15928974340e42415f6d7ccba4f784c96f3cea86bf8d0b3b6c8", 0xd5, 0x6}, {&(0x7f0000000340)="60bf84f9dca0ebd820d5ba6236ae3a9de4bd2c7a6bffa4700ce1aa78bbda18acb4b90d4c9fbd497887eb9114a6936313b2701f7a621dfb48bf4761a0b3118e659533fead7586353ded11e49cfabf59b6a68ae58fdb20f1dae30c0df6176318c01d5843b98453e32d70259fd722a6d189433572b1a92d897a1cb1af02471c1b08abbb42e57eef40b5ac8cc6fce4c066ada609e33a71fa87ee7f882871934686e70853f3f38142dcefa3d0349de29d74f39c0ed3a2a0ad86cbe6b73517ccbb107f59f624c52680868874e68263b617500847c3686e35452dd09771cb44dc349200b5", 0xe1, 0x3ff}, {&(0x7f0000000440)="0ef59de3b8083d54557a41f838557c8de63d0b3563622c89d388c9acf5a679e06c032963290f1c6eca89a7ca678a714e3f381f433d6cdd26b30176a6379e9d7cea164a03bde77a4a737f15e4e9f61ec86a531de1654dc1c92dd67cebbae38decdbe1eb19276822b3971b91af385a9f8746ff06abc222bbb41b6ee678e50f3dad810f8595fba65a7d63ea54fa9f3722003cad3c6c8e2174aa0aa858b48b93a2b76df1e81dda58fd7f97c844411451e614aaf7e2f10111105984c686cccedfea7023e224237f26551e05c4b4645e615dcc73a58f4f8261dff9ad5891caecef6fa340b187cac0ced93ad234f8921fc1a6f616ab90155ab230e8690c59b6c36b8c0de366202dddf6de09e5bfb297b72c89030757f381ecc8ace1311a22f04ad5b9161e728637cf5336f694ccf674eec36a6c728fd5feca7abc814d67c9a197b6a9a5130e2d6dd368d1a23dab17cc16f5642e5adcaa77b41710118eb4633af9e0cdea82b9cc6a77581c6a3526a730a1821c57b3c10b1ffb8828a7ad73bb7c88583059e97dad4148a7dfe82e866e8ae9f2f0e8253de99d41af5f68ca03a89d722723b315e341a080419193256dc653fc4bda045821027683708bfb2c0c4f797e0262cab0a5b73ca8a89bf5e860e678a6b1ebf8663b463de39c7e98d88a179891ce86fca4964c60d8c69752ab56861b4508a11ea588cea2d26c8a1b2050233948cb4e6df3fb6cf7c201bc1322db07e0a443f4b47f76aca714e64ad2fd67018e865afcbda0e9f4677589d78083d1c8a8bc308cef2dea2d97b728495abcbb4c7cfd62a9edcf29a62607113e25ef82adf6722f2875eaef43bf6e8915957741fd5d25627d7323f7c06380f26c658ccfac9b8f766eb4288eef30cca4e2eff3fed29cd61b62895add25342f18f6f230543e2206f9a66f9109c0ebad25cd93e9a52da528866fdbff6f40a785bbfad3e7dfe7919391ef8d0732c4a6ed420bbe69a25980378a37b5e6433a2adfa6232317bdbc87d41e89a8c9b750795e635cb764ced9cc87e45e6d08ecd042e33d1ae1832c84b7cfb4cfc3aae003db814d70a1fa030a12aee7c00e108ea5a9fbcfeb21e36492388a2edff864d5ec6e08d25a41daa9a8d5bf8fb31797a3992ccd69055097b1cb60efe42770632f3877c9548284d8159bb4982bd4cda0b4b5ee6690631c8eb44e6b3ea459c099603e00d937f9a83249387062ff3c0bdb0a1c21b64d93fa5529d9b589af6584ca1779ac2c2dd39d7faec0f670498c8c26afc6be84039a76bce973c05f4188d51930dcefaeeb99435afaf5d5d9af9eba7ebe7794547fc70a3e0071439b8db4c9b7aae6f5bf95cd89884a1ae071617c7247d39c3cff0aad40e411d2fb0354e2eb77f16336b3074dd197d23a44df0477732576f898203e4b8b3dd259c2be78cd83aaf18911f243a6e4e52bc9f7dff267e4a6eb80831d12e0960fc157075d89eb182f1204291987cb182e33de113bedf8909e1b119416a4c843a1c1214f86ab871a52dde17dc84b02dddaaf4a5c2e76e1cb06af90113d60a62dda5f30e0bd394a7a556e57875af0ab836db2ed96378c124cbc05570101954b1c833929dcb356b4bc8288b13107001f906157b85f10866c066ebe7fef3603ad566e47577c27fd38b97753477de6ce5d573108667123092f58febf57e300ed1189c608f06804022589a9c17ee51d69153f4c3c5e97a51800d8c1770d67e72bfb595935e5aa57e015a500360469e0e1f9a03fb7ada91766de3dc99c25924ea9fa7e25d5f5403e8673097de661a6beeed134306b7881482d53cdf3ea990ecdec168dc4ccbd5d88ce7f6f176b926ec628d14a3869418e92953fd15c6a3de4d03daae2d5eabab22