fffffff, 0x0, 0x0) 21:24:20 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:24:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83", 0x97, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:24:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:24:20 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:24:20 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x8, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 701.400208] loop6: detected capacity change from 0 to 5 [ 701.436853] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) 21:24:21 executing program 0: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r0, 0x1, &(0x7f00000003c0)=[0x0]) [ 701.495655] No source specified 21:24:21 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83", 0x97, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 701.564223] loop6: detected capacity change from 0 to 5 21:24:21 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x4, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:24:21 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 701.605523] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) [ 701.634600] loop7: detected capacity change from 0 to 32640 [ 701.713491] No source specified [ 701.749701] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 701.750636] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 701.752024] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:24:31 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 14) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:24:31 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83", 0x97, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:24:31 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x5, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:24:31 executing program 0: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r0, 0x1, &(0x7f00000003c0)=[0x0]) 21:24:31 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x9, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:24:31 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:24:31 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x300, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:24:31 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x4, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 711.605844] loop6: detected capacity change from 0 to 5 [ 711.609632] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) 21:24:31 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39", 0x9c, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 711.631530] loop6: detected capacity change from 0 to 5 [ 711.634309] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) [ 711.652946] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 711.653427] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 711.654167] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 711.661508] loop4: detected capacity change from 0 to 4 [ 711.668401] FAULT_INJECTION: forcing a failure. [ 711.668401] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 711.679650] CPU: 0 UID: 0 PID: 6989 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) 21:24:31 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39", 0x9c, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 711.679700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 711.679715] Call Trace: [ 711.679723] [ 711.679732] dump_stack_lvl+0xfa/0x120 [ 711.679768] should_fail_ex+0x4d7/0x5e0 [ 711.679818] should_fail_alloc_page+0xe0/0x110 [ 711.679850] prepare_alloc_pages+0x1eb/0x550 [ 711.679886] __alloc_frozen_pages_noprof+0x185/0x2070 [ 711.679926] ? __is_insn_slot_addr+0x136/0x290 [ 711.679956] ? lock_release+0xc8/0x270 [ 711.679994] ? __is_insn_slot_addr+0x140/0x290 [ 711.680024] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 711.680070] ? lock_is_held_type+0x9e/0x120 [ 711.680098] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 711.680141] ? policy_nodemask+0xeb/0x4e0 [ 711.680182] alloc_pages_mpol+0xed/0x340 [ 711.680219] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 711.680255] ? filemap_get_entry+0x1bb/0x3b0 [ 711.680293] ? __pfx_filemap_get_entry+0x10/0x10 [ 711.680336] folio_alloc_mpol_noprof+0x38/0x2a0 [ 711.680382] shmem_alloc_folio+0x11b/0x140 [ 711.680413] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 711.680456] ? find_held_lock+0x2b/0x80 [ 711.680481] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 711.680520] ? do_raw_read_trylock+0x92/0xb0 [ 711.680562] ? simple_xattr_get+0x173/0x1d0 [ 711.680602] shmem_write_begin+0x194/0x3b0 [ 711.680640] ? __pfx_shmem_write_begin+0x10/0x10 [ 711.680676] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 711.680720] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 711.680753] ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0 [ 711.680795] generic_perform_write+0x391/0x810 [ 711.680836] ? __pfx_generic_perform_write+0x10/0x10 [ 711.680872] ? file_update_time_flags+0x367/0x4f0 [ 711.680911] shmem_file_write_iter+0x111/0x140 [ 711.680941] vfs_write+0xbe9/0x1150 [ 711.680967] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 711.680995] ? __fget_files+0x34/0x3b0 [ 711.681021] ? __pfx_vfs_write+0x10/0x10 [ 711.681067] __x64_sys_pwrite64+0x1f1/0x260 [ 711.681094] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 711.681122] ? trace_hardirqs_off+0x65/0x100 [ 711.681163] do_syscall_64+0xbf/0x420 [ 711.681194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.681220] RIP: 0033:0x7f9f6fba4ab7 [ 711.681240] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 711.681265] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 711.681289] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 711.681306] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 711.681321] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 711.681336] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 711.681351] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 711.681383] [ 711.723925] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 711.725559] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 711.727531] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 711.738791] loop6: detected capacity change from 0 to 5 [ 711.740874] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) [ 711.741871] loop7: detected capacity change from 0 to 5 [ 711.748107] EXT4-fs (loop7): VFS: Can't find ext4 filesystem 21:24:31 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39", 0x9c, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 711.809189] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 711.820222] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 711.820667] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 711.821379] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 711.842245] loop6: detected capacity change from 0 to 5 [ 711.848268] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 711.849248] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 711.850791] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 711.854106] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) 21:24:41 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb3", 0x9f, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:24:41 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 15) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:24:41 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x5, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:24:41 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0xa, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:24:41 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x7, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:24:41 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:24:41 executing program 0: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r0, 0x1, &(0x7f00000003c0)=[0x0]) 21:24:41 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x810, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 721.846458] loop4: detected capacity change from 0 to 4 [ 721.852855] loop6: detected capacity change from 0 to 5 [ 721.856565] FAULT_INJECTION: forcing a failure. [ 721.856565] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 721.858447] CPU: 1 UID: 0 PID: 7022 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 721.858477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 721.858491] Call Trace: [ 721.858499] [ 721.858508] dump_stack_lvl+0xfa/0x120 [ 721.858541] should_fail_ex+0x4d7/0x5e0 [ 721.858579] ? page_copy_sane+0xce/0x2b0 [ 721.858617] copy_folio_from_iter_atomic+0x383/0x1820 [ 721.858665] ? simple_xattr_get+0x173/0x1d0 [ 721.858700] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 721.858739] ? shmem_write_begin+0x1ab/0x3b0 [ 721.858772] ? __pfx_shmem_write_begin+0x10/0x10 [ 721.858804] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 721.858843] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 721.858873] ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0 [ 721.858910] generic_perform_write+0x1d7/0x810 [ 721.858946] ? __pfx_generic_perform_write+0x10/0x10 [ 721.858978] ? file_update_time_flags+0x367/0x4f0 [ 721.859013] shmem_file_write_iter+0x111/0x140 [ 721.859039] vfs_write+0xbe9/0x1150 [ 721.859071] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 721.859100] ? __fget_files+0x34/0x3b0 [ 721.859123] ? __pfx_vfs_write+0x10/0x10 [ 721.859164] __x64_sys_pwrite64+0x1f1/0x260 [ 721.859188] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 721.859221] do_syscall_64+0xbf/0x420 [ 721.859248] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 721.859271] RIP: 0033:0x7f9f6fba4ab7 [ 721.859289] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 721.859310] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 721.859331] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 721.859346] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 721.859360] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 721.859373] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 721.859385] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 721.859413] [ 721.896146] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) [ 721.903355] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 721.904415] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 721.906156] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 721.924634] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 721.936362] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 721.937372] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 721.938893] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:24:41 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb3", 0x9f, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 722.091877] loop6: detected capacity change from 0 to 5 [ 722.114720] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) [ 722.333815] loop7: detected capacity change from 0 to 32640 21:24:52 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x7, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:24:52 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:24:52 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 16) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:24:52 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x10, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:24:52 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1008, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:24:52 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x8, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:24:52 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb3", 0x9f, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:24:52 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 732.615293] loop4: detected capacity change from 0 to 4 [ 732.624930] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 732.673851] FAULT_INJECTION: forcing a failure. [ 732.673851] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 732.675401] CPU: 1 UID: 0 PID: 7051 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 732.675428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 732.675439] Call Trace: [ 732.675446] [ 732.675454] dump_stack_lvl+0xfa/0x120 [ 732.675483] should_fail_ex+0x4d7/0x5e0 [ 732.675522] should_fail_alloc_page+0xe0/0x110 [ 732.675548] prepare_alloc_pages+0x1eb/0x550 [ 732.675576] __alloc_frozen_pages_noprof+0x185/0x2070 [ 732.675614] ? do_raw_spin_lock+0x123/0x260 [ 732.675647] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 732.675681] ? do_raw_spin_unlock+0x53/0x220 [ 732.675711] ? lock_is_held_type+0x9e/0x120 [ 732.675733] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 732.675766] ? policy_nodemask+0xeb/0x4e0 [ 732.675797] alloc_pages_mpol+0xed/0x340 [ 732.675826] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 732.675853] ? filemap_get_entry+0x1bb/0x3b0 [ 732.675882] ? __pfx_filemap_get_entry+0x10/0x10 [ 732.675916] folio_alloc_mpol_noprof+0x38/0x2a0 [ 732.675950] shmem_alloc_folio+0x11b/0x140 [ 732.675975] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 732.676013] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 732.676046] ? simple_xattr_get+0x173/0x1d0 [ 732.676084] shmem_write_begin+0x194/0x3b0 [ 732.676115] ? __pfx_shmem_write_begin+0x10/0x10 [ 732.676144] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 732.676185] generic_perform_write+0x391/0x810 [ 732.676218] ? __pfx_generic_perform_write+0x10/0x10 [ 732.676247] ? file_update_time_flags+0x367/0x4f0 [ 732.676278] shmem_file_write_iter+0x111/0x140 [ 732.676302] vfs_write+0xbe9/0x1150 [ 732.676323] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 732.676345] ? __fget_files+0x34/0x3b0 [ 732.676366] ? __pfx_vfs_write+0x10/0x10 [ 732.676403] __x64_sys_pwrite64+0x1f1/0x260 [ 732.676425] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 732.676454] do_syscall_64+0xbf/0x420 [ 732.676479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 732.676501] RIP: 0033:0x7f9f6fba4ab7 [ 732.676517] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 732.676537] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 732.676556] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 732.676570] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 732.676582] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 732.676594] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 732.676606] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 732.676631] [ 732.684279] loop6: detected capacity change from 0 to 5 [ 732.706811] loop7: detected capacity change from 0 to 8 [ 732.714106] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) 21:24:52 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 732.745631] EXT4-fs (loop7): VFS: Can't find ext4 filesystem 21:24:52 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 732.774981] loop4: detected capacity change from 0 to 5 [ 732.782598] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:24:52 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 17) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 732.829420] loop6: detected capacity change from 0 to 5 [ 732.836800] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) 21:24:52 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 732.850549] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 21:24:52 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 732.855014] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 732.856355] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:24:52 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 732.893398] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 732.895335] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 732.896335] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 732.917558] loop4: detected capacity change from 0 to 5 [ 732.917616] loop6: detected capacity change from 0 to 5 [ 732.925983] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 732.927359] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) [ 732.963404] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 732.965006] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 732.966480] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 733.195021] loop7: detected capacity change from 0 to 32640 21:25:03 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 18) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:03 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:03 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:25:03 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x9, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:25:03 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x18, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:03 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x8, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:03 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:03 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 743.587823] loop6: detected capacity change from 0 to 5 [ 743.590594] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) [ 743.603623] loop4: detected capacity change from 0 to 5 [ 743.612980] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:25:03 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:03 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280), 0x0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 743.684704] loop6: detected capacity change from 0 to 4 [ 743.691556] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) [ 743.703096] loop4: detected capacity change from 0 to 5 21:25:03 executing program 0: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000)="fa", 0x1}]) [ 743.722514] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 743.728481] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 743.729397] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 743.730775] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:25:03 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:03 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280), 0x0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:03 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0xa, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 743.807749] loop4: detected capacity change from 0 to 5 [ 743.807971] loop6: detected capacity change from 0 to 4 [ 743.810542] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:25:03 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x80000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:25:03 executing program 0: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000)="fa", 0x1}]) [ 743.854020] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 743.854516] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 743.860942] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 743.877969] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) [ 743.897817] loop7: detected capacity change from 0 to 32640 [ 743.950859] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 743.951999] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 743.953649] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 743.987274] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 743.987750] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 743.990853] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:25:03 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x9, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:03 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 19) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:03 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:03 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x23, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:25:03 executing program 0: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000)="fa", 0x1}]) 21:25:03 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280), 0x0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:03 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x23, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 744.074009] loop6: detected capacity change from 0 to 4 [ 744.081503] loop4: detected capacity change from 0 to 5 [ 744.083465] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) [ 744.087478] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 744.090726] FAULT_INJECTION: forcing a failure. [ 744.090726] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 744.092971] CPU: 1 UID: 0 PID: 7145 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 744.093005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 744.093019] Call Trace: [ 744.093027] [ 744.093035] dump_stack_lvl+0xfa/0x120 [ 744.093078] should_fail_ex+0x4d7/0x5e0 [ 744.093119] ? page_copy_sane+0xce/0x2b0 [ 744.093158] copy_folio_from_iter_atomic+0x383/0x1820 [ 744.093210] ? simple_xattr_get+0x173/0x1d0 [ 744.093247] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 744.093288] ? shmem_write_begin+0x1ab/0x3b0 [ 744.093324] ? __pfx_shmem_write_begin+0x10/0x10 [ 744.093358] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 744.093407] generic_perform_write+0x1d7/0x810 [ 744.093447] ? __pfx_generic_perform_write+0x10/0x10 [ 744.093481] ? file_update_time_flags+0x367/0x4f0 [ 744.093523] shmem_file_write_iter+0x111/0x140 [ 744.093551] vfs_write+0xbe9/0x1150 [ 744.093575] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 744.093601] ? __fget_files+0x34/0x3b0 [ 744.093626] ? __pfx_vfs_write+0x10/0x10 [ 744.093670] __x64_sys_pwrite64+0x1f1/0x260 [ 744.093695] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 744.093730] do_syscall_64+0xbf/0x420 [ 744.093759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 744.093784] RIP: 0033:0x7f9f6fba4ab7 [ 744.093803] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 744.093826] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 744.093849] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 744.093865] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 744.093879] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 744.093894] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 744.093907] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 744.093937] [ 744.131413] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 744.132205] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 744.136216] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 744.136963] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 744.138120] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 744.138812] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 744.176253] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 744.176693] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 744.177540] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 744.191796] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 744.192813] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 744.194350] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 744.302267] loop7: detected capacity change from 0 to 32640 21:25:13 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 20) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:13 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x13, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:13 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x600, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:25:13 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:25:13 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:13 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c22979", 0x51, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:13 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x25, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:13 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) [ 753.731243] FAULT_INJECTION: forcing a failure. [ 753.731243] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 753.732823] CPU: 1 UID: 0 PID: 7163 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 753.732848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 753.732860] Call Trace: [ 753.732867] [ 753.732874] dump_stack_lvl+0xfa/0x120 [ 753.732903] should_fail_ex+0x4d7/0x5e0 [ 753.732939] ? page_copy_sane+0xce/0x2b0 [ 753.732972] copy_folio_from_iter_atomic+0x383/0x1820 [ 753.733016] ? fault_in_readable+0x12a/0x1d0 [ 753.733046] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 753.733085] ? shmem_write_begin+0x1ab/0x3b0 [ 753.733114] ? __pfx_shmem_write_begin+0x10/0x10 [ 753.733141] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 753.733181] generic_perform_write+0x1d7/0x810 [ 753.733214] ? __pfx_generic_perform_write+0x10/0x10 [ 753.733242] ? file_update_time_flags+0x367/0x4f0 [ 753.733275] shmem_file_write_iter+0x111/0x140 [ 753.733298] vfs_write+0xbe9/0x1150 [ 753.733318] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 753.733340] ? __fget_files+0x34/0x3b0 [ 753.733361] ? __pfx_vfs_write+0x10/0x10 [ 753.733397] __x64_sys_pwrite64+0x1f1/0x260 [ 753.733419] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 753.733447] do_syscall_64+0xbf/0x420 [ 753.733472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 753.733493] RIP: 0033:0x7f9f6fba4ab7 [ 753.733508] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 753.733528] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 753.733546] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 753.733559] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 753.733571] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 753.733583] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 753.733594] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 753.733619] [ 753.782926] loop4: detected capacity change from 0 to 5 [ 753.790696] loop6: detected capacity change from 0 to 5 [ 753.800222] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 753.800979] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 753.801157] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 753.803036] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 753.805805] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 753.844253] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 753.844957] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 753.846158] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:25:13 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:13 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c22979", 0x51, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 753.942006] loop4: detected capacity change from 0 to 5 [ 753.958536] loop6: detected capacity change from 0 to 5 [ 753.969117] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 753.972591] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 754.086130] loop7: detected capacity change from 0 to 32640 21:25:23 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x23, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:23 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 21) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:23 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:25:23 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0xa00, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:25:23 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:23 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c22979", 0x51, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:23 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x2a, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:23 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) [ 764.273997] FAULT_INJECTION: forcing a failure. [ 764.273997] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 764.275977] CPU: 0 UID: 0 PID: 7201 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 764.276009] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 764.276023] Call Trace: [ 764.276031] [ 764.276040] dump_stack_lvl+0xfa/0x120 [ 764.276080] should_fail_ex+0x4d7/0x5e0 [ 764.276127] should_fail_alloc_page+0xe0/0x110 [ 764.276157] prepare_alloc_pages+0x1eb/0x550 [ 764.276184] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 764.276227] __alloc_frozen_pages_noprof+0x185/0x2070 [ 764.276264] ? pte_offset_map_lock+0x190/0x330 [ 764.276294] ? find_held_lock+0x2b/0x80 [ 764.276321] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 764.276364] ? lock_is_held_type+0x9e/0x120 [ 764.276389] ? lock_is_held_type+0x9e/0x120 [ 764.276409] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 764.276450] ? policy_nodemask+0xeb/0x4e0 [ 764.276488] alloc_pages_mpol+0xed/0x340 [ 764.276523] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 764.276556] ? filemap_get_entry+0x1bb/0x3b0 [ 764.276591] ? __pfx_filemap_get_entry+0x10/0x10 [ 764.276631] folio_alloc_mpol_noprof+0x38/0x2a0 [ 764.276674] shmem_alloc_folio+0x11b/0x140 [ 764.276703] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 764.276747] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 764.276788] ? fault_in_readable+0x12a/0x1d0 [ 764.276824] shmem_write_begin+0x194/0x3b0 [ 764.276858] ? __pfx_shmem_write_begin+0x10/0x10 [ 764.276892] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 764.276939] generic_perform_write+0x391/0x810 [ 764.276977] ? __pfx_generic_perform_write+0x10/0x10 [ 764.277010] ? file_update_time_flags+0x367/0x4f0 [ 764.277048] shmem_file_write_iter+0x111/0x140 [ 764.277076] vfs_write+0xbe9/0x1150 [ 764.277099] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 764.277125] ? __fget_files+0x34/0x3b0 [ 764.277150] ? __pfx_vfs_write+0x10/0x10 [ 764.277192] __x64_sys_pwrite64+0x1f1/0x260 [ 764.277217] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 764.277251] do_syscall_64+0xbf/0x420 [ 764.277280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 764.277305] RIP: 0033:0x7f9f6fba4ab7 [ 764.277323] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 764.277346] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 764.277368] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 764.277383] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 764.277398] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 764.277412] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 764.277426] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 764.277455] [ 764.338469] loop7: detected capacity change from 0 to 16 [ 764.341658] loop6: detected capacity change from 0 to 5 [ 764.348112] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 764.348699] loop4: detected capacity change from 0 to 5 [ 764.355346] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 764.360593] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:25:23 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 22) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:23 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{0x0, 0x0, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 764.434361] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 764.435348] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 764.436949] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:25:24 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b", 0x79, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 764.456051] FAULT_INJECTION: forcing a failure. [ 764.456051] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 764.462485] loop6: detected capacity change from 0 to 5 21:25:24 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) [ 764.469426] CPU: 1 UID: 0 PID: 7223 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 764.469458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 764.469471] Call Trace: [ 764.469479] [ 764.469487] dump_stack_lvl+0xfa/0x120 [ 764.469519] should_fail_ex+0x4d7/0x5e0 [ 764.469556] ? page_copy_sane+0xce/0x2b0 [ 764.469593] copy_folio_from_iter_atomic+0x383/0x1820 [ 764.469642] ? fault_in_readable+0x12a/0x1d0 [ 764.469674] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 764.469713] ? shmem_write_begin+0x1ab/0x3b0 [ 764.469745] ? __pfx_shmem_write_begin+0x10/0x10 [ 764.469777] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 764.469822] generic_perform_write+0x1d7/0x810 [ 764.469859] ? __pfx_generic_perform_write+0x10/0x10 [ 764.469890] ? file_update_time_flags+0x367/0x4f0 [ 764.469925] shmem_file_write_iter+0x111/0x140 [ 764.469951] vfs_write+0xbe9/0x1150 [ 764.469973] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 764.469997] ? __fget_files+0x34/0x3b0 [ 764.470020] ? __pfx_vfs_write+0x10/0x10 [ 764.470068] __x64_sys_pwrite64+0x1f1/0x260 [ 764.470092] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 764.470124] do_syscall_64+0xbf/0x420 [ 764.470151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 764.470174] RIP: 0033:0x7f9f6fba4ab7 [ 764.470192] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 764.470213] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 764.470234] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 764.470249] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 764.470262] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 764.470275] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 764.470288] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 764.470329] [ 764.489473] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 764.530118] loop4: detected capacity change from 0 to 5 21:25:24 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 764.553914] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:25:24 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{0x0, 0x0, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:24 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b", 0x79, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:24 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x600, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:24 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0xc00, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 764.684957] loop6: detected capacity change from 0 to 5 [ 764.691928] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 764.692888] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 764.698820] loop4: detected capacity change from 0 to 5 [ 764.701261] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 764.702637] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 764.722651] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:25:24 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x2b, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:24 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0}]) 21:25:24 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b", 0x79, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 764.857339] loop4: detected capacity change from 0 to 5 [ 764.863662] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 764.870452] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 764.871392] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 764.875221] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 764.897228] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 764.897973] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 764.899152] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 764.972750] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 764.974448] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 764.975954] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 765.013558] loop7: detected capacity change from 0 to 32640 21:25:33 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{0x0, 0x0, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:33 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 23) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:33 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x30, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:33 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0}]) 21:25:33 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0xa00, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:33 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0xe00, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:25:33 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829", 0x8d, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:33 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 773.865557] loop4: detected capacity change from 0 to 5 [ 773.868453] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:25:33 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829", 0x8d, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 773.896437] loop4: detected capacity change from 0 to 5 [ 773.899846] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 773.906433] loop6: detected capacity change from 0 to 5 [ 773.908519] FAULT_INJECTION: forcing a failure. [ 773.908519] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 773.912985] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 773.913442] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 773.914154] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 773.918154] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 773.920022] CPU: 1 UID: 0 PID: 7281 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 773.920040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 773.920047] Call Trace: [ 773.920056] [ 773.920060] dump_stack_lvl+0xfa/0x120 [ 773.920078] should_fail_ex+0x4d7/0x5e0 [ 773.920099] ? page_copy_sane+0xce/0x2b0 [ 773.920119] copy_folio_from_iter_atomic+0x383/0x1820 [ 773.920145] ? fault_in_readable+0x12a/0x1d0 [ 773.920163] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 773.920184] ? shmem_write_begin+0x1ab/0x3b0 [ 773.920202] ? __pfx_shmem_write_begin+0x10/0x10 [ 773.920219] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 773.920243] generic_perform_write+0x1d7/0x810 [ 773.920262] ? __pfx_generic_perform_write+0x10/0x10 [ 773.920280] ? file_update_time_flags+0x367/0x4f0 [ 773.920299] shmem_file_write_iter+0x111/0x140 [ 773.920313] vfs_write+0xbe9/0x1150 [ 773.920325] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 773.920338] ? __fget_files+0x34/0x3b0 [ 773.920351] ? __pfx_vfs_write+0x10/0x10 [ 773.920373] __x64_sys_pwrite64+0x1f1/0x260 [ 773.920385] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 773.920403] do_syscall_64+0xbf/0x420 [ 773.920417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 773.920430] RIP: 0033:0x7f9f6fba4ab7 [ 773.920439] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 773.920451] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 773.920463] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 773.920471] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 773.920478] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 773.920485] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 773.920492] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 773.920507] 21:25:33 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829", 0x8d, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 773.963556] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 773.966035] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 773.967544] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:25:33 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 773.981670] loop4: detected capacity change from 0 to 5 [ 773.984922] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 774.062047] loop6: detected capacity change from 0 to 5 [ 774.065198] loop7: detected capacity change from 0 to 32640 [ 774.081932] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 774.095771] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 774.096231] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 774.096890] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:25:43 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x80000, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:25:43 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8100000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:25:43 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x75, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:43 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0xc00, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:43 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 24) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:43 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:43 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0}]) 21:25:43 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83", 0x97, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 784.440487] loop6: detected capacity change from 0 to 5 [ 784.442914] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 784.451862] FAULT_INJECTION: forcing a failure. [ 784.451862] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 784.452984] CPU: 1 UID: 0 PID: 7316 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 784.453001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 784.453008] Call Trace: [ 784.453013] [ 784.453017] dump_stack_lvl+0xfa/0x120 [ 784.453039] should_fail_ex+0x4d7/0x5e0 [ 784.453068] should_fail_alloc_page+0xe0/0x110 [ 784.453085] prepare_alloc_pages+0x1eb/0x550 [ 784.453100] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 784.453123] __alloc_frozen_pages_noprof+0x185/0x2070 [ 784.453143] ? pte_offset_map_lock+0x190/0x330 [ 784.453159] ? find_held_lock+0x2b/0x80 [ 784.453174] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 784.453197] ? lock_is_held_type+0x9e/0x120 [ 784.453211] ? lock_is_held_type+0x9e/0x120 [ 784.453222] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 784.453248] ? policy_nodemask+0xeb/0x4e0 [ 784.453269] alloc_pages_mpol+0xed/0x340 [ 784.453288] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 784.453306] ? filemap_get_entry+0x1bb/0x3b0 [ 784.453326] ? __pfx_filemap_get_entry+0x10/0x10 [ 784.453347] folio_alloc_mpol_noprof+0x38/0x2a0 [ 784.453370] shmem_alloc_folio+0x11b/0x140 [ 784.453386] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 784.453410] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 784.453432] ? fault_in_readable+0x12a/0x1d0 [ 784.453451] shmem_write_begin+0x194/0x3b0 [ 784.453470] ? __pfx_shmem_write_begin+0x10/0x10 [ 784.453488] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 784.453514] generic_perform_write+0x391/0x810 [ 784.453535] ? __pfx_generic_perform_write+0x10/0x10 [ 784.453553] ? file_update_time_flags+0x367/0x4f0 [ 784.453574] shmem_file_write_iter+0x111/0x140 [ 784.453591] vfs_write+0xbe9/0x1150 [ 784.453606] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 784.453619] ? __fget_files+0x34/0x3b0 [ 784.453633] ? __pfx_vfs_write+0x10/0x10 [ 784.453655] __x64_sys_pwrite64+0x1f1/0x260 [ 784.453669] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 784.453687] do_syscall_64+0xbf/0x420 [ 784.453703] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 784.453716] RIP: 0033:0x7f9f6fba4ab7 [ 784.453726] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 784.453739] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 784.453751] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 784.453759] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 784.453767] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 784.453775] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 784.453782] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 784.453798] [ 784.457384] loop4: detected capacity change from 0 to 5 [ 784.466488] loop7: detected capacity change from 0 to 24 [ 784.486654] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 784.490229] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:25:44 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 784.510272] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 784.510905] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 784.511845] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 784.533693] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 784.534581] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 784.535922] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:25:44 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 25) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 784.561214] loop6: detected capacity change from 0 to 5 21:25:44 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83", 0x97, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 784.578677] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:25:44 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829", 0x8d, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 784.626719] FAULT_INJECTION: forcing a failure. [ 784.626719] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 784.627737] CPU: 1 UID: 0 PID: 7326 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 784.627753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 784.627761] Call Trace: [ 784.627765] [ 784.627770] dump_stack_lvl+0xfa/0x120 [ 784.627790] should_fail_ex+0x4d7/0x5e0 [ 784.627812] ? page_copy_sane+0xce/0x2b0 [ 784.627832] copy_folio_from_iter_atomic+0x383/0x1820 [ 784.627859] ? fault_in_readable+0x12a/0x1d0 [ 784.627878] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 784.627899] ? shmem_write_begin+0x1ab/0x3b0 [ 784.627917] ? __pfx_shmem_write_begin+0x10/0x10 [ 784.627934] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 784.627959] generic_perform_write+0x1d7/0x810 [ 784.627979] ? __pfx_generic_perform_write+0x10/0x10 [ 784.627996] ? file_update_time_flags+0x367/0x4f0 [ 784.628016] shmem_file_write_iter+0x111/0x140 [ 784.628030] vfs_write+0xbe9/0x1150 [ 784.628042] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 784.628060] ? __fget_files+0x34/0x3b0 [ 784.628073] ? __pfx_vfs_write+0x10/0x10 [ 784.628094] __x64_sys_pwrite64+0x1f1/0x260 [ 784.628107] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 784.628124] do_syscall_64+0xbf/0x420 [ 784.628139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 784.628152] RIP: 0033:0x7f9f6fba4ab7 [ 784.628162] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 784.628174] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 784.628185] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 784.628193] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 784.628201] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 784.628208] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 784.628215] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 784.628230] [ 784.694008] loop0: detected capacity change from 0 to 5 21:25:44 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001", 0x1d, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 784.708396] EXT4-fs (loop0): bad geometry: block count 128 exceeds size of device (1 blocks) [ 784.714026] loop4: detected capacity change from 0 to 5 21:25:44 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1ffffe, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:25:44 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x600, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:44 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 784.745674] loop7: detected capacity change from 0 to 32640 [ 784.759598] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 784.823949] loop6: detected capacity change from 0 to 5 [ 784.830840] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:25:44 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83", 0x97, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 784.864956] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 784.865504] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 784.866239] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:25:44 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x10000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:25:44 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001", 0x1d, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 784.882394] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 784.882854] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 784.883707] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:25:44 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 26) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:44 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0xe00, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 784.936514] FAULT_INJECTION: forcing a failure. [ 784.936514] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 784.938201] CPU: 1 UID: 0 PID: 7350 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 784.938220] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 784.938228] Call Trace: [ 784.938233] [ 784.938238] dump_stack_lvl+0xfa/0x120 [ 784.938258] should_fail_ex+0x4d7/0x5e0 [ 784.938282] ? page_copy_sane+0xce/0x2b0 [ 784.938305] copy_folio_from_iter_atomic+0x383/0x1820 [ 784.938333] ? fault_in_readable+0x12a/0x1d0 [ 784.938352] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 784.938375] ? shmem_write_begin+0x1ab/0x3b0 [ 784.938394] ? __pfx_shmem_write_begin+0x10/0x10 [ 