program: syz_read_part_table(0x5e2, &(0x7f0000000b00)="$eJzs3L+rHFUUB/DvndlfD6LPP8DiQRpR8Al24sNY6DNdEO0EbS2eSCzEQnYXFcEff0Ba0cIohFhbKEgQ01mJ8NBCxN7CFIYrOzuzG1CrfSiBz6fYe+6de86Z4U47G+5udT+pJbnZzT5qu2HUJNNV8GvyzjhZvvhkv5CM+8SS5PmrTz198eBSmW7WVquL/up022XSj6Mc9NGXo3x49fjdLl6kZJ4+zPjzSUarvXWdd+XvN32rpO328D8bfVXXBzHJ9/kiyUlpV4c/TZb5JLkvs27fYZK21tod8yLZS9rNW7GDa0c3lk/08V76N228ns3fK/WR/to4tdbaZH5+yGyT+x8/vPxPRbv8Zfd4w1KtdXxuyG22F05uT4bw0W9/nmc521RPbbYlT/eSV0+ffbi7k7KuMd798QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGMPvPbg180wudD9lk38zKdptlsXyZ9DfDA7o/7Xjm7sv/X25SZvHL38wytv/nL8W35P0ubw+Fwy3ex7aT1cf78bRv1qu3P/k9vN5LOPv9nbLPSlS/Ld+R9v1aHDaT++/tgdyUfNzv0BAAAAAAAAAAAAAAAAAABg5XouHlxq8lxS8kK2n/vXzJJShuksqbXWP2pn+Ph/cuXePrr5U8oqKbXcWf1Csn9PUqcfPNT9rcA6sdY66lqU/+YZ+Xd/BQAA//8EFGMK") r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x8000) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x5, 0xa, 0x10002}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c0000001800dd8d000000000000000002000000000000060000000006001500010000001800168014000100000000000000000000003000000011"], 0x3c}}, 0x8000) r1 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) socket$nl_route(0x10, 0x3, 0x0) mount(&(0x7f0000000080)=@filename='./file1\x00', &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='jfs\x00', 0xc000, 0x0) [ 100.362839][ T5301] Bluetooth: hci0: command tx timeout [ 100.461959][ T5337] loop0: detected capacity change from 0 to 2048 [ 100.532888][ T5337] loop0: p2 p3 < > p4 < p5 > [ 100.548080][ T5337] loop0: partition table partially beyond EOD, truncated [ 100.580308][ T5337] loop0: p3 start 4284289 is beyond EOD, truncated qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0xab000) [ 100.624306][ T1029] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1 [ 100.637161][ T5337] Zero length message leads to an empty skb [ 100.640920][ T1029] ata1: failed to read log page 10h (errno=-5) [ 100.650688][ T1029] ata1.00: exception Emask 0x1 SAct 0xc000 SErr 0x0 action 0x0 [ 100.656769][ T5288] Buffer I/O error on dev loop0, logical block 0, async page read [ 100.667960][ T1029] ata1.00: irq_stat 0x41000000 [ 100.673581][ T5288] Buffer I/O error on dev loop0, logical block 0, async page read [ 100.679398][ T1029] ata1.00: failed command: WRITE FPDMA QUEUED [ 100.686640][ T5337] jfs: block size(32768) > page size(4096) not supported by filesystem [ 100.691791][ T1029] ata1.00: cmd 61/58:70:6e:19:08/05:00:00:00:00/40 tag 14 ncq dma 700416 out [ 100.691791][ T1029] res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 100.699792][ T5288] Buffer I/O error on dev loop0, logical block 0, async page read [ 100.710073][ T5288] Buffer I/O error on dev loop0, logical block 0, async page read [ 100.714043][ T5337] ------------[ cut here ]------------ [ 100.716351][ T5337] kernel BUG at fs/buffer.c:1479! [ 100.721946][ T1029] ata1.00: status: { DRDY } [ 100.726258][ T5288] Buffer I/O error on dev loop0, logical block 0, async page read [ 100.731562][ T5337] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 100.734568][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 100.738358][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 100.742898][ T5337] RIP: 0010:folio_set_bh+0x1dc/0x1e0 [ 100.745209][ T5337] Code: 4c 89 e2 e8 76 51 98 02 e9 42 ff ff ff e8 bc 76 6d ff 48 89 df 48 c7 c6 80 26 df 8b e8 3d bd cf fe 90 0f 0b e8 a5 76 6d ff 90 <0f> 0b 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f [ 100.753056][ T5337] RSP: 0018:ffffc90004bc78f0 EFLAGS: 00010283 [ 100.755513][ T5337] RAX: ffffffff8258509b RBX: ffffea0001534e00 RCX: 0000000000100000 [ 100.758766][ T5337] RDX: ffffc90020001000 RSI: 0000000000001678 RDI: 0000000000001679 [ 100.762139][ T5337] RBP: dffffc0000000000 R08: ffffea0001534e07 R09: 1ffffd40002a69c0 [ 100.765389][ T5337] R10: dffffc0000000000 R11: fffff940002a69c1 R12: 0000000000000003 [ 100.768982][ T5337] R13: 0000000000008000 R14: ffff88804679cae0 R15: 0000000000008000 [ 100.772523][ T5337] FS: 00007f215501c6c0(0000) GS:ffff88808c893000(0000) knlGS:0000000000000000 [ 100.776355][ T5337] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.779175][ T5337] CR2: 00007f2154186480 CR3: 00000000133be000 CR4: 0000000000352ef0 [ 100.782670][ T5337] Call Trace: [ 100.784137][ T5337] [ 100.785414][ T5337] folio_alloc_buffers+0x228/0x640 [ 100.787626][ T5337] bdev_getblk+0x2cb/0x6e0 [ 100.789715][ T5337] __bread_gfp+0x89/0x3b0 [ 100.791682][ T5337] readSuper+0xdb/0x270 [ 100.793457][ T5337] chkSuper+0x5d/0xe00 [ 100.795408][ T5337] ? do_raw_spin_unlock+0x4d/0x210 [ 100.797642][ T5337] jfs_mount+0x4b/0x870 [ 100.799517][ T5337] jfs_fill_super+0x6bc/0xd80 [ 100.801611][ T5337] get_tree_bdev_flags+0x431/0x4f0 [ 100.803877][ T5337] ? __pfx_jfs_fill_super+0x10/0x10 [ 100.806137][ T5337] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 100.808675][ T5337] vfs_get_tree+0x92/0x2a0 [ 100.810715][ T5337] do_new_mount+0x341/0xd30 [ 100.812491][ T5337] ? apparmor_capable+0x126/0x170 [ 100.814560][ T5337] ? __pfx_do_new_mount+0x10/0x10 [ 100.816632][ T5337] ? ns_capable+0x89/0xe0 [ 100.818333][ T5337] ? user_path_at+0xd4/0x160 [ 100.820134][ T5337] __se_sys_mount+0x31d/0x420 [ 100.821993][ T5337] ? __pfx___se_sys_mount+0x10/0x10 [ 100.824554][ T5337] ? __x64_sys_mount+0x20/0xc0 [ 100.826614][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.829468][ T5337] do_syscall_64+0x174/0x580 [ 100.831576][ T5337] ? trace_irq_disable+0x3b/0x140 [ 100.833865][ T5337] ? clear_bhb_loop+0x40/0x90 [ 100.836212][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.839254][ T5337] RIP: 0033:0x7f215419ce59 [ 100.841241][ T5337] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 100.849685][ T5337] RSP: 002b:00007f215501bfe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 100.853077][ T5337] RAX: ffffffffffffffda RBX: 00007f2154415fa0 RCX: 00007f215419ce59 [ 100.856400][ T5337] RDX: 0000200000000040 RSI: 0000200000000140 RDI: 0000200000000080 [ 100.860006][ T5337] RBP: 00007f2154232d6f R08: 0000000000000000 R09: 0000000000000000 [ 100.863497][ T5337] R10: 000000000000c000 R11: 0000000000000246 R12: 0000000000000000 [ 100.866919][ T5337] R13: 00007f2154416038 R14: 00007f2154415fa0 R15: 00007ffc21110228 [ 100.870374][ T5337] [ 100.871750][ T5337] Modules linked in: [ 100.874002][ T5337] ---[ end trace 0000000000000000 ]--- [ 100.876829][ T1029] ata1.00: failed command: WRITE FPDMA QUEUED [ 100.884090][ T1029] ata1.00: cmd 61/10:78:c6:1e:08/06:00:00:00:00/40 tag 15 ncq dma 794624 out [ 100.884090][ T1029] res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 100.898620][ T1029] ata1.00: status: { DRDY } [ 100.901614][ T1029] ata1.00: configured for UDMA/100 [ 100.904374][ T1029] ata1: EH complete [ 100.931862][ T5288] Buffer I/O error on dev loop0p2, logical block 0, async page read [ 100.936426][ T5293] Buffer I/O error on dev loop0p5, logical block 0, async page read [ 100.945213][ T5337] RIP: 0010:folio_set_bh+0x1dc/0x1e0 [ 100.947649][ T5337] Code: 4c 89 e2 e8 76 51 98 02 e9 42 ff ff ff e8 bc 76 6d ff 48 89 df 48 c7 c6 80 26 df 8b e8 3d bd cf fe 90 0f 0b e8 a5 76 6d ff 90 <0f> 0b 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f [ 100.956306][ T5337] RSP: 0018:ffffc90004bc78f0 EFLAGS: 00010283 [ 100.959051][ T5337] RAX: ffffffff8258509b RBX: ffffea0001534e00 RCX: 0000000000100000 [ 100.962509][ T5337] RDX: ffffc90020001000 RSI: 0000000000001678 RDI: 0000000000001679 [ 100.966501][ T5337] RBP: dffffc0000000000 R08: ffffea0001534e07 R09: 1ffffd40002a69c0 [ 100.970089][ T5337] R10: dffffc0000000000 R11: fffff940002a69c1 R12: 0000000000000003 [ 100.974075][ T5337] R13: 0000000000008000 R14: ffff88804679cae0 R15: 0000000000008000 [ 100.977913][ T5337] FS: 00007f215501c6c0(0000) GS:ffff88808c893000(0000) knlGS:0000000000000000 [ 100.981772][ T5337] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.985009][ T5337] CR2: 00007fa8e6997a08 CR3: 00000000133be000 CR4: 0000000000352ef0 [ 100.988638][ T5337] Kernel panic - not syncing: Fatal exception [ 100.991701][ T5337] Kernel Offset: disabled [ 100.993609][ T5337] Rebooting in 86400 seconds..