fc496c147ee9570f8735b2d117b8da833e5188f062320c4bbe32d85095e661911fd3a8bab098b115eae02a131e571dfc87d485a08fb18525746118fe800ea77c416857621a97360d45cd625c52b0ee96c676e4b601bb47e9a0c50b6422cb7a84437f6d036a6364943b887866c0afcf0a7fbcbd86e2c42ad0e4aeaec0b7f74a4157ccac8b83dc0301af99543d2fe785367410e0093c6e33532b1636a6825f1e7460b9dcaef3b243a94bac97b08192c56f3e36c3b54c6f4886c7b58b58ab2770deb9f3cf76ea58bd37de7ed55781babcff0dd40f1c7f47ab62686f80f35a1ae130efdf70b77dae059a49a759fd7dead2fbf0441c643b4a791787368b65b0b6445e27480b6c2bfa1f0ec1e0e42b50f2f9ab7a738bc384087b6ae43fe99ff6a3d4c210169c3819034120861c712b1d355460c78e2e0762c8da8243f44126289eccf69b496786d0d2531d9235e3fc2c6112565bca72392333d8a049c9f78e6e67a9495f381c02941987dca9dea2b658c89e51f2503fd7fc6b873aaeae662e59ceab929f1762147c5b49c9db9cd579ef816ac3128c886cd103ec2c66615197cfcdb2caa1cfd908845f7eb365241c5c12085026eb3120b896f2a5a3e411138c3609553542b9de38f9b44db56cad28abef1249b161af73ab7c5898bc18f71b35e6984afd21566eab346d9971f3bc5454c9338542c0fd6b9838541c785a0f4cfd4bd88040fd4aa41fc471d87737214a86d09b47bacc1b14952e851ef9ae79c3317ab506d202bb0b5a29ae745a480782e0478ec867a75ce5cae1b9f02fe1fee8bdf6f30de148be8f94b089b53d0f68a7d7ba4177f64a985f3e2aaf1f56f8406342a7d7941eafb7eef1128a336fd5fc9b1f4748fae7aad8388e449065360f822f389cca69be359b0ae070bd71721ad8c1747577cb237714c7e1c60180ce2af49b5588970dac3b69eea2f4170121e9d8cda448ae6479318675dac3dc492f8860984f278c8ca39648348b2bfb86e13c5c77d42bf503d4f1f040c10d149522541b7dd0a33963a17e0e2b07877f5a48457d244b2d6bcecf0e116fab1977b0c4983a52d6b3e7b7e60c9dac5f4a8c0d5814e1bfce800147ce87c10fe08f1cf8a02cb289f5ae516a01be8b81fefddbccfd7873c144fc27a404a611c77a91c500dcc9d90adcfb28cfb84718046368e74439c74bec66a8c9ef0e356522badf29a13c739ace588e0eafaf3e45f48b2849bdd137ec6bb445a1730e823b7b62f99de5279fcf8c91b31c0b1afe3710518195b0eb5270bd4c6df12b213c53927db94b3fc5666bfefa03426e666cee9b98b4191f12f41ef0c7b69afd5976ad9311d6dcb75afbe1672c1bf1f7b3b15d9919f45ba8e2fe2b26e117c5ee8ef3c61030e6b336259fa27ac1a2d79792fc5404cd1c46ee60cf39856d620dfc862df67b0c0b63abc0a9a704f408e036608ee719f3fa882b15e8b48674ef140e93172d563341f02fe169286de5d7e5469a7865fa09a4dcd2655d555e6917f802dba12236fe578697d5e483b9b7dd3724d56b14cd0be83b46f4991e2dc410807b80a5a2b03cb7855f9e391439284f291adc48d974f72cb7a0d86dce11aee3d5c96bba52eb231047336c4b0b2de6694c7385b98d8595116df83d3f22afd4208b73a267e3f1f20b71b5a2da3b3ea43f7be273efbbf853076e883f2e0e33b93b8b38b8fecc1cc647c37017635761a89f4ab99d01559eb5ac1a3c9d4796f0ae7516d9a29bf9dbddaa5991a8752d63b3bb81741419feb680ee682540fe5116f0496e0b0eb7c445dacead0519655a8f0e046faa27e01ca96f231c859599675b5da27d5967f6f4c1edc033b7b38670f3adf17bb7a4db5bb8823ec8e16c3dd10c99dadbca388ac927071e39ff3670cb25f1a27b9970e9dc29be7db1ceed4318cee713abf632e6cabfd683a8ffdf2eebf4e1bbc866782e41f20ab8b4dd748ff8d2c93986e7a29d48ca04142557dd8ae7b3cff05dd777e74c51e90edd44abe01c501a1e1d5129978108276a124ab2064a0fab0ce033baca6c476ad95fbb8cfec6a1d77e2e7a17d91276d78ca8ab0bd9fc66b1c7db3a770ef357450005a4b7f3cf1ba74a02594bd88cc898539141dc5cd428a3ba8021d7d9ac4b5d636b44e4292279c1b4e6b2b077bc7c7fdc1e3d8bbcfd4b2a32b7c477fd535cf9f3edb00928561245a8f1c920c5832e703bea678176f093674f9a211ac5800eb6496926a5dead621b63dffaab6afb8caf3564fe810eb8a2af61627ec69c9f96434e0caabe60062897