784.938413] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 784.938441] generic_perform_write+0x1d7/0x810 [ 784.938462] ? __pfx_generic_perform_write+0x10/0x10 [ 784.938467] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 784.938481] ? file_update_time_flags+0x367/0x4f0 [ 784.938503] shmem_file_write_iter+0x111/0x140 [ 784.938529] vfs_write+0xbe9/0x1150 [ 784.938542] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 784.938556] ? __fget_files+0x34/0x3b0 [ 784.938570] ? __pfx_vfs_write+0x10/0x10 [ 784.938593] __x64_sys_pwrite64+0x1f1/0x260 [ 784.938606] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 784.938625] do_syscall_64+0xbf/0x420 [ 784.938645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 784.938659] RIP: 0033:0x7f9f6fba4ab7 [ 784.938669] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 784.938682] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 784.938694] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 784.938703] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 784.938711] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 784.938719] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 784.938726] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 784.938742] [ 784.969144] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 784.970469] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 785.000437] loop4: detected capacity change from 0 to 5 [ 785.016419] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 785.019975] loop6: detected capacity change from 0 to 5 [ 785.028479] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:25:44 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 785.102508] EXT4-fs (loop0): bad geometry: block count 128 exceeds size of device (1 blocks) [ 785.137329] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 785.137797] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 785.138546] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:25:53 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 27) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:53 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x40000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:25:53 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1fffff, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:25:53 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001", 0x1d, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:53 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39", 0x9c, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:53 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:25:53 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x80000, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:25:53 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0xa00, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 793.780768] set_capacity_and_notify: 2 callbacks suppressed [ 793.780782] loop4: detected capacity change from 0 to 5 [ 793.783414] loop6: detected capacity change from 0 to 5 [ 793.789683] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 793.790689] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 793.809540] FAULT_INJECTION: forcing a failure. [ 793.809540] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 793.817132] CPU: 0 UID: 0 PID: 7387 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 793.817170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 793.817185] Call Trace: [ 793.817194] [ 793.817204] dump_stack_lvl+0xfa/0x120 [ 793.817241] should_fail_ex+0x4d7/0x5e0 [ 793.817293] should_fail_alloc_page+0xe0/0x110 [ 793.817326] prepare_alloc_pages+0x1eb/0x550 [ 793.817356] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 793.817403] __alloc_frozen_pages_noprof+0x185/0x2070 [ 793.817445] ? pte_offset_map_lock+0x190/0x330 [ 793.817477] ? find_held_lock+0x2b/0x80 [ 793.817507] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 793.817557] ? lock_is_held_type+0x9e/0x120 [ 793.817585] ? lock_is_held_type+0x9e/0x120 [ 793.817607] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 793.817651] ? policy_nodemask+0xeb/0x4e0 [ 793.817694] alloc_pages_mpol+0xed/0x340 [ 793.817733] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 793.817770] ? filemap_get_entry+0x1bb/0x3b0 [ 793.817808] ? __pfx_filemap_get_entry+0x10/0x10 [ 793.817854] folio_alloc_mpol_noprof+0x38/0x2a0 [ 793.817901] shmem_alloc_folio+0x11b/0x140 [ 793.817933] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 793.817984] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 793.818029] ? fault_in_readable+0x12a/0x1d0 [ 793.818077] shmem_write_begin+0x194/0x3b0 [ 793.818116] ? __pfx_shmem_write_begin+0x10/0x10 [ 793.818154] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 793.818207] generic_perform_write+0x391/0x810 [ 793.818253] ? __pfx_generic_perform_write+0x10/0x10 [ 793.818291] ? file_update_time_flags+0x367/0x4f0 [ 793.818332] shmem_file_write_iter+0x111/0x140 [ 793.818363] vfs_write+0xbe9/0x1150 [ 793.818389] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 793.818419] ? __fget_files+0x34/0x3b0 [ 793.818446] ? __pfx_vfs_write+0x10/0x10 [ 793.818495] __x64_sys_pwrite64+0x1f1/0x260 [ 793.818523] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 793.818562] do_syscall_64+0xbf/0x420 [ 793.818594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 793.818639] RIP: 0033:0x7f9f6fba4ab7 [ 793.818659] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 793.818691] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 793.818716] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 793.818734] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 793.818750] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 793.818766] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 793.818781] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 793.818815] 21:25:53 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39", 0x9c, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:53 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000", 0x2c, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 793.883198] loop7: detected capacity change from 0 to 32 [ 793.887408] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 793.891050] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 793.892023] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 793.893899] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 793.895363] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 793.896244] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 793.897363] loop4: detected capacity change from 0 to 5 [ 793.897621] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 793.899037] loop6: detected capacity change from 0 to 5 [ 793.919131] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 793.919719] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:25:53 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 28) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:25:53 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000", 0x2c, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 793.985284] FAULT_INJECTION: forcing a failure. [ 793.985284] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 793.989542] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 793.990022] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 793.990136] CPU: 0 UID: 0 PID: 7403 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 793.990171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 793.990185] Call Trace: [ 793.990193] [ 793.990202] dump_stack_lvl+0xfa/0x120 [ 793.990236] should_fail_ex+0x4d7/0x5e0 [ 793.990277] ? page_copy_sane+0xce/0x2b0 [ 793.990317] copy_folio_from_iter_atomic+0x383/0x1820 [ 793.990369] ? fault_in_readable+0x12a/0x1d0 [ 793.990404] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 793.990446] ? shmem_write_begin+0x1ab/0x3b0 [ 793.990480] ? __pfx_shmem_write_begin+0x10/0x10 [ 793.990514] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 793.990562] generic_perform_write+0x1d7/0x810 [ 793.990600] ? __pfx_generic_perform_write+0x10/0x10 [ 793.990649] ? file_update_time_flags+0x367/0x4f0 [ 793.990685] shmem_file_write_iter+0x111/0x140 [ 793.990713] vfs_write+0xbe9/0x1150 [ 793.990737] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 793.990770] ? __fget_files+0x34/0x3b0 [ 793.990795] ? __pfx_vfs_write+0x10/0x10 [ 793.990838] __x64_sys_pwrite64+0x1f1/0x260 [ 793.990864] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 793.990898] do_syscall_64+0xbf/0x420 [ 793.990927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 793.990952] RIP: 0033:0x7f9f6fba4ab7 [ 793.990971] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 793.990994] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 793.991016] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 793.991032] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 793.991046] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 793.991067] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 793.991080] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 793.991110] [ 794.028159] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 794.055238] loop6: detected capacity change from 0 to 5 [ 794.058026] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 794.221938] loop7: detected capacity change from 0 to 32640 21:26:02 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 29) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:02 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b", 0x79, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:02 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:26:02 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x3ffffe00, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:26:02 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0xc00, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:02 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1ffffe, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:02 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000", 0x2c, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:02 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39", 0x9c, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 803.129341] loop4: detected capacity change from 0 to 5 [ 803.134187] loop0: detected capacity change from 0 to 5 [ 803.135994] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 803.141184] EXT4-fs (loop0): bad geometry: block count 128 exceeds size of device (1 blocks) [ 803.154821] loop6: detected capacity change from 0 to 5 [ 803.159045] FAULT_INJECTION: forcing a failure. [ 803.159045] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 803.166146] CPU: 0 UID: 0 PID: 7428 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 803.166187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 803.166203] Call Trace: [ 803.166213] [ 803.166223] dump_stack_lvl+0xfa/0x120 [ 803.166262] should_fail_ex+0x4d7/0x5e0 [ 803.166312] ? page_copy_sane+0xce/0x2b0 [ 803.166359] copy_folio_from_iter_atomic+0x383/0x1820 [ 803.166429] ? fault_in_readable+0x12a/0x1d0 [ 803.166471] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 803.166522] ? shmem_write_begin+0x1ab/0x3b0 [ 803.166564] ? __pfx_shmem_write_begin+0x10/0x10 [ 803.166605] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 803.166663] generic_perform_write+0x1d7/0x810 [ 803.166724] ? __pfx_generic_perform_write+0x10/0x10 [ 803.166765] ? file_update_time_flags+0x367/0x4f0 [ 803.166809] shmem_file_write_iter+0x111/0x140 [ 803.166843] vfs_write+0xbe9/0x1150 [ 803.166871] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 803.166903] ? __fget_files+0x34/0x3b0 [ 803.166932] ? __pfx_vfs_write+0x10/0x10 [ 803.166984] __x64_sys_pwrite64+0x1f1/0x260 [ 803.167014] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 803.167062] do_syscall_64+0xbf/0x420 [ 803.167097] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 803.167126] RIP: 0033:0x7f9f6fba4ab7 [ 803.167148] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 803.167175] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 803.167203] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 803.167222] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 803.167239] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 803.167256] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 803.167272] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 803.167307] [ 803.195840] loop0: detected capacity change from 0 to 5 21:26:02 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb3", 0x9f, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:02 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c22979", 0x51, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 803.205233] EXT4-fs (loop0): bad geometry: block count 128 exceeds size of device (1 blocks) [ 803.205237] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 803.210734] loop4: detected capacity change from 0 to 5 [ 803.214854] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:26:02 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) (fail_nth: 1) 21:26:02 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 803.268299] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 803.269190] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 803.271438] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:26:02 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb3", 0x9f, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 803.315683] loop6: detected capacity change from 0 to 5 [ 803.318653] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 803.319759] FAULT_INJECTION: forcing a failure. [ 803.319759] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 803.328085] CPU: 1 UID: 0 PID: 7445 Comm: syz-executor.0 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 803.328104] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 803.328113] Call Trace: [ 803.328118] [ 803.328123] dump_stack_lvl+0xfa/0x120 [ 803.328146] should_fail_ex+0x4d7/0x5e0 [ 803.328173] _copy_from_user+0x30/0xd0 [ 803.328201] io_submit_one+0x8e/0x1a90 [ 803.328222] ? __lock_acquire+0x451/0x2250 [ 803.328243] ? __pfx_io_submit_one+0x10/0x10 [ 803.328262] ? lock_acquire+0x15e/0x2d0 [ 803.328278] ? __might_fault+0xe0/0x190 [ 803.328293] ? find_held_lock+0x2b/0x80 [ 803.328305] ? __might_fault+0x138/0x190 [ 803.328317] ? lock_release+0xc8/0x270 [ 803.328333] ? __might_fault+0xe0/0x190 [ 803.328348] __x64_sys_io_submit+0x182/0x2e0 [ 803.328368] ? __pfx___x64_sys_io_submit+0x10/0x10 [ 803.328386] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 803.328406] ? ksys_write+0x1a3/0x240 [ 803.328420] ? __pfx_ksys_write+0x10/0x10 [ 803.328431] ? irqentry_exit+0xee/0x650 [ 803.328444] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 803.328460] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 803.328481] do_syscall_64+0xbf/0x420 [ 803.328497] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 803.328511] RIP: 0033:0x7fb32bfd9b19 [ 803.328522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 803.328535] RSP: 002b:00007fb32952e188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 803.328548] RAX: ffffffffffffffda RBX: 00007fb32c0ed020 RCX: 00007fb32bfd9b19 [ 803.328556] RDX: 00000000200003c0 RSI: 0000000000000001 RDI: 00007fb32c0c8000 [ 803.328564] RBP: 00007fb32952e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 803.328572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 803.328580] R13: 00007ffc3e0fe77f R14: 00007fb32952e300 R15: 0000000000022000 [ 803.328595] [ 803.343682] loop4: detected capacity change from 0 to 5 [ 803.348959] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:26:02 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 803.394816] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 803.395288] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 803.395967] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 803.434209] loop6: detected capacity change from 0 to 5 [ 803.450805] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 803.455947] loop7: detected capacity change from 0 to 32640 21:26:12 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) (fail_nth: 2) 21:26:12 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb3", 0x9f, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:12 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0xe00, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:12 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:12 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1fffff, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:12 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x100000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:26:12 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 30) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:12 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 812.555438] loop4: detected capacity change from 0 to 5 [ 812.565424] FAULT_INJECTION: forcing a failure. [ 812.565424] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 812.570370] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 812.577144] CPU: 0 UID: 0 PID: 7469 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 812.577181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 812.577197] Call Trace: [ 812.577205] [ 812.577216] dump_stack_lvl+0xfa/0x120 [ 812.577253] should_fail_ex+0x4d7/0x5e0 [ 812.577305] should_fail_alloc_page+0xe0/0x110 [ 812.577339] prepare_alloc_pages+0x1eb/0x550 [ 812.577369] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 812.577424] __alloc_frozen_pages_noprof+0x185/0x2070 [ 812.577466] ? pte_offset_map_lock+0x190/0x330 [ 812.577499] ? find_held_lock+0x2b/0x80 [ 812.577530] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 812.577579] ? lock_is_held_type+0x9e/0x120 [ 812.577607] ? lock_is_held_type+0x9e/0x120 [ 812.577630] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 812.577674] ? policy_nodemask+0xeb/0x4e0 [ 812.577717] alloc_pages_mpol+0xed/0x340 [ 812.577757] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 812.577794] ? filemap_get_entry+0x1bb/0x3b0 [ 812.577832] ? __pfx_filemap_get_entry+0x10/0x10 [ 812.577878] folio_alloc_mpol_noprof+0x38/0x2a0 [ 812.577925] shmem_alloc_folio+0x11b/0x140 [ 812.577958] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 812.578008] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 812.578054] ? fault_in_readable+0x12a/0x1d0 [ 812.578094] shmem_write_begin+0x194/0x3b0 [ 812.578133] ? __pfx_shmem_write_begin+0x10/0x10 [ 812.578171] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 812.578225] generic_perform_write+0x391/0x810 [ 812.578268] ? __pfx_generic_perform_write+0x10/0x10 [ 812.578306] ? file_update_time_flags+0x367/0x4f0 [ 812.578348] shmem_file_write_iter+0x111/0x140 [ 812.578379] vfs_write+0xbe9/0x1150 [ 812.578406] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 812.578435] ? __fget_files+0x34/0x3b0 [ 812.578463] ? __pfx_vfs_write+0x10/0x10 [ 812.578513] __x64_sys_pwrite64+0x1f1/0x260 [ 812.578541] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 812.578580] do_syscall_64+0xbf/0x420 [ 812.578613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 812.578640] RIP: 0033:0x7f9f6fba4ab7 [ 812.578661] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 812.578685] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 812.578711] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 812.578728] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 812.578745] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 812.578760] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 812.578775] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 812.578824] [ 812.628398] loop6: detected capacity change from 0 to 5 [ 812.643926] loop7: detected capacity change from 0 to 40 [ 812.646652] EXT4-fs (loop7): VFS: Can't find ext4 filesystem 21:26:12 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 812.655027] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:26:12 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 31) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 812.702437] FAULT_INJECTION: forcing a failure. [ 812.702437] name failslab, interval 1, probability 0, space 0, times 0 [ 812.711200] CPU: 1 UID: 0 PID: 7482 Comm: syz-executor.0 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 812.711238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 812.711252] Call Trace: [ 812.711259] [ 812.711267] dump_stack_lvl+0xfa/0x120 [ 812.711300] should_fail_ex+0x4d7/0x5e0 [ 812.711343] ? io_submit_one+0xfa/0x1a90 [ 812.711373] should_failslab+0xc2/0x120 [ 812.711399] kmem_cache_alloc_noprof+0x80/0x760 [ 812.711441] ? io_submit_one+0xfa/0x1a90 [ 812.711469] io_submit_one+0xfa/0x1a90 [ 812.711500] ? __lock_acquire+0x451/0x2250 [ 812.711535] ? __pfx_io_submit_one+0x10/0x10 [ 812.711567] ? lock_acquire+0x15e/0x2d0 [ 812.711594] ? __might_fault+0xe0/0x190 [ 812.711621] ? lock_release+0xc8/0x270 [ 812.711649] ? __might_fault+0xe0/0x190 [ 812.711675] __x64_sys_io_submit+0x182/0x2e0 [ 812.711708] ? __pfx___x64_sys_io_submit+0x10/0x10 [ 812.711738] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 812.711771] ? ksys_write+0x1a3/0x240 [ 812.711792] ? __pfx_ksys_write+0x10/0x10 [ 812.711811] ? irqentry_exit+0xee/0x650 [ 812.711831] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 812.711860] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 812.711895] do_syscall_64+0xbf/0x420 [ 812.711922] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 812.711945] RIP: 0033:0x7fb32bfd9b19 [ 812.711963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 812.711984] RSP: 002b:00007fb32952e188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 812.712005] RAX: ffffffffffffffda RBX: 00007fb32c0ed020 RCX: 00007fb32bfd9b19 [ 812.712019] RDX: 00000000200003c0 RSI: 0000000000000001 RDI: 00007fb32c0c8000 [ 812.712033] RBP: 00007fb32952e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 812.712046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 812.712058] R13: 00007ffc3e0fe77f R14: 00007fb32952e300 R15: 0000000000022000 [ 812.712086] [ 812.720126] loop4: detected capacity change from 0 to 5 [ 812.745761] FAULT_INJECTION: forcing a failure. [ 812.745761] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 812.745825] CPU: 1 UID: 0 PID: 7483 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 812.745853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 812.745865] Call Trace: [ 812.745872] [ 812.745881] dump_stack_lvl+0xfa/0x120 [ 812.745911] should_fail_ex+0x4d7/0x5e0 [ 812.745959] ? page_copy_sane+0xce/0x2b0 [ 812.745995] copy_folio_from_iter_atomic+0x383/0x1820 [ 812.746045] ? fault_in_readable+0x12a/0x1d0 [ 812.746077] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 812.746116] ? shmem_write_begin+0x1ab/0x3b0 [ 812.746149] ? __pfx_shmem_write_begin+0x10/0x10 [ 812.746181] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 812.746226] generic_perform_write+0x1d7/0x810 [ 812.746263] ? __pfx_generic_perform_write+0x10/0x10 [ 812.746295] ? file_update_time_flags+0x367/0x4f0 [ 812.746330] shmem_file_write_iter+0x111/0x140 [ 812.746356] vfs_write+0xbe9/0x1150 [ 812.746378] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 812.746402] ? __fget_files+0x34/0x3b0 [ 812.746425] ? __pfx_vfs_write+0x10/0x10 [ 812.746466] __x64_sys_pwrite64+0x1f1/0x260 [ 812.746489] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 812.746522] do_syscall_64+0xbf/0x420 [ 812.746548] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 812.746571] RIP: 0033:0x7f9f6fba4ab7 [ 812.746588] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 812.746609] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 812.746629] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 812.746644] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 812.746657] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 812.746670] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 812.746684] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 812.746712] 21:26:12 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ff", 0x37, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 812.820353] loop6: detected capacity change from 0 to 5 [ 812.832799] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:26:12 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ff", 0x37, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 812.929121] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 