ff9ef1b77754e8351219727884480cd7c75a1c752a00beba6ebebee883b560d3f5ba5b8d95848543fae89646aceddeaabe7011600897526ed0e68aa522e950cbb8032988aa1e3aa96f96a3393f99c42d4132e2cc3e549cf062a116d3c0340e102b7860d95d7aa90ee038edf49137fee0f0890ac2f15e09938f2d8118c9eb9b5a978146f4c9ea26679c4361ffb311a574f3cd8802d95e11d9f64bce80ff0ca8493f3e2289cbcb9e56df191e2f2f57c6b94da75a927c600f73ee545d6b99e0b686b57b60c3440a19a4cd63f5235099feb190629eda766438da9a6877af18679f087e294ccd04a15db91fdb119bd332612dacd7f404aa218c6b075ab5fcd225b8fc0d6c71268ad27a64e053160018ef142cf7a9c6e1c410b40b41a7af0bdfdf95af4520c20369ebfe8efe166245698753625fbd5f36d95e06b41cec54d427a987b98678a8ac393f9e70a8d01d0b7058daf34741840364d3ccb86b3e83e641fe80e7d93775d986fe3b1099628035cfb515c9d891e08f2b5f8561c3bdad6ded74012877e83b981bbb622dc8d70b1bf08dab9ba86f092e412bd32534d0ef421c032bb39244e72f93d1858bfc30fdc4cafea7b53962e8fcf6133677a68a960ce5c13f44d7b7cf23a4e3378c2c99602757f0a27e61ffe26fb69b5f29aa722bf8e27c3138b3e9ae67574efc8c6bec34d483411b498890011669400ec12454cf4abe4d0426045f986bb116a1588944e662ea2d5ffba3d1e46e89e7dc6e42a05c4e563b24bd2ec0ca8c64f290ffe5a92915fc7346e549764b879378a237f824cc40f2dba2c7324a58ca3265fd3c290b6d639cda48f92bf54f454bcf82ec7d439e7d01a8e0da824908fb584d08eed1dda7083e5ed64831e5ac9fda45a899cf584b13eb20991b74342f8613a0a3805a6a044a5bbc2ebf989958343f6e2a4304538c3df54159639ed1f7a34c8bd542cbe81a2eebd0307cf68511258420c1e82d0304cdf8d90ed32d9a4c4677af1216a0847f2744d4b23fcdd27ab081be86c6b9ada22a02f34b39ffa8f4bc59dd02eb6d0c61ef0a97f124f64bfc77c57928f2d82a6d33d13b8a4a77bb29cce20796ddda3273eea284f641cd5ee204dbc08a8fbcd6a0705390b4156714952878938ca9d247c3bcd854ecb52fbd9b40f0adcd3b586d58318d9b7bc50e86334028f131b20309b09f8363f94faf365ef2fbbed10496df084f9945c656659d2bca17b634734f9353a76c15d5e874492add0c1c484a8670d986e7d3fe1b78f3f9168bc8c4a6b0319db49b4e82f8c8d36b08d41a64b06cbf4e2bf3e365a53841458173ddded313215efc86d03490b512e55c77193430714fde5c1d6cc809a46c5e9823bf416b4abd38c4831e92e7751e2967a5fd00e5d44df25cab460d3a18097a967be3dc4f9db4b992a7be8ef3a908d735e83d0247cc5c5e7de2364b8379ed7b80594af51523c5ff282288e0c3ad60b81fd0187f4d58704f69bfd1c9ce099c8296e8135ca7191d0e0870f61f160559844bc3d7cd271c0e40b629199da09ede24f28fed3a39179d31eb7298d504650f9cac9027b25616d2447edc878a0d9f37a210199d175a497d41e27ce9416a384a0ba5a1f42477239bd1b9e280d2f4a93ed59fcfad0c3", 0x1000, 0x5}], 0x40000, &(0x7f0000001440)={[{'!+{\\.\'#-'}, {'vfat\x00'}, {'%.]\\:'}, {'vfat\x00'}, {}, {'vfat\x00'}, {':'}, {'&(^@-('}, {'vfat\x00'}], [{@obj_type={'obj_type', 0x3d, '!'}}, {@seclabel}]})
signalfd4(r2, &(0x7f0000001500)={[0x8d81]}, 0x8, 0x0)
openat(r2, &(0x7f00000000c0)='./file0\x00', 0x0, 0x100)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x8})
fadvise64(r3, 0x100000001, 0x4, 0x5)

[ 2931.912747] syz-executor.0: attempt to access beyond end of device
[ 2931.912747] loop0: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2931.914425] Buffer I/O error on dev loop0, logical block 10, lost async page write
[ 2931.973523] syz-executor.7: attempt to access beyond end of device
[ 2931.973523] loop7: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2931.975472] Buffer I/O error on dev loop7, logical block 10, lost async page write
15:50:56 executing program 0:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 99)

[ 2932.020760] syz-executor.2: attempt to access beyond end of device
[ 2932.020760] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2932.023957] Buffer I/O error on dev loop2, logical block 10, lost async page write
[ 2932.061313] loop6: detected capacity change from 0 to 40
15:50:56 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 79)

[ 2932.111225] loop0: detected capacity change from 0 to 40
15:50:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef) (fail_nth: 84)

[ 2932.180781] syz-executor.6: attempt to access beyond end of device
[ 2932.180781] loop6: rw=2049, sector=40, nr_sectors = 4 limit=40
[ 2932.182546] Buffer I/O error on dev loop6, logical block 10, lost async page write
[ 2932.253810] loop7: detected capacity change from 0 to 40
[ 2932.276371] loop2: detected capacity change from 0 to 40
15:50:56 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="04000000646f7366d8a10000080138000401", 0x12}, {0x0, 0x0, 0x2800}], 0x410, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
openat(r0, &(0x7f0000000000)='./file0\x00', 0xa42, 0x4b)
sendfile(r1, r0, 0x0, 0xfffffdef)

[ 2932.442622] loop3: detected capacity change from 0 to 40
[ 2932.467763] FAT-fs (loop3): invalid media value (0x00)
[ 2932.468423] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 2933.283084] loop3: detected capacity change from 0 to 40
[ 2933.286715] FAT-fs (loop3): Unrecognized mount option "./file0" or missing value

VM DIAGNOSIS:
15:56:00  Registers:
info registers vcpu 0
RAX=0000000000b70fa3 RBX=0000000000000000 RCX=ffffffff844bb9ee RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff812874c5 RBP=dffffc0000000000 RSP=ffffffff85407e10
R8 =0000000000000001 R9 =ffff88806ce34fc3 R10=ffffed100d9c69f8 R11=0000000000000001
R12=ffffffff85d326d0 R13=1ffffffff0a80fc7 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff844bc98f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f07160e6010 CR3=0000000018d72000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00d402fe016c6c6f502e726567616e61
XMM02=6465657320636578650a0a0100010101 XMM03=6508006c61746f7420636578650a0073
XMM04=616320636578650e006e656720636578 XMM05=727420636578650b006574616469646e
XMM06=6d696e696d20636578650d0065676169 XMM07=006873616d7320636578650a00657a69
XMM08=746f7420636578650a00736465657320 XMM09=78650e006e6567206365786508006c61
XMM10=78650b006574616469646e6163206365 XMM11=20636578650d00656761697274206365
XMM12=7320636578650a00657a696d696e696d XMM13=73746e696820636578650a006873616d
XMM14=617473657220726f7475636578651100 XMM15=00007a7a756620636578650900737472
info registers vcpu 1
RAX=0000000000e23d91 RBX=0000000000000001 RCX=ffffffff844bb9ee RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff812874c5 RBP=dffffc0000000000 RSP=ffff888008dcfe68
R8 =0000000000000001 R9 =ffff88806cf34fc3 R10=ffffed100d9e69f8 R11=0000000000000001
R12=ffffffff85d326d0 R13=1ffff110011b9fd2 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff844bc98f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f644e4a5000 CR3=0000000018d72000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000004184361000000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000