812.930192] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 812.933250] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:26:12 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:26:12 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) (fail_nth: 3) 21:26:12 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb3", 0x9f, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 812.993288] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 812.994318] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 812.995777] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 813.023106] loop6: detected capacity change from 0 to 5 [ 813.031096] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:26:12 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x80000, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 813.109315] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 813.110313] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 813.111758] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 813.122237] loop4: detected capacity change from 0 to 5 21:26:12 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ff", 0x37, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:12 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x200000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:26:12 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x3ffffe00, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 813.138702] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 813.177578] loop7: detected capacity change from 0 to 32640 [ 813.215865] loop6: detected capacity change from 0 to 5 [ 813.220419] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:26:20 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1ffffe, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:20 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x300000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:26:20 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) (fail_nth: 4) 21:26:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:20 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:26:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 32) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:20 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0xffff88800dc980a0, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 821.253999] loop6: detected capacity change from 0 to 5 21:26:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb3", 0x9f, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 821.261301] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:26:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 821.302125] loop6: detected capacity change from 0 to 5 [ 821.305107] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 821.323481] loop4: detected capacity change from 0 to 5 [ 821.328014] FAULT_INJECTION: forcing a failure. [ 821.328014] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 821.328972] CPU: 1 UID: 0 PID: 7538 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 821.328988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 821.328996] Call Trace: [ 821.329000] [ 821.329005] dump_stack_lvl+0xfa/0x120 [ 821.329027] should_fail_ex+0x4d7/0x5e0 [ 821.329055] ? page_copy_sane+0xce/0x2b0 [ 821.329077] copy_folio_from_iter_atomic+0x383/0x1820 [ 821.329104] ? fault_in_readable+0x12a/0x1d0 [ 821.329123] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 821.329144] ? shmem_write_begin+0x1ab/0x3b0 [ 821.329163] ? __pfx_shmem_write_begin+0x10/0x10 [ 821.329180] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 821.329205] generic_perform_write+0x1d7/0x810 [ 821.329229] ? __pfx_generic_perform_write+0x10/0x10 [ 821.329247] ? file_update_time_flags+0x367/0x4f0 [ 821.329267] shmem_file_write_iter+0x111/0x140 [ 821.329282] vfs_write+0xbe9/0x1150 [ 821.329294] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 821.329307] ? __fget_files+0x34/0x3b0 [ 821.329322] ? __pfx_vfs_write+0x10/0x10 [ 821.329343] __x64_sys_pwrite64+0x1f1/0x260 [ 821.329356] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 821.329373] do_syscall_64+0xbf/0x420 [ 821.329390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 821.329404] RIP: 0033:0x7f9f6fba4ab7 [ 821.329414] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 821.329425] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 821.329438] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 821.329446] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 821.329453] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 821.329460] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 821.329468] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 821.329483] 21:26:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 821.370488] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 821.373470] FAULT_INJECTION: forcing a failure. [ 821.373470] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 821.378129] CPU: 1 UID: 0 PID: 7544 Comm: syz-executor.0 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 821.378148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 821.378155] Call Trace: [ 821.378160] [ 821.378164] dump_stack_lvl+0xfa/0x120 [ 821.378182] should_fail_ex+0x4d7/0x5e0 [ 821.378207] _copy_to_user+0x32/0xd0 [ 821.378235] simple_read_from_buffer+0xe0/0x180 [ 821.378259] proc_fail_nth_read+0x18a/0x240 [ 821.378279] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 821.378296] ? security_file_permission+0x22/0x90 [ 821.378313] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 821.378329] vfs_read+0x1eb/0xc70 [ 821.378341] ? __pfx___mutex_lock+0x10/0x10 [ 821.378355] ? __fget_files+0x34/0x3b0 [ 821.378368] ? __pfx_vfs_read+0x10/0x10 [ 821.378380] ? lock_release+0xc8/0x270 [ 821.378400] ? __fget_files+0x20d/0x3b0 [ 821.378418] ksys_read+0x121/0x240 [ 821.378429] ? __pfx_ksys_read+0x10/0x10 [ 821.378439] ? irqentry_exit+0xee/0x650 [ 821.378451] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 821.378470] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 821.378490] do_syscall_64+0xbf/0x420 [ 821.378506] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 821.378518] RIP: 0033:0x7fb32bf8c69c [ 821.378530] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 821.378542] RSP: 002b:00007fb32952e170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 821.378553] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007fb32bf8c69c [ 821.378562] RDX: 000000000000000f RSI: 00007fb32952e1e0 RDI: 0000000000000004 [ 821.378569] RBP: 00007fb32952e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 821.378576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 821.378584] R13: 00007ffc3e0fe77f R14: 00007fb32952e300 R15: 0000000000022000 [ 821.378600] [ 821.406124] loop6: detected capacity change from 0 to 5 [ 821.419090] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:26:21 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:21 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:21 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb3", 0x9f, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:21 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 821.487829] loop4: detected capacity change from 0 to 5 [ 821.493299] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 821.515110] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 821.515568] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 821.516333] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:26:21 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 821.536263] loop6: detected capacity change from 0 to 5 [ 821.552925] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 821.588132] loop4: detected capacity change from 0 to 4 [ 821.593392] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 821.658366] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 821.658983] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 821.659956] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 821.726128] loop7: detected capacity change from 0 to 32640 21:26:29 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x5, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:26:29 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x2, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:29 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 33) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:29 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:29 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:29 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:29 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x400000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:26:29 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1fffff, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 830.407009] FAULT_INJECTION: forcing a failure. [ 830.407009] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 830.408043] CPU: 0 UID: 0 PID: 7577 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 830.408063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 830.408070] Call Trace: [ 830.408075] [ 830.408080] dump_stack_lvl+0xfa/0x120 [ 830.408100] should_fail_ex+0x4d7/0x5e0 [ 830.408127] should_fail_alloc_page+0xe0/0x110 [ 830.408142] prepare_alloc_pages+0x1eb/0x550 [ 830.408156] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 830.408177] __alloc_frozen_pages_noprof+0x185/0x2070 [ 830.408195] ? pte_offset_map_lock+0x190/0x330 [ 830.408210] ? find_held_lock+0x2b/0x80 [ 830.408224] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 830.408244] ? lock_is_held_type+0x9e/0x120 [ 830.408257] ? lock_is_held_type+0x9e/0x120 [ 830.408266] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 830.408287] ? policy_nodemask+0xeb/0x4e0 [ 830.408306] alloc_pages_mpol+0xed/0x340 [ 830.408323] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 830.408337] ? filemap_get_entry+0x1bb/0x3b0 [ 830.408356] ? __pfx_filemap_get_entry+0x10/0x10 [ 830.408375] folio_alloc_mpol_noprof+0x38/0x2a0 [ 830.408395] shmem_alloc_folio+0x11b/0x140 [ 830.408410] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 830.408434] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 830.408453] ? fault_in_readable+0x12a/0x1d0 [ 830.408472] shmem_write_begin+0x194/0x3b0 [ 830.408495] ? __pfx_shmem_write_begin+0x10/0x10 [ 830.408519] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 830.408550] generic_perform_write+0x391/0x810 [ 830.408569] ? __pfx_generic_perform_write+0x10/0x10 [ 830.408585] ? file_update_time_flags+0x367/0x4f0 [ 830.408605] shmem_file_write_iter+0x111/0x140 [ 830.408618] vfs_write+0xbe9/0x1150 [ 830.408630] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 830.408643] ? __fget_files+0x34/0x3b0 [ 830.408655] ? __pfx_vfs_write+0x10/0x10 [ 830.408677] __x64_sys_pwrite64+0x1f1/0x260 [ 830.408689] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 830.408705] do_syscall_64+0xbf/0x420 [ 830.408720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 830.408733] RIP: 0033:0x7f9f6fba4ab7 [ 830.408742] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 830.408754] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 830.408765] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 830.408772] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 830.408779] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 830.408786] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 830.408793] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 830.408807] [ 830.430295] loop7: detected capacity change from 0 to 48 [ 830.437603] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 830.452042] loop4: detected capacity change from 0 to 4 21:26:30 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 34) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 830.454747] loop6: detected capacity change from 0 to 5 [ 830.468133] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 830.469611] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 830.480636] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 830.481554] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 830.483157] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 830.497558] FAULT_INJECTION: forcing a failure. [ 830.497558] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 830.509120] CPU: 1 UID: 0 PID: 7589 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 830.509163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 830.509181] Call Trace: [ 830.509196] [ 830.509211] dump_stack_lvl+0xfa/0x120 [ 830.509254] should_fail_ex+0x4d7/0x5e0 [ 830.509305] ? page_copy_sane+0xce/0x2b0 [ 830.509353] copy_folio_from_iter_atomic+0x383/0x1820 [ 830.509412] ? fault_in_readable+0x12a/0x1d0 [ 830.509446] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 830.509486] ? shmem_write_begin+0x1ab/0x3b0 [ 830.509519] ? __pfx_shmem_write_begin+0x10/0x10 [ 830.509552] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 830.509598] generic_perform_write+0x1d7/0x810 [ 830.509637] ? __pfx_generic_perform_write+0x10/0x10 [ 830.509661] ? __mark_inode_dirty+0x820/0x1460 [ 830.509696] ? mnt_put_write_access_file+0xb7/0xe0 [ 830.509721] ? file_update_time_flags+0x367/0x4f0 [ 830.509757] shmem_file_write_iter+0x111/0x140 [ 830.509783] vfs_write+0xbe9/0x1150 [ 830.509806] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 830.509831] ? __fget_files+0x34/0x3b0 [ 830.509855] ? __pfx_vfs_write+0x10/0x10 [ 830.509896] __x64_sys_pwrite64+0x1f1/0x260 [ 830.509920] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 830.509953] do_syscall_64+0xbf/0x420 [ 830.509981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 830.510006] RIP: 0033:0x7f9f6fba4ab7 [ 830.510024] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 830.510046] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 830.510068] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 830.510082] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 830.510096] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 830.510110] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 830.510123] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 830.510152] 21:26:30 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 830.569309] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 830.569781] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 830.570637] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:26:30 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x3ffffe00, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 830.643621] loop6: detected capacity change from 0 to 5 [ 830.653283] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 830.676245] loop4: detected capacity change from 0 to 4 21:26:30 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 830.694411] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:26:30 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:30 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x810000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:26:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:30 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x6, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 830.797598] loop4: detected capacity change from 0 to 5 [ 830.802519] loop6: detected capacity change from 0 to 5 [ 830.806084] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 21:26:30 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x3, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 830.874848] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 830.875819] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 830.877309] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 830.892763] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 830.893709] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 830.895121] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 830.906750] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 830.907780] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 830.909262] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 830.921560] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 830.922157] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 830.922875] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 830.923594] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 830.924072] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 830.924788] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 830.928300] loop7: detected capacity change from 0 to 32640 21:26:39 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x7ffffff2, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:39 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:39 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:39 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 35) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:39 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1000000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:26:39 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x5, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:39 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:26:39 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 840.133360] loop6: detected capacity change from 0 to 5 [ 840.154217] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 840.155280] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 840.158608] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:26:39 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 840.180595] loop4: detected capacity change from 0 to 5 [ 840.182554] FAULT_INJECTION: forcing a failure. [ 840.182554] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 840.188488] CPU: 1 UID: 0 PID: 7648 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 840.188508] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 840.188516] Call Trace: [ 840.188521] [ 840.188526] dump_stack_lvl+0xfa/0x120 [ 840.188548] should_fail_ex+0x4d7/0x5e0 [ 840.188572] ? page_copy_sane+0xce/0x2b0 [ 840.188594] copy_folio_from_iter_atomic+0x383/0x1820 [ 840.188623] ? fault_in_readable+0x12a/0x1d0 [ 840.188643] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 840.188666] ? shmem_write_begin+0x1ab/0x3b0 [ 840.188685] ? __pfx_shmem_write_begin+0x10/0x10 [ 840.188703] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 840.188730] generic_perform_write+0x1d7/0x810 [ 840.188753] ? __pfx_generic_perform_write+0x10/0x10 [ 840.188771] ? file_update_time_flags+0x367/0x4f0 [ 840.188792] shmem_file_write_iter+0x111/0x140 [ 840.188807] vfs_write+0xbe9/0x1150 [ 840.188820] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 840.188835] ? __fget_files+0x34/0x3b0 [ 840.188848] ? __pfx_vfs_write+0x10/0x10 [ 840.188871] __x64_sys_pwrite64+0x1f1/0x260 [ 840.188885] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 840.188903] do_syscall_64+0xbf/0x420 [ 840.188920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 840.188934] RIP: 0033:0x7f9f6fba4ab7 [ 840.188945] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 840.188957] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 840.188970] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 840.188979] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 840.188987] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 840.188994] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 840.189002] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 840.189018] [ 840.211074] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 21:26:39 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(0x0, 0x0) 21:26:39 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 840.334264] loop4: detected capacity change from 0 to 5 [ 840.352589] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 840.379950] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 840.380859] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 840.382000] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:26:39 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:26:39 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 840.511294] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 840.512206] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 840.513563] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 840.529212] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 840.530098] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 840.531395] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 840.566262] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 840.567164] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 840.568508] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 840.618566] loop7: detected capacity change from 0 to 32640 [ 840.621762] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 840.622634] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 840.624491] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 840.676665] loop6: detected capacity change from 0 to 32640 [ 840.689245] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:26:49 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x6, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:49 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(0x0, 0x0) 21:26:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{0x0, 0x0, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:49 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 36) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:49 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x7ffffff9, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:49 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:26:49 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:49 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xa, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 849.746521] FAULT_INJECTION: forcing a failure. [ 849.746521] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 849.747544] CPU: 1 UID: 0 PID: 7679 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 849.747561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 849.747569] Call Trace: [ 849.747574] [ 849.747578] dump_stack_lvl+0xfa/0x120 [ 849.747599] should_fail_ex+0x4d7/0x5e0 [ 849.747626] should_fail_alloc_page+0xe0/0x110 [ 849.747643] prepare_alloc_pages+0x1eb/0x550 [ 849.747658] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 849.747681] __alloc_frozen_pages_noprof+0x185/0x2070 [ 849.747701] ? pte_offset_map_lock+0x190/0x330 [ 849.747717] ? find_held_lock+0x2b/0x80 [ 849.747732] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 849.747762] ? lock_is_held_type+0x9e/0x120 [ 849.747776] ? lock_is_held_type+0x9e/0x120 [ 849.747791] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 849.747814] ? policy_nodemask+0xeb/0x4e0 [ 849.747836] alloc_pages_mpol+0xed/0x340 [ 849.747855] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 849.747872] ? filemap_get_entry+0x1bb/0x3b0 [ 849.747892] ? __pfx_filemap_get_entry+0x10/0x10 [ 849.747919] folio_alloc_mpol_noprof+0x38/0x2a0 [ 849.747942] shmem_alloc_folio+0x11b/0x140 [ 849.747958] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 849.747982] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 849.748004] ? fault_in_readable+0x12a/0x1d0 [ 849.748023] shmem_write_begin+0x194/0x3b0 [ 849.748041] ? __pfx_shmem_write_begin+0x10/0x10 [ 849.748064] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 849.748089] generic_perform_write+0x391/0x810 [ 849.748110] ? __pfx_generic_perform_write+0x10/0x10 [ 849.748128] ? file_update_time_flags+0x367/0x4f0 [ 849.748148] shmem_file_write_iter+0x111/0x140 [ 849.748163] vfs_write+0xbe9/0x1150 [ 849.748176] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 849.748190] ? __fget_files+0x34/0x3b0 [ 849.748203] ? __pfx_vfs_write+0x10/0x10 [ 849.748226] __x64_sys_pwrite64+0x1f1/0x260 [ 849.748239] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 849.748257] do_syscall_64+0xbf/0x420 [ 849.748274] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 849.748287] RIP: 0033:0x7f9f6fba4ab7 [ 849.748297] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 849.748310] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 849.748323] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 849.748331] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 849.748339] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 849.748347] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 849.748354] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 849.748370] [ 849.793411] loop7: detected capacity change from 0 to 56 [ 849.804728] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 849.806395] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 849.807503] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 849.808917] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 849.820541] loop4: detected capacity change from 0 to 5 [ 849.830767] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 849.831282] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 849.832005] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 849.834023] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 21:26:49 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 37) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 849.843981] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 849.844891] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 849.845627] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 849.865067] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 849.865519] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 849.866439] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 849.866687] FAULT_INJECTION: forcing a failure. [ 849.866687] name fail_usercopy, interval 1, probability 0, space 0, times 0 21:26:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{0x0, 0x0, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 849.885298] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 849.887602] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 849.889043] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 849.890461] CPU: 0 UID: 0 PID: 7696 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 849.890495] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 849.890509] Call Trace: [ 849.890517] [ 849.890525] dump_stack_lvl+0xfa/0x120 [ 849.890559] should_fail_ex+0x4d7/0x5e0 [ 849.890600] ? page_copy_sane+0xce/0x2b0 [ 849.890639] copy_folio_from_iter_atomic+0x383/0x1820 [ 849.890691] ? fault_in_readable+0x12a/0x1d0 [ 849.890725] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 849.890767] ? shmem_write_begin+0x1ab/0x3b0 [ 849.890801] ? __pfx_shmem_write_begin+0x10/0x10 [ 849.890835] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 849.890883] generic_perform_write+0x1d7/0x810 [ 849.890921] ? __pfx_generic_perform_write+0x10/0x10 [ 849.890957] ? file_update_time_flags+0x367/0x4f0 [ 849.890994] shmem_file_write_iter+0x111/0x140 [ 849.891021] vfs_write+0xbe9/0x1150 [ 849.891045] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 849.891079] ? __fget_files+0x34/0x3b0 [ 849.891104] ? __pfx_vfs_write+0x10/0x10 [ 849.891147] __x64_sys_pwrite64+0x1f1/0x260 [ 849.891172] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 849.891219] do_syscall_64+0xbf/0x420 [ 849.891248] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 849.891273] RIP: 0033:0x7f9f6fba4ab7 [ 849.891292] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 849.891314] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 849.891338] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 849.891353] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 849.891367] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 849.891381] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 849.891395] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 849.891424] [ 849.952307] loop4: detected capacity change from 0 to 5 [ 849.994097] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 21:26:49 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:49 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{0x0, 0x0, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:49 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x2, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:26:49 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:26:49 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0xffff88800dc98360, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 850.185670] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 850.186202] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 850.186924] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 850.191181] loop4: detected capacity change from 0 to 5 [ 850.198124] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 850.202513] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 850.203499] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 850.204981] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:26:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 850.261972] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 850.263634] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 850.264724] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 850.279111] loop7: detected capacity change from 0 to 32640 [ 850.316590] loop4: detected capacity change from 0 to 5 [ 850.324917] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 850.403890] loop6: detected capacity change from 0 to 32640 [ 850.418465] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:26:59 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(0x0, 0x0) 21:26:59 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x3, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:26:59 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 38) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:59 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xe, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:26:59 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:59 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xa, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:59 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:26:59 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 860.091423] loop4: detected capacity change from 0 to 5 [ 860.105993] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 860.127630] FAULT_INJECTION: forcing a failure. [ 860.127630] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 860.132877] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 860.133745] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 860.135333] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 860.145126] CPU: 1 UID: 0 PID: 7751 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 860.145158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 860.145171] Call Trace: [ 860.145179] [ 860.145188] dump_stack_lvl+0xfa/0x120 [ 860.145220] should_fail_ex+0x4d7/0x5e0 [ 860.145260] ? page_copy_sane+0xce/0x2b0 [ 860.145297] copy_folio_from_iter_atomic+0x383/0x1820 [ 860.145346] ? fault_in_readable+0x12a/0x1d0 [ 860.145379] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 860.145418] ? shmem_write_begin+0x1ab/0x3b0 [ 860.145450] ? __pfx_shmem_write_begin+0x10/0x10 [ 860.145481] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 860.145528] generic_perform_write+0x1d7/0x810 [ 860.145566] ? __pfx_generic_perform_write+0x10/0x10 [ 860.145597] ? file_update_time_flags+0x367/0x4f0 [ 860.145639] shmem_file_write_iter+0x111/0x140 [ 860.145665] vfs_write+0xbe9/0x1150 [ 860.145688] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 860.145712] ? __fget_files+0x34/0x3b0 [ 860.145735] ? __pfx_vfs_write+0x10/0x10 [ 860.145775] __x64_sys_pwrite64+0x1f1/0x260 [ 860.145799] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 860.145831] do_syscall_64+0xbf/0x420 [ 860.145858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 860.145882] RIP: 0033:0x7f9f6fba4ab7 [ 860.145899] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 860.145920] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 860.145941] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 860.145956] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 860.145969] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 860.145982] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 860.145995] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 860.146023] 21:26:59 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 860.223032] loop4: detected capacity change from 0 to 5 [ 860.235621] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 860.267018] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 860.268578] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 860.270090] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:26:59 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x300, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 860.309760] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 860.310688] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 860.312218] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:26:59 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001", 0x1d, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 860.327252] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 860.328783] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 860.330141] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:26:59 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:26:59 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:26:59 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:27:00 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 860.453164] loop4: detected capacity change from 0 to 5 [ 860.459087] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 21:27:00 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001", 0x1d, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 860.528481] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 860.530296] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 860.531634] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 860.550756] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 860.551642] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 860.552948] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 860.573767] loop7: detected capacity change from 0 to 32640 [ 860.593767] loop4: detected capacity change from 0 to 5 [ 860.606341] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 860.608544] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 860.609853] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 860.618179] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 860.714198] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 860.715203] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 860.717200] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 860.770693] loop6: detected capacity change from 0 to 32640 [ 860.774724] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:27:08 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001", 0x1d, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:08 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:08 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 39) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:08 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf5, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:27:08 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x8, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:27:08 executing program 6: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:08 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xe, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:08 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x810, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 868.881857] loop4: detected capacity change from 0 to 5 [ 868.888508] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 868.915843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 868.916342] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 868.917030] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:27:08 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000", 0x2c, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 868.929135] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 868.930140] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 868.932002] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 868.936886] FAULT_INJECTION: forcing a failure. [ 868.936886] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 868.937861] CPU: 1 UID: 0 PID: 7809 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 868.937881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 868.937889] Call Trace: [ 868.937894] [ 868.937898] dump_stack_lvl+0xfa/0x120 [ 868.937920] should_fail_ex+0x4d7/0x5e0 [ 868.937948] should_fail_alloc_page+0xe0/0x110 [ 868.937966] prepare_alloc_pages+0x1eb/0x550 [ 868.937982] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 868.938006] __alloc_frozen_pages_noprof+0x185/0x2070 [ 868.938027] ? pte_offset_map_lock+0x190/0x330 [ 868.938043] ? find_held_lock+0x2b/0x80 [ 868.938061] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 868.938085] ? lock_is_held_type+0x9e/0x120 [ 868.938099] ? lock_is_held_type+0x9e/0x120 [ 868.938110] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 868.938132] ? policy_nodemask+0xeb/0x4e0 [ 868.938154] alloc_pages_mpol+0xed/0x340 [ 868.938173] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 868.938190] ? filemap_get_entry+0x1bb/0x3b0 [ 868.938210] ? __pfx_filemap_get_entry+0x10/0x10 [ 868.938232] folio_alloc_mpol_noprof+0x38/0x2a0 [ 868.938255] shmem_alloc_folio+0x11b/0x140 [ 868.938271] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 868.938296] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 868.938317] ? fault_in_readable+0x12a/0x1d0 [ 868.938337] shmem_write_begin+0x194/0x3b0 [ 868.938356] ? __pfx_shmem_write_begin+0x10/0x10 [ 868.938374] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 868.938400] generic_perform_write+0x391/0x810 [ 868.938420] ? __pfx_generic_perform_write+0x10/0x10 [ 868.938438] ? file_update_time_flags+0x367/0x4f0 [ 868.938459] shmem_file_write_iter+0x111/0x140 [ 868.938474] vfs_write+0xbe9/0x1150 [ 868.938487] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 868.938501] ? __fget_files+0x34/0x3b0 [ 868.938516] ? __pfx_vfs_write+0x10/0x10 [ 868.938538] __x64_sys_pwrite64+0x1f1/0x260 [ 868.938552] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 868.938570] do_syscall_64+0xbf/0x420 [ 868.938586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 868.938600] RIP: 0033:0x7f9f6fba4ab7 [ 868.938610] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 868.938623] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 868.938635] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 868.938644] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 868.938652] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 868.938659] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 868.938667] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 868.938682] [ 868.966434] loop7: detected capacity change from 0 to 64 [ 868.970521] loop4: detected capacity change from 0 to 5 [ 868.975480] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 868.982997] EXT4-fs (loop7): VFS: Can't find ext4 filesystem 21:27:08 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000", 0x2c, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:08 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 40) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 869.025447] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 869.026433] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 869.027850] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 869.054492] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 869.056694] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 869.058528] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 869.067623] FAULT_INJECTION: forcing a failure. [ 869.067623] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 869.070668] CPU: 1 UID: 0 PID: 7821 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 869.070716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 869.070733] Call Trace: [ 869.070742] [ 869.070754] dump_stack_lvl+0xfa/0x120 [ 869.070788] should_fail_ex+0x4d7/0x5e0 [ 869.070838] ? page_copy_sane+0xce/0x2b0 [ 869.070883] copy_folio_from_iter_atomic+0x383/0x1820 [ 869.070932] ? fault_in_readable+0x12a/0x1d0 [ 869.070965] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 869.071005] ? shmem_write_begin+0x1ab/0x3b0 [ 869.071038] ? __pfx_shmem_write_begin+0x10/0x10 [ 869.071070] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 869.071115] generic_perform_write+0x1d7/0x810 [ 869.071153] ? __pfx_generic_perform_write+0x10/0x10 [ 869.071185] ? file_update_time_flags+0x367/0x4f0 [ 869.071220] shmem_file_write_iter+0x111/0x140 [ 869.071247] vfs_write+0xbe9/0x1150 [ 869.071269] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 869.071293] ? __fget_files+0x34/0x3b0 [ 869.071317] ? __pfx_vfs_write+0x10/0x10 [ 869.071357] __x64_sys_pwrite64+0x1f1/0x260 [ 869.071381] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 869.071426] do_syscall_64+0xbf/0x420 [ 869.071454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 869.071477] RIP: 0033:0x7f9f6fba4ab7 [ 869.071495] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 869.071517] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 869.071538] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 869.071553] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 869.071566] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 869.071580] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 869.071593] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 869.071621] [ 869.103789] loop4: detected capacity change from 0 to 5 [ 869.106695] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 869.107905] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 869.109656] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:27:08 executing program 6: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 869.136469] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 21:27:08 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x10, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:27:08 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x5, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:08 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000", 0x2c, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:08 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:08 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x300, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 869.305342] loop4: detected capacity change from 0 to 5 21:27:08 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1008, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:08 executing program 6: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 869.325551] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 869.334012] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 869.334995] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 869.336727] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 869.366789] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 869.367676] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 869.372645] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 869.374004] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 869.374844] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 869.376312] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:27:08 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 869.434006] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 869.435370] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 869.438586] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 869.482413] loop4: detected capacity change from 0 to 5 [ 869.491885] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 869.509302] loop7: detected capacity change from 0 to 32640 21:27:19 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 41) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:19 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:19 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x6, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:19 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x500, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:27:19 executing program 6: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x300, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:27:19 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x300, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 880.165151] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 880.165985] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 880.167294] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 880.168587] loop4: detected capacity change from 0 to 5 [ 880.174652] FAULT_INJECTION: forcing a failure. [ 880.174652] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 880.179929] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 880.182026] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 880.182928] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 880.183145] CPU: 0 UID: 0 PID: 7876 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 880.183180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 880.183194] Call Trace: [ 880.183202] [ 880.183211] dump_stack_lvl+0xfa/0x120 [ 880.183245] should_fail_ex+0x4d7/0x5e0 [ 880.183288] ? page_copy_sane+0xce/0x2b0 [ 880.183328] copy_folio_from_iter_atomic+0x383/0x1820 [ 880.183380] ? fault_in_readable+0x12a/0x1d0 [ 880.183416] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 880.183459] ? shmem_write_begin+0x1ab/0x3b0 [ 880.183494] ? __pfx_shmem_write_begin+0x10/0x10 [ 880.183540] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 880.183590] generic_perform_write+0x1d7/0x810 [ 880.183629] ? __pfx_generic_perform_write+0x10/0x10 [ 880.183663] ? file_update_time_flags+0x367/0x4f0 [ 880.183700] shmem_file_write_iter+0x111/0x140 [ 880.183728] vfs_write+0xbe9/0x1150 [ 880.183752] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 880.183778] ? __fget_files+0x34/0x3b0 [ 880.183803] ? __pfx_vfs_write+0x10/0x10 [ 880.183845] __x64_sys_pwrite64+0x1f1/0x260 [ 880.183871] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 880.183905] do_syscall_64+0xbf/0x420 [ 880.183934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 880.183959] RIP: 0033:0x7f9f6fba4ab7 [ 880.183978] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 880.184000] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 880.184023] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 880.184041] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 880.184064] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 880.184078] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 880.184092] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 880.184121] [ 880.212800] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:27:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 880.274145] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 880.274987] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 880.276367] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 880.291012] loop4: detected capacity change from 0 to 5 [ 880.311283] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 880.341180] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 880.342231] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 880.345124] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:27:19 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 880.420412] loop7: detected capacity change from 0 to 32640 [ 880.454915] loop6: detected capacity change from 0 to 5 [ 880.484142] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:27:30 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 42) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:30 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x600, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:27:30 executing program 6: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1fffff, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ff", 0x37, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:30 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x7, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:30 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x80000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:30 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x810, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:27:30 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf5, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 891.404600] FAULT_INJECTION: forcing a failure. [ 891.404600] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 891.407009] CPU: 1 UID: 0 PID: 7901 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 891.407030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 891.407039] Call Trace: [ 891.407044] [ 891.407055] dump_stack_lvl+0xfa/0x120 [ 891.407078] should_fail_ex+0x4d7/0x5e0 [ 891.407107] should_fail_alloc_page+0xe0/0x110 [ 891.407127] prepare_alloc_pages+0x1eb/0x550 [ 891.407143] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 891.407170] __alloc_frozen_pages_noprof+0x185/0x2070 [ 891.407193] ? pte_offset_map_lock+0x190/0x330 [ 891.407211] ? find_held_lock+0x2b/0x80 [ 891.407228] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 891.407254] ? lock_is_held_type+0x9e/0x120 [ 891.407270] ? lock_is_held_type+0x9e/0x120 [ 891.407283] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 891.407308] ? policy_nodemask+0xeb/0x4e0 [ 891.407332] alloc_pages_mpol+0xed/0x340 [ 891.407354] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 891.407374] ? filemap_get_entry+0x1bb/0x3b0 [ 891.407396] ? __pfx_filemap_get_entry+0x10/0x10 [ 891.407421] folio_alloc_mpol_noprof+0x38/0x2a0 [ 891.407447] shmem_alloc_folio+0x11b/0x140 [ 891.407466] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 891.407493] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 891.407518] ? fault_in_readable+0x12a/0x1d0 [ 891.407541] shmem_write_begin+0x194/0x3b0 [ 891.407562] ? __pfx_shmem_write_begin+0x10/0x10 [ 891.407583] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 891.407612] generic_perform_write+0x391/0x810 [ 891.407645] ? __pfx_generic_perform_write+0x10/0x10 [ 891.407666] ? file_update_time_flags+0x367/0x4f0 [ 891.407690] shmem_file_write_iter+0x111/0x140 [ 891.407707] vfs_write+0xbe9/0x1150 [ 891.407722] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 891.407738] ? __fget_files+0x34/0x3b0 [ 891.407753] ? __pfx_vfs_write+0x10/0x10 [ 891.407780] __x64_sys_pwrite64+0x1f1/0x260 [ 891.407796] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 891.407817] do_syscall_64+0xbf/0x420 [ 891.407836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 891.407851] RIP: 0033:0x7f9f6fba4ab7 [ 891.407863] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 891.407878] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 891.407893] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 891.407903] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 891.407912] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 891.407921] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 891.407930] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 891.407948] [ 891.449384] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 891.449904] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 891.450752] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 891.453739] loop7: detected capacity change from 0 to 72 [ 891.458888] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 891.466186] loop4: detected capacity change from 0 to 5 [ 891.471737] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 21:27:31 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 43) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:31 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ff", 0x37, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:31 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 891.538707] loop4: detected capacity change from 0 to 5 [ 891.545657] loop6: detected capacity change from 0 to 5 [ 891.547806] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 891.549483] FAULT_INJECTION: forcing a failure. [ 891.549483] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 891.554888] CPU: 0 UID: 0 PID: 7925 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 891.554920] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 891.554934] Call Trace: [ 891.554943] [ 891.554951] dump_stack_lvl+0xfa/0x120 [ 891.554989] should_fail_ex+0x4d7/0x5e0 [ 891.555029] ? page_copy_sane+0xce/0x2b0 [ 891.555073] copy_folio_from_iter_atomic+0x383/0x1820 [ 891.555122] ? fault_in_readable+0x12a/0x1d0 [ 891.555155] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 891.555193] ? shmem_write_begin+0x1ab/0x3b0 [ 891.555226] ? __pfx_shmem_write_begin+0x10/0x10 [ 891.555257] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 891.555303] generic_perform_write+0x1d7/0x810 [ 891.555341] ? __pfx_generic_perform_write+0x10/0x10 [ 891.555374] ? file_update_time_flags+0x367/0x4f0 [ 891.555410] shmem_file_write_iter+0x111/0x140 [ 891.555438] vfs_write+0xbe9/0x1150 [ 891.555461] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 891.555487] ? __fget_files+0x34/0x3b0 [ 891.555511] ? __pfx_vfs_write+0x10/0x10 [ 891.555554] __x64_sys_pwrite64+0x1f1/0x260 [ 891.555579] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 891.555613] do_syscall_64+0xbf/0x420 [ 891.555661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 891.555686] RIP: 0033:0x7f9f6fba4ab7 [ 891.555704] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 891.555727] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 891.555750] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 891.555766] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 891.555780] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 891.555794] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 891.555808] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 891.555838] [ 891.556141] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 891.585456] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 891.587610] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 891.595956] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 891.610184] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 891.610674] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 21:27:31 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ff", 0x37, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 891.613523] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:27:31 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb3", 0x9f, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 891.704082] loop6: detected capacity change from 0 to 5 21:27:31 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x810, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 891.728212] loop4: detected capacity change from 0 to 5 [ 891.729168] EXT4-fs (loop6): bad geometry: block count 128 exceeds size of device (1 blocks) 21:27:31 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 891.788105] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 21:27:31 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x300, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:31 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 1) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:31 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:31 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:31 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x1008, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 891.930862] FAULT_INJECTION: forcing a failure. [ 891.930862] name failslab, interval 1, probability 0, space 0, times 0 [ 891.932565] CPU: 1 UID: 0 PID: 7945 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 891.932596] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 891.932610] Call Trace: [ 891.932618] [ 891.932627] dump_stack_lvl+0xfa/0x120 [ 891.932662] should_fail_ex+0x4d7/0x5e0 [ 891.932712] ? __do_sys_memfd_create+0x1e5/0xab0 [ 891.932750] should_failslab+0xc2/0x120 [ 891.932778] __kmalloc_cache_noprof+0x80/0x780 [ 891.932827] ? __do_sys_memfd_create+0x1e5/0xab0 [ 891.932866] __do_sys_memfd_create+0x1e5/0xab0 [ 891.932906] ? ksys_write+0x1a3/0x240 [ 891.932928] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 891.932962] ? irqentry_exit+0xee/0x650 [ 891.932982] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 891.933012] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 891.933057] do_syscall_64+0xbf/0x420 [ 891.933085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 891.933108] RIP: 0033:0x7f32b3573b19 [ 891.933126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 891.933148] RSP: 002b:00007f32b0ae8f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 891.933171] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f32b3573b19 [ 891.933185] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f32b35cd0fb [ 891.933200] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 891.933213] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 891.933226] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 891.933254] [ 891.971905] loop4: detected capacity change from 0 to 5 21:27:31 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xa00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 891.984284] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 891.989626] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 891.990610] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 891.992021] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:27:31 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:31 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 2) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 892.074945] loop4: detected capacity change from 0 to 5 [ 892.087763] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 892.100948] loop7: detected capacity change from 0 to 32640 [ 892.114167] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 892.114608] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 892.117254] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 892.119985] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 892.120486] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 892.121980] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 892.123139] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 892.123574] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 892.124373] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 892.145274] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 892.146544] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 892.147982] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 892.180166] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 892.180623] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 892.181406] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 892.189815] loop6: detected capacity change from 0 to 32640 21:27:41 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 44) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:41 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:41 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 3) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:41 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:27:41 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x500, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:41 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:41 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x4000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:27:41 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xa, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 901.761569] FAULT_INJECTION: forcing a failure. [ 901.761569] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 901.763248] CPU: 1 UID: 0 PID: 7974 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 901.763276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 901.763288] Call Trace: [ 901.763295] [ 901.763302] dump_stack_lvl+0xfa/0x120 [ 901.763329] should_fail_ex+0x4d7/0x5e0 [ 901.763369] strncpy_from_user+0x3b/0x2f0 [ 901.763400] __do_sys_memfd_create+0x21d/0xab0 [ 901.763434] ? ksys_write+0x1a3/0x240 [ 901.763453] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 901.763484] ? irqentry_exit+0xee/0x650 [ 901.763502] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 901.763528] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 901.763562] do_syscall_64+0xbf/0x420 [ 901.763586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.763607] RIP: 0033:0x7f32b3573b19 [ 901.763624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 901.763643] RSP: 002b:00007f32b0ae8f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 901.763662] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f32b3573b19 [ 901.763675] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f32b35cd0fb [ 901.763687] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 901.763699] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 901.763711] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 901.763735] 21:27:41 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 4) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 901.812529] loop4: detected capacity change from 0 to 5 [ 901.819137] FAULT_INJECTION: forcing a failure. [ 901.819137] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 901.823530] CPU: 0 UID: 0 PID: 7982 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 901.823562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 901.823575] Call Trace: [ 901.823583] [ 901.823591] dump_stack_lvl+0xfa/0x120 [ 901.823623] should_fail_ex+0x4d7/0x5e0 [ 901.823670] ? page_copy_sane+0xce/0x2b0 [ 901.823706] copy_folio_from_iter_atomic+0x383/0x1820 [ 901.823766] ? fault_in_readable+0x12a/0x1d0 [ 901.823799] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 901.823838] ? shmem_write_begin+0x1ab/0x3b0 [ 901.823871] ? __pfx_shmem_write_begin+0x10/0x10 [ 901.823903] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 901.823948] generic_perform_write+0x1d7/0x810 [ 901.823985] ? __pfx_generic_perform_write+0x10/0x10 [ 901.824016] ? file_update_time_flags+0x367/0x4f0 [ 901.824051] shmem_file_write_iter+0x111/0x140 [ 901.824078] vfs_write+0xbe9/0x1150 [ 901.824101] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 901.824126] ? __fget_files+0x34/0x3b0 [ 901.824149] ? __pfx_vfs_write+0x10/0x10 [ 901.824190] __x64_sys_pwrite64+0x1f1/0x260 [ 901.824214] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 901.824247] do_syscall_64+0xbf/0x420 [ 901.824274] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.824298] RIP: 0033:0x7f9f6fba4ab7 [ 901.824315] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 901.824338] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 901.824360] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 901.824375] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 901.824389] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 901.824402] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 901.824416] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 901.824444] [ 901.828109] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 901.868331] FAULT_INJECTION: forcing a failure. [ 901.868331] name failslab, interval 1, probability 0, space 0, times 0 [ 901.869652] CPU: 1 UID: 0 PID: 7989 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 901.869677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 901.869688] Call Trace: [ 901.869694] [ 901.869701] dump_stack_lvl+0xfa/0x120 [ 901.869728] should_fail_ex+0x4d7/0x5e0 [ 901.869763] ? shmem_alloc_inode+0x27/0x50 [ 901.869781] should_failslab+0xc2/0x120 [ 901.869802] kmem_cache_alloc_lru_noprof+0x84/0x770 [ 901.869837] ? shmem_alloc_inode+0x27/0x50 [ 901.869854] shmem_alloc_inode+0x27/0x50 [ 901.869870] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 901.869887] alloc_inode+0x67/0x250 [ 901.869916] new_inode+0x1e/0x160 [ 901.869944] __shmem_get_inode+0x17c/0xe80 [ 901.869968] __shmem_file_setup+0x108/0x370 [ 901.869993] __do_sys_memfd_create+0x2ce/0xab0 [ 901.870022] ? ksys_write+0x1a3/0x240 [ 901.870040] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 901.870072] ? irqentry_exit+0xee/0x650 [ 901.870088] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 901.870112] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 901.870141] do_syscall_64+0xbf/0x420 [ 901.870162] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.870181] RIP: 0033:0x7f32b3573b19 [ 901.870195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 901.870212] RSP: 002b:00007f32b0ae8f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 901.870229] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f32b3573b19 [ 901.870241] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f32b35cd0fb [ 901.870252] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 901.870263] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 901.870273] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 901.870294] 21:27:41 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:41 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 5) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 901.994651] loop4: detected capacity change from 0 to 5 [ 901.997052] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 902.043632] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 902.044245] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 902.045119] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:27:41 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:41 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xe00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:27:41 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x80000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 902.146445] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 902.147313] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 902.148802] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 902.148949] loop4: detected capacity change from 0 to 5 21:27:41 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x600, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:41 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 902.179306] loop7: detected capacity change from 0 to 32640 [ 902.188492] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 902.258836] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 902.260175] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 902.261016] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 902.281603] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 902.282638] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 902.284169] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 902.299193] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 902.299642] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 902.301571] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 902.302355] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 902.302813] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 902.303544] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 902.333393] loop6: detected capacity change from 0 to 32640 21:27:51 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x1000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:27:51 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:51 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 6) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:51 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 45) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:51 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1008, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:27:51 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x810, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:27:51 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:51 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 911.935237] loop4: detected capacity change from 0 to 5 [ 911.954899] FAULT_INJECTION: forcing a failure. [ 911.954899] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 911.957255] CPU: 0 UID: 0 PID: 8041 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 911.957288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 911.957302] Call Trace: [ 911.957309] [ 911.957318] dump_stack_lvl+0xfa/0x120 [ 911.957353] should_fail_ex+0x4d7/0x5e0 [ 911.957400] should_fail_alloc_page+0xe0/0x110 [ 911.957430] prepare_alloc_pages+0x1eb/0x550 [ 911.957458] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 911.957501] __alloc_frozen_pages_noprof+0x185/0x2070 [ 911.957538] ? pte_offset_map_lock+0x190/0x330 [ 911.957568] ? find_held_lock+0x2b/0x80 [ 911.957595] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 911.957639] ? lock_is_held_type+0x9e/0x120 [ 911.957664] ? lock_is_held_type+0x9e/0x120 [ 911.957684] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 911.957725] ? policy_nodemask+0xeb/0x4e0 [ 911.957764] alloc_pages_mpol+0xed/0x340 [ 911.957799] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 911.957832] ? filemap_get_entry+0x1bb/0x3b0 [ 911.957867] ? __pfx_filemap_get_entry+0x10/0x10 [ 911.957907] folio_alloc_mpol_noprof+0x38/0x2a0 [ 911.957949] shmem_alloc_folio+0x11b/0x140 [ 911.957979] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 911.958024] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 911.958072] ? fault_in_readable+0x12a/0x1d0 [ 911.958106] shmem_write_begin+0x194/0x3b0 [ 911.958140] ? __pfx_shmem_write_begin+0x10/0x10 [ 911.958172] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 911.958218] generic_perform_write+0x391/0x810 [ 911.958255] ? __pfx_generic_perform_write+0x10/0x10 [ 911.958287] ? file_update_time_flags+0x367/0x4f0 [ 911.958324] shmem_file_write_iter+0x111/0x140 [ 911.958351] vfs_write+0xbe9/0x1150 [ 911.958375] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 911.958401] ? __fget_files+0x34/0x3b0 [ 911.958426] ? __pfx_vfs_write+0x10/0x10 [ 911.958467] __x64_sys_pwrite64+0x1f1/0x260 [ 911.958492] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 911.958526] do_syscall_64+0xbf/0x420 [ 911.958554] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 911.958580] RIP: 0033:0x7f9f6fba4ab7 [ 911.958598] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 911.958623] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 911.958646] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 911.958662] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 911.958676] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 911.958690] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 911.958704] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 911.958733] [ 911.960584] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 911.962501] loop7: detected capacity change from 0 to 80 [ 912.003421] FAULT_INJECTION: forcing a failure. [ 912.003421] name failslab, interval 1, probability 0, space 0, times 0 [ 912.008389] CPU: 0 UID: 0 PID: 8042 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 912.008420] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 912.008433] Call Trace: [ 912.008440] [ 912.008448] dump_stack_lvl+0xfa/0x120 [ 912.008479] should_fail_ex+0x4d7/0x5e0 [ 912.008521] ? security_inode_alloc+0x3e/0x130 [ 912.008558] should_failslab+0xc2/0x120 [ 912.008584] kmem_cache_alloc_noprof+0x80/0x760 [ 912.008617] ? __pfx_map_id_range_down+0x10/0x10 [ 912.008650] ? __create_object+0x59/0x80 [ 912.008688] ? security_inode_alloc+0x3e/0x130 [ 912.008723] security_inode_alloc+0x3e/0x130 [ 912.008760] inode_init_always_gfp+0xc9d/0xff0 [ 912.008790] alloc_inode+0x8d/0x250 [ 912.008821] new_inode+0x1e/0x160 [ 912.008853] __shmem_get_inode+0x17c/0xe80 [ 912.008885] __shmem_file_setup+0x108/0x370 [ 912.008914] __do_sys_memfd_create+0x2ce/0xab0 [ 912.008949] ? ksys_write+0x1a3/0x240 [ 912.008969] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 912.009002] ? irqentry_exit+0xee/0x650 [ 912.009022] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 912.009061] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 912.009099] do_syscall_64+0xbf/0x420 [ 912.009126] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 912.009149] RIP: 0033:0x7f32b3573b19 [ 912.009166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 912.009187] RSP: 002b:00007f32b0ae8f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 912.009208] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f32b3573b19 [ 912.009223] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f32b35cd0fb [ 912.009236] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 912.009249] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 912.009263] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 912.009290] [ 912.042288] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 912.049294] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 912.050122] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 912.051385] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 912.064176] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 912.065536] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 912.067168] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:27:51 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 7) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:51 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:27:51 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 46) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 912.123590] loop4: detected capacity change from 0 to 5 [ 912.145396] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 912.146177] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 912.147392] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:27:51 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 912.187033] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 912.188517] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 912.190168] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 912.196357] FAULT_INJECTION: forcing a failure. [ 912.196357] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 912.199328] CPU: 0 UID: 0 PID: 8056 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 912.199356] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 912.199368] Call Trace: [ 912.199376] [ 912.199384] dump_stack_lvl+0xfa/0x120 [ 912.199417] should_fail_ex+0x4d7/0x5e0 [ 912.199453] ? page_copy_sane+0xce/0x2b0 [ 912.199486] copy_folio_from_iter_atomic+0x383/0x1820 [ 912.199531] ? fault_in_readable+0x12a/0x1d0 [ 912.199561] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 912.199596] ? shmem_write_begin+0x1ab/0x3b0 [ 912.199626] ? __pfx_shmem_write_begin+0x10/0x10 [ 912.199655] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 912.199700] generic_perform_write+0x1d7/0x810 [ 912.199734] ? __pfx_generic_perform_write+0x10/0x10 [ 912.199763] ? file_update_time_flags+0x367/0x4f0 [ 912.199795] shmem_file_write_iter+0x111/0x140 [ 912.199819] vfs_write+0xbe9/0x1150 [ 912.199840] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 912.199876] ? __fget_files+0x34/0x3b0 [ 912.199898] ? __pfx_vfs_write+0x10/0x10 [ 912.199935] __x64_sys_pwrite64+0x1f1/0x260 [ 912.199957] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 912.199986] do_syscall_64+0xbf/0x420 [ 912.200012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 912.200034] RIP: 0033:0x7f9f6fba4ab7 [ 912.200056] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 912.200075] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 912.200095] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 912.200109] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 912.200122] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 912.200134] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 912.200146] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 912.200172] 21:27:51 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8100000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 912.280384] loop4: detected capacity change from 0 to 5 21:27:51 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x2000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:27:51 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 912.350571] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 912.351476] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 912.362302] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:27:51 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 912.462366] loop4: detected capacity change from 0 to 5 [ 912.496253] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 912.496921] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 912.498001] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 912.499012] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 912.499657] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 912.500622] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 912.587260] loop6: detected capacity change from 0 to 32640 [ 912.679123] loop7: detected capacity change from 0 to 32640 21:28:01 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 47) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:01 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xe, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:01 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xa00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:01 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3f00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:28:01 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(0x0, 0x0) 21:28:01 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x3000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:28:01 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x10000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:01 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 8) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 921.605387] FAULT_INJECTION: forcing a failure. [ 921.605387] name failslab, interval 1, probability 0, space 0, times 0 [ 921.607044] CPU: 0 UID: 0 PID: 8094 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 921.607081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 921.607100] Call Trace: [ 921.607109] [ 921.607117] dump_stack_lvl+0xfa/0x120 [ 921.607151] should_fail_ex+0x4d7/0x5e0 [ 921.607197] ? __d_alloc+0x34/0xa10 [ 921.607225] should_failslab+0xc2/0x120 [ 921.607253] kmem_cache_alloc_lru_noprof+0x84/0x770 [ 921.607290] ? find_held_lock+0x2b/0x80 [ 921.607320] ? __d_alloc+0x34/0xa10 [ 921.607346] __d_alloc+0x34/0xa10 [ 921.607373] ? mpol_shared_policy_init+0x24f/0x390 [ 921.607417] d_alloc_pseudo+0x1d/0xc0 [ 921.607454] alloc_file_pseudo+0xbe/0x220 [ 921.607488] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 921.607510] FAULT_INJECTION: forcing a failure. [ 921.607510] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 921.607520] ? __shmem_get_inode+0x684/0xe80 [ 921.607556] __shmem_file_setup+0x1a8/0x370 [ 921.607589] __do_sys_memfd_create+0x2ce/0xab0 [ 921.607628] ? ksys_write+0x1a3/0x240 [ 921.607650] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 921.607687] ? irqentry_exit+0xee/0x650 [ 921.607709] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 921.607741] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 921.607780] do_syscall_64+0xbf/0x420 [ 921.607809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 921.607834] RIP: 0033:0x7f32b3573b19 [ 921.607852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 921.607876] RSP: 002b:00007f32b0ae8f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 921.607899] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f32b3573b19 [ 921.607915] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f32b35cd0fb [ 921.607930] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 921.607944] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 921.607973] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 921.608002] [ 921.610498] loop4: detected capacity change from 0 to 5 [ 921.611782] CPU: 1 UID: 0 PID: 8097 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 921.611821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 921.611837] Call Trace: [ 921.611849] [ 921.611861] dump_stack_lvl+0xfa/0x120 [ 921.611900] should_fail_ex+0x4d7/0x5e0 [ 921.611971] ? page_copy_sane+0xce/0x2b0 [ 921.612017] copy_folio_from_iter_atomic+0x383/0x1820 [ 921.612090] ? fault_in_readable+0x12a/0x1d0 [ 921.612129] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 921.612181] ? shmem_write_begin+0x1ab/0x3b0 [ 921.612220] ? __pfx_shmem_write_begin+0x10/0x10 [ 921.612263] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 921.612323] generic_perform_write+0x1d7/0x810 [ 921.612368] ? __pfx_generic_perform_write+0x10/0x10 [ 921.612401] ? __mark_inode_dirty+0x820/0x1460 [ 921.612444] ? mnt_put_write_access_file+0xb7/0xe0 [ 921.612473] ? file_update_time_flags+0x367/0x4f0 [ 921.612518] shmem_file_write_iter+0x111/0x140 [ 921.612548] vfs_write+0xbe9/0x1150 [ 921.612580] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 921.612609] ? __fget_files+0x34/0x3b0 [ 921.612638] ? __pfx_vfs_write+0x10/0x10 [ 921.612688] __x64_sys_pwrite64+0x1f1/0x260 [ 921.612717] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 921.612754] ? trace_hardirqs_on+0x4b/0x110 [ 921.612798] do_syscall_64+0xbf/0x420 [ 921.612836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 921.612864] RIP: 0033:0x7f9f6fba4ab7 [ 921.612884] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 921.612919] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 921.612948] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 921.612967] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 921.612984] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 921.613004] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 921.613022] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 921.613058] [ 921.737219] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 921.782697] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 921.783833] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 921.787151] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 921.907184] loop7: detected capacity change from 0 to 32640 21:28:09 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:09 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 48) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:09 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 9) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:09 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x4000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:28:09 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x40000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:09 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:28:09 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:09 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(0x0, 0x0) [ 930.090730] loop4: detected capacity change from 0 to 5 [ 930.100372] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:28:09 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(0x0, 0x0) [ 930.162352] FAULT_INJECTION: forcing a failure. [ 930.162352] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 930.165715] CPU: 0 UID: 0 PID: 8131 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 930.165750] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 930.165764] Call Trace: [ 930.165771] [ 930.165780] dump_stack_lvl+0xfa/0x120 [ 930.165814] should_fail_ex+0x4d7/0x5e0 [ 930.165861] should_fail_alloc_page+0xe0/0x110 [ 930.165891] prepare_alloc_pages+0x1eb/0x550 [ 930.165918] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 930.165961] __alloc_frozen_pages_noprof+0x185/0x2070 [ 930.165999] ? pte_offset_map_lock+0x190/0x330 [ 930.166028] ? find_held_lock+0x2b/0x80 [ 930.166064] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 930.166108] ? lock_is_held_type+0x9e/0x120 [ 930.166134] ? lock_is_held_type+0x9e/0x120 [ 930.166154] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 930.166194] ? policy_nodemask+0xeb/0x4e0 [ 930.166233] alloc_pages_mpol+0xed/0x340 [ 930.166268] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 930.166301] ? filemap_get_entry+0x1bb/0x3b0 [ 930.166336] ? __pfx_filemap_get_entry+0x10/0x10 [ 930.166377] folio_alloc_mpol_noprof+0x38/0x2a0 [ 930.166420] shmem_alloc_folio+0x11b/0x140 [ 930.166449] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 930.166493] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 930.166534] ? fault_in_readable+0x12a/0x1d0 [ 930.166570] shmem_write_begin+0x194/0x3b0 [ 930.166604] ? __pfx_shmem_write_begin+0x10/0x10 [ 930.166639] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 930.166687] generic_perform_write+0x391/0x810 [ 930.166726] ? __pfx_generic_perform_write+0x10/0x10 [ 930.166760] ? file_update_time_flags+0x367/0x4f0 [ 930.166798] shmem_file_write_iter+0x111/0x140 [ 930.166825] vfs_write+0xbe9/0x1150 [ 930.166850] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 930.166877] ? __fget_files+0x34/0x3b0 [ 930.166901] ? __pfx_vfs_write+0x10/0x10 [ 930.166945] __x64_sys_pwrite64+0x1f1/0x260 [ 930.166971] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 930.167006] do_syscall_64+0xbf/0x420 [ 930.167035] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 930.167059] RIP: 0033:0x7f9f6fba4ab7 [ 930.167078] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 930.167102] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 930.167125] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 930.167141] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 930.167157] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 930.167171] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 930.167185] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 930.167216] [ 930.225452] loop4: detected capacity change from 0 to 5 [ 930.229830] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 930.232364] loop7: detected capacity change from 0 to 88 [ 930.253164] EXT4-fs (loop7): VFS: Can't find ext4 filesystem 21:28:09 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(0x0, 0x0) [ 930.322673] loop4: detected capacity change from 0 to 5 [ 930.329401] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:28:09 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 49) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:09 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(0x0, 0x0) [ 930.403543] FAULT_INJECTION: forcing a failure. [ 930.403543] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 930.404523] CPU: 1 UID: 0 PID: 8146 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 930.404539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 930.404547] Call Trace: [ 930.404552] [ 930.404556] dump_stack_lvl+0xfa/0x120 [ 930.404576] should_fail_ex+0x4d7/0x5e0 [ 930.404599] ? page_copy_sane+0xce/0x2b0 [ 930.404619] copy_folio_from_iter_atomic+0x383/0x1820 [ 930.404645] ? fault_in_readable+0x12a/0x1d0 [ 930.404663] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 930.404683] ? shmem_write_begin+0x1ab/0x3b0 [ 930.404702] ? __pfx_shmem_write_begin+0x10/0x10 [ 930.404721] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 930.404745] generic_perform_write+0x1d7/0x810 [ 930.404765] ? __pfx_generic_perform_write+0x10/0x10 [ 930.404781] ? file_update_time_flags+0x367/0x4f0 [ 930.404800] shmem_file_write_iter+0x111/0x140 [ 930.404814] vfs_write+0xbe9/0x1150 [ 930.404826] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 930.404839] ? __fget_files+0x34/0x3b0 [ 930.404852] ? __pfx_vfs_write+0x10/0x10 [ 930.404874] __x64_sys_pwrite64+0x1f1/0x260 [ 930.404887] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 930.404904] do_syscall_64+0xbf/0x420 [ 930.404919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 930.404932] RIP: 0033:0x7f9f6fba4ab7 [ 930.404942] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 930.404954] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 930.404966] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 930.404974] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 930.404981] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 930.404988] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 930.404995] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 930.405010] [ 930.422327] loop6: detected capacity change from 0 to 32640 [ 930.428928] loop4: detected capacity change from 0 to 5 [ 930.439002] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:28:10 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xe00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 930.455240] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 930.456204] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 930.457633] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:28:10 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(0x0, 0x0) 21:28:10 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:10 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:10 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf500, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 930.574181] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 930.574690] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 930.575863] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 930.576132] loop4: detected capacity change from 0 to 5 [ 930.596618] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 930.599376] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 930.600663] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 930.602254] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:28:10 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 10) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:10 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x8100000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 930.619569] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 930.620486] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 930.621911] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:28:10 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x810, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 930.655283] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 930.655766] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 930.658146] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 930.661601] FAULT_INJECTION: forcing a failure. [ 930.661601] name failslab, interval 1, probability 0, space 0, times 0 [ 930.665338] CPU: 0 UID: 0 PID: 8167 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 930.665373] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 930.665388] Call Trace: [ 930.665397] [ 930.665405] dump_stack_lvl+0xfa/0x120 [ 930.665440] should_fail_ex+0x4d7/0x5e0 [ 930.665485] ? alloc_empty_file+0x58/0x1e0 [ 930.665516] should_failslab+0xc2/0x120 [ 930.665543] kmem_cache_alloc_noprof+0x80/0x760 [ 930.665580] ? d_instantiate+0x92/0xb0 [ 930.665625] ? alloc_empty_file+0x58/0x1e0 [ 930.665654] ? _raw_spin_unlock+0x1e/0x40 [ 930.665688] alloc_empty_file+0x58/0x1e0 [ 930.665720] alloc_file_pseudo+0x12b/0x220 [ 930.665754] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 930.665794] __shmem_file_setup+0x1a8/0x370 [ 930.665827] __do_sys_memfd_create+0x2ce/0xab0 [ 930.665865] ? ksys_write+0x1a3/0x240 [ 930.665887] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 930.665923] ? irqentry_exit+0xee/0x650 [ 930.665945] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 930.665977] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 930.666017] do_syscall_64+0xbf/0x420 [ 930.666046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 930.666071] RIP: 0033:0x7f32b3573b19 [ 930.666090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 930.666113] RSP: 002b:00007f32b0ae8f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 930.666137] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f32b3573b19 [ 930.666153] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f32b35cd0fb [ 930.666168] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 930.666182] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 930.666196] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 930.666226] [ 930.702642] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 930.704215] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 930.705633] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:28:10 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x20000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 930.734267] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 930.734732] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 930.737332] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:28:10 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 930.757898] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 930.758848] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 930.760268] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:28:10 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 11) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 930.797529] loop7: detected capacity change from 0 to 32640 [ 930.830567] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 930.831568] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 930.832975] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 930.888854] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 930.889402] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 930.890314] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 930.968592] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 930.982116] loop6: detected capacity change from 0 to 32640 21:28:19 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 12) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:19 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf5, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:19 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1008, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:19 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x810, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:28:19 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x100000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:19 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x10000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:28:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x40000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:28:19 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 50) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 939.704931] FAULT_INJECTION: forcing a failure. [ 939.704931] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 939.706672] FAULT_INJECTION: forcing a failure. [ 939.706672] name failslab, interval 1, probability 0, space 0, times 0 [ 939.707309] CPU: 0 UID: 0 PID: 8207 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 939.707349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 939.707366] Call Trace: [ 939.707375] [ 939.707385] dump_stack_lvl+0xfa/0x120 [ 939.707424] should_fail_ex+0x4d7/0x5e0 [ 939.707471] ? page_copy_sane+0xce/0x2b0 [ 939.707516] copy_folio_from_iter_atomic+0x383/0x1820 [ 939.707576] ? fault_in_readable+0x12a/0x1d0 [ 939.707617] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 939.707668] ? shmem_write_begin+0x1ab/0x3b0 [ 939.707709] ? __pfx_shmem_write_begin+0x10/0x10 [ 939.707751] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 939.707809] generic_perform_write+0x1d7/0x810 [ 939.707855] ? __pfx_generic_perform_write+0x10/0x10 [ 939.707897] ? file_update_time_flags+0x367/0x4f0 [ 939.707942] shmem_file_write_iter+0x111/0x140 [ 939.707976] vfs_write+0xbe9/0x1150 [ 939.708004] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 939.708036] ? __fget_files+0x34/0x3b0 [ 939.708076] ? __pfx_vfs_write+0x10/0x10 [ 939.708127] __x64_sys_pwrite64+0x1f1/0x260 [ 939.708172] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 939.708213] do_syscall_64+0xbf/0x420 [ 939.708248] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 939.708278] RIP: 0033:0x7f9f6fba4ab7 [ 939.708300] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 939.708329] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 939.708357] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 939.708376] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 939.708394] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 939.708411] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 939.708428] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 939.708463] [ 939.726219] CPU: 1 UID: 0 PID: 8210 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 939.726243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 939.726254] Call Trace: [ 939.726260] [ 939.726266] dump_stack_lvl+0xfa/0x120 [ 939.726291] should_fail_ex+0x4d7/0x5e0 [ 939.726324] ? security_file_alloc+0x35/0x130 [ 939.726344] should_failslab+0xc2/0x120 [ 939.726365] kmem_cache_alloc_noprof+0x80/0x760 [ 939.726390] ? __create_object+0x59/0x80 [ 939.726419] ? security_file_alloc+0x35/0x130 [ 939.726436] security_file_alloc+0x35/0x130 [ 939.726455] init_file+0x95/0x480 [ 939.726477] alloc_empty_file+0x76/0x1e0 [ 939.726498] alloc_file_pseudo+0x12b/0x220 [ 939.726521] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 939.726549] __shmem_file_setup+0x1a8/0x370 [ 939.726573] __do_sys_memfd_create+0x2ce/0xab0 [ 939.726598] ? ksys_write+0x1a3/0x240 [ 939.726614] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 939.726638] ? irqentry_exit+0xee/0x650 [ 939.726660] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 939.726682] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 939.726709] do_syscall_64+0xbf/0x420 [ 939.726731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 939.726749] RIP: 0033:0x7f32b3573b19 [ 939.726761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 939.726778] RSP: 002b:00007f32b0ae8f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 939.726794] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f32b3573b19 [ 939.726805] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f32b35cd0fb [ 939.726815] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 939.726826] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 939.726836] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 939.726856] [ 939.750649] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.752245] blk_print_req_error: 1 callbacks suppressed [ 939.752270] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 939.755197] buffer_io_error: 1 callbacks suppressed [ 939.755221] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:28:19 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 13) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 939.783161] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 939.784813] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 939.786184] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:28:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 1) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:19 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 939.888838] FAULT_INJECTION: forcing a failure. [ 939.888838] name failslab, interval 1, probability 0, space 0, times 0 [ 939.889859] CPU: 1 UID: 0 PID: 8223 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 939.889882] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 939.889892] Call Trace: [ 939.889897] [ 939.889904] dump_stack_lvl+0xfa/0x120 [ 939.889928] should_fail_ex+0x4d7/0x5e0 [ 939.889961] ? __do_sys_memfd_create+0x1e5/0xab0 [ 939.889988] should_failslab+0xc2/0x120 [ 939.890006] __kmalloc_cache_noprof+0x80/0x780 [ 939.890037] ? __do_sys_memfd_create+0x1e5/0xab0 [ 939.890067] __do_sys_memfd_create+0x1e5/0xab0 [ 939.890092] ? ksys_write+0x1a3/0x240 [ 939.890109] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 939.890132] ? irqentry_exit+0xee/0x650 [ 939.890145] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 939.890163] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 939.890185] do_syscall_64+0xbf/0x420 [ 939.890200] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 939.890214] RIP: 0033:0x7f1fa08c4b19 [ 939.890224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 939.890237] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 939.890249] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c4b19 [ 939.890257] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f1fa091e0fb [ 939.890265] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 939.890273] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 939.890281] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 939.890296] 21:28:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x60000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:28:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 2) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 940.002259] loop4: detected capacity change from 0 to 5 [ 940.014792] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 940.065935] loop6: detected capacity change from 0 to 32640 21:28:19 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x40000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:28:19 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x200000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:19 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x300, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 3) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 940.154999] loop7: detected capacity change from 0 to 32640 [ 940.169347] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 940.169856] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 940.170575] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 940.172504] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 940.172909] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 940.173566] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:28:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x80000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 940.198688] FAULT_INJECTION: forcing a failure. [ 940.198688] name fail_usercopy, interval 1, probability 0, space 0, times 0 21:28:19 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3f00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 940.238090] CPU: 1 UID: 0 PID: 8244 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 940.238112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 940.238120] Call Trace: [ 940.238125] [ 940.238130] dump_stack_lvl+0xfa/0x120 [ 940.238151] should_fail_ex+0x4d7/0x5e0 [ 940.238177] strncpy_from_user+0x3b/0x2f0 [ 940.238199] __do_sys_memfd_create+0x21d/0xab0 [ 940.238222] ? ksys_write+0x1a3/0x240 [ 940.238235] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 940.238255] ? irqentry_exit+0xee/0x650 [ 940.238268] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 940.238286] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 940.238309] do_syscall_64+0xbf/0x420 [ 940.238325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 940.238339] RIP: 0033:0x7f1fa08c4b19 [ 940.238350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 940.238363] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 940.238376] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c4b19 [ 940.238384] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f1fa091e0fb [ 940.238392] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 940.238400] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 940.238408] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 940.238424] [ 940.271946] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 940.272893] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 940.274662] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 940.299620] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 940.301298] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 940.304091] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 940.425018] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 940.426433] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 940.427805] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:28:30 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 14) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:30 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:30 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 51) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:30 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xa0000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:28:30 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:28:30 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x300000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:30 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x500, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 4) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 951.094161] FAULT_INJECTION: forcing a failure. [ 951.094161] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 951.095225] CPU: 1 UID: 0 PID: 8270 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 951.095243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 951.095251] Call Trace: [ 951.095256] [ 951.095261] dump_stack_lvl+0xfa/0x120 [ 951.095281] should_fail_ex+0x4d7/0x5e0 [ 951.095308] should_fail_alloc_page+0xe0/0x110 [ 951.095325] prepare_alloc_pages+0x1eb/0x550 [ 951.095344] __alloc_frozen_pages_noprof+0x185/0x2070 [ 951.095365] ? __is_insn_slot_addr+0x136/0x290 [ 951.095380] ? lock_release+0xc8/0x270 [ 951.095400] ? __is_insn_slot_addr+0x140/0x290 [ 951.095415] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 951.095439] ? lock_is_held_type+0x9e/0x120 [ 951.095453] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 951.095474] ? policy_nodemask+0xeb/0x4e0 [ 951.095495] alloc_pages_mpol+0xed/0x340 [ 951.095514] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 951.095532] ? filemap_get_entry+0x1bb/0x3b0 [ 951.095551] ? __pfx_filemap_get_entry+0x10/0x10 [ 951.095573] folio_alloc_mpol_noprof+0x38/0x2a0 [ 951.095596] shmem_alloc_folio+0x11b/0x140 [ 951.095613] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 951.095635] ? find_held_lock+0x2b/0x80 [ 951.095647] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 951.095667] ? do_raw_read_trylock+0x92/0xb0 [ 951.095688] ? simple_xattr_get+0x173/0x1d0 [ 951.095709] shmem_write_begin+0x194/0x3b0 [ 951.095728] ? __pfx_shmem_write_begin+0x10/0x10 [ 951.095746] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 951.095769] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 951.095785] ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0 [ 951.095807] generic_perform_write+0x391/0x810 [ 951.095827] ? __pfx_generic_perform_write+0x10/0x10 [ 951.095846] ? file_update_time_flags+0x367/0x4f0 [ 951.095866] shmem_file_write_iter+0x111/0x140 [ 951.095881] vfs_write+0xbe9/0x1150 [ 951.095895] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 951.095909] ? __fget_files+0x34/0x3b0 [ 951.095923] ? __pfx_vfs_write+0x10/0x10 [ 951.095945] __x64_sys_pwrite64+0x1f1/0x260 [ 951.095959] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 951.095977] do_syscall_64+0xbf/0x420 [ 951.095994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 951.096008] RIP: 0033:0x7f32b3526ab7 [ 951.096018] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 951.096031] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 951.096049] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 951.096058] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 951.096066] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 951.096074] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 951.096081] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 951.096097] [ 951.118830] loop6: detected capacity change from 0 to 5 [ 951.124974] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 951.134493] FAULT_INJECTION: forcing a failure. [ 951.134493] name failslab, interval 1, probability 0, space 0, times 0 [ 951.136666] CPU: 0 UID: 0 PID: 8273 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 951.136704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 951.136720] Call Trace: [ 951.136729] [ 951.136740] dump_stack_lvl+0xfa/0x120 [ 951.136778] should_fail_ex+0x4d7/0x5e0 [ 951.136825] ? shmem_alloc_inode+0x27/0x50 [ 951.136851] should_failslab+0xc2/0x120 [ 951.136879] kmem_cache_alloc_lru_noprof+0x84/0x770 [ 951.136928] ? shmem_alloc_inode+0x27/0x50 [ 951.136952] shmem_alloc_inode+0x27/0x50 [ 951.136975] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 951.136999] alloc_inode+0x67/0x250 [ 951.137035] new_inode+0x1e/0x160 [ 951.137079] __shmem_get_inode+0x17c/0xe80 [ 951.137113] __shmem_file_setup+0x108/0x370 [ 951.137147] __do_sys_memfd_create+0x2ce/0xab0 [ 951.137187] ? ksys_write+0x1a3/0x240 [ 951.137211] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 951.137248] ? irqentry_exit+0xee/0x650 [ 951.137271] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 951.137304] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 951.137346] do_syscall_64+0xbf/0x420 [ 951.137376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 951.137401] RIP: 0033:0x7f1fa08c4b19 [ 951.137421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 951.137445] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 951.137469] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c4b19 [ 951.137485] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f1fa091e0fb [ 951.137500] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 951.137515] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 951.137530] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 951.137560] [ 951.139514] FAULT_INJECTION: forcing a failure. [ 951.139514] name fail_page_alloc, interval 1, probability 0, space 0, times 0 21:28:30 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 15) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 951.171200] CPU: 1 UID: 0 PID: 8274 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 951.171219] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 951.171231] Call Trace: [ 951.171235] [ 951.171240] dump_stack_lvl+0xfa/0x120 [ 951.171260] should_fail_ex+0x4d7/0x5e0 [ 951.171285] should_fail_alloc_page+0xe0/0x110 [ 951.171301] prepare_alloc_pages+0x1eb/0x550 [ 951.171316] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 951.171338] __alloc_frozen_pages_noprof+0x185/0x2070 [ 951.171357] ? pte_offset_map_lock+0x190/0x330 [ 951.171372] ? find_held_lock+0x2b/0x80 [ 951.171386] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 951.171409] ? lock_is_held_type+0x9e/0x120 [ 951.171422] ? lock_is_held_type+0x9e/0x120 [ 951.171432] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 951.171453] ? policy_nodemask+0xeb/0x4e0 [ 951.171473] alloc_pages_mpol+0xed/0x340 [ 951.171491] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 951.171508] ? filemap_get_entry+0x1bb/0x3b0 [ 951.171526] ? __pfx_filemap_get_entry+0x10/0x10 [ 951.171546] folio_alloc_mpol_noprof+0x38/0x2a0 [ 951.171568] shmem_alloc_folio+0x11b/0x140 [ 951.171583] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 951.171606] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 951.171627] ? fault_in_readable+0x12a/0x1d0 [ 951.171645] shmem_write_begin+0x194/0x3b0 [ 951.171663] ? __pfx_shmem_write_begin+0x10/0x10 [ 951.171680] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 951.171704] generic_perform_write+0x391/0x810 [ 951.171724] ? __pfx_generic_perform_write+0x10/0x10 [ 951.171741] ? file_update_time_flags+0x367/0x4f0 [ 951.171760] shmem_file_write_iter+0x111/0x140 [ 951.171775] vfs_write+0xbe9/0x1150 [ 951.171787] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 951.171800] ? __fget_files+0x34/0x3b0 [ 951.171813] ? __pfx_vfs_write+0x10/0x10 [ 951.171835] __x64_sys_pwrite64+0x1f1/0x260 [ 951.171848] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 951.171865] do_syscall_64+0xbf/0x420 [ 951.171881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 951.171894] RIP: 0033:0x7f9f6fba4ab7 [ 951.171904] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 951.171916] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 951.171928] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 951.171937] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 951.171944] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 951.171951] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 951.171958] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 951.171973] [ 951.194477] loop7: detected capacity change from 0 to 96 [ 951.214218] EXT4-fs (loop7): VFS: Can't find ext4 filesystem 21:28:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 5) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 951.233298] loop4: detected capacity change from 0 to 5 [ 951.236417] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:28:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 6) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 951.258730] FAULT_INJECTION: forcing a failure. [ 951.258730] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 951.267185] CPU: 0 UID: 0 PID: 8289 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 951.267220] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 951.267234] Call Trace: [ 951.267242] [ 951.267251] dump_stack_lvl+0xfa/0x120 [ 951.267285] should_fail_ex+0x4d7/0x5e0 [ 951.267324] ? page_copy_sane+0xce/0x2b0 [ 951.267362] copy_folio_from_iter_atomic+0x383/0x1820 [ 951.267410] ? simple_xattr_get+0x173/0x1d0 [ 951.267445] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 951.267484] ? shmem_write_begin+0x1ab/0x3b0 [ 951.267518] ? __pfx_shmem_write_begin+0x10/0x10 [ 951.267552] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 951.267591] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 951.267621] ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0 [ 951.267659] generic_perform_write+0x1d7/0x810 [ 951.267697] ? __pfx_generic_perform_write+0x10/0x10 [ 951.267730] ? file_update_time_flags+0x367/0x4f0 [ 951.267766] shmem_file_write_iter+0x111/0x140 [ 951.267793] vfs_write+0xbe9/0x1150 [ 951.267817] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 951.267843] ? __fget_files+0x34/0x3b0 [ 951.267867] ? __pfx_vfs_write+0x10/0x10 [ 951.267910] __x64_sys_pwrite64+0x1f1/0x260 [ 951.267935] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 951.267970] do_syscall_64+0xbf/0x420 [ 951.267998] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 951.268022] RIP: 0033:0x7f32b3526ab7 [ 951.268041] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 951.268073] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 951.268097] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 951.268112] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 951.268127] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 951.268142] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 951.268155] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 951.268186] [ 951.273960] FAULT_INJECTION: forcing a failure. [ 951.273960] name failslab, interval 1, probability 0, space 0, times 0 21:28:30 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 52) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 951.312716] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 951.313675] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 951.315050] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 951.320751] CPU: 1 UID: 0 PID: 8291 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 951.320772] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 951.320780] Call Trace: [ 951.320785] [ 951.320790] dump_stack_lvl+0xfa/0x120 [ 951.320811] should_fail_ex+0x4d7/0x5e0 [ 951.320836] ? security_inode_alloc+0x3e/0x130 [ 951.320857] should_failslab+0xc2/0x120 [ 951.320872] kmem_cache_alloc_noprof+0x80/0x760 [ 951.320892] ? __pfx_map_id_range_down+0x10/0x10 [ 951.320911] ? __create_object+0x59/0x80 [ 951.320930] ? security_inode_alloc+0x3e/0x130 [ 951.320949] security_inode_alloc+0x3e/0x130 [ 951.320969] inode_init_always_gfp+0xc9d/0xff0 [ 951.320986] alloc_inode+0x8d/0x250 [ 951.321004] new_inode+0x1e/0x160 [ 951.321021] __shmem_get_inode+0x17c/0xe80 [ 951.321039] __shmem_file_setup+0x108/0x370 [ 951.321060] __do_sys_memfd_create+0x2ce/0xab0 [ 951.321079] ? ksys_write+0x1a3/0x240 [ 951.321095] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 951.321113] ? irqentry_exit+0xee/0x650 [ 951.321124] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 951.321141] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 951.321162] do_syscall_64+0xbf/0x420 [ 951.321177] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 951.321190] RIP: 0033:0x7f1fa08c4b19 [ 951.321200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 951.321212] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 951.321225] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c4b19 [ 951.321233] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f1fa091e0fb [ 951.321240] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 951.321248] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 951.321255] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 951.321270] [ 951.346391] FAULT_INJECTION: forcing a failure. [ 951.346391] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 951.348191] CPU: 0 UID: 0 PID: 8293 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 951.348222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 951.348236] Call Trace: [ 951.348244] [ 951.348253] dump_stack_lvl+0xfa/0x120 [ 951.348301] should_fail_ex+0x4d7/0x5e0 [ 951.348341] ? page_copy_sane+0xce/0x2b0 [ 951.348379] copy_folio_from_iter_atomic+0x383/0x1820 [ 951.348429] ? fault_in_readable+0x12a/0x1d0 [ 951.348464] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 951.348504] ? shmem_write_begin+0x1ab/0x3b0 [ 951.348537] ? __pfx_shmem_write_begin+0x10/0x10 [ 951.348571] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 951.348617] generic_perform_write+0x1d7/0x810 [ 951.348655] ? __pfx_generic_perform_write+0x10/0x10 [ 951.348688] ? file_update_time_flags+0x367/0x4f0 [ 951.348724] shmem_file_write_iter+0x111/0x140 [ 951.348751] vfs_write+0xbe9/0x1150 [ 951.348774] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 951.348799] ? __fget_files+0x34/0x3b0 [ 951.348823] ? __pfx_vfs_write+0x10/0x10 [ 951.348865] __x64_sys_pwrite64+0x1f1/0x260 [ 951.348889] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 951.348923] do_syscall_64+0xbf/0x420 [ 951.348951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 951.348975] RIP: 0033:0x7f9f6fba4ab7 [ 951.348993] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 951.349016] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 951.349038] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 951.349060] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 951.349074] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 951.349087] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 951.349101] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 951.349130] 21:28:30 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x2, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:28:31 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 7) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 951.491335] loop4: detected capacity change from 0 to 5 [ 951.518129] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 951.617868] loop6: detected capacity change from 0 to 32640 [ 951.750775] loop7: detected capacity change from 0 to 32640 21:28:40 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 53) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:40 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 16) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 8) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:40 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc0000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:28:40 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf500, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:40 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x600, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:40 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x3, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:28:40 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x400000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 960.802612] FAULT_INJECTION: forcing a failure. [ 960.802612] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 960.804940] CPU: 1 UID: 0 PID: 8322 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 960.804975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 960.804991] Call Trace: [ 960.804999] [ 960.805009] dump_stack_lvl+0xfa/0x120 [ 960.805054] should_fail_ex+0x4d7/0x5e0 [ 960.805097] ? page_copy_sane+0xce/0x2b0 [ 960.805138] copy_folio_from_iter_atomic+0x383/0x1820 [ 960.805193] ? fault_in_readable+0x12a/0x1d0 [ 960.805231] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 960.805275] ? shmem_write_begin+0x1ab/0x3b0 [ 960.805311] ? __pfx_shmem_write_begin+0x10/0x10 [ 960.805348] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 960.805399] generic_perform_write+0x1d7/0x810 [ 960.805441] ? __pfx_generic_perform_write+0x10/0x10 [ 960.805478] ? file_update_time_flags+0x367/0x4f0 [ 960.805518] shmem_file_write_iter+0x111/0x140 [ 960.805549] vfs_write+0xbe9/0x1150 [ 960.805575] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 960.805604] ? __fget_files+0x34/0x3b0 [ 960.805631] ? __pfx_vfs_write+0x10/0x10 [ 960.805680] __x64_sys_pwrite64+0x1f1/0x260 [ 960.805708] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 960.805746] do_syscall_64+0xbf/0x420 [ 960.805777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.805805] RIP: 0033:0x7f9f6fba4ab7 [ 960.805825] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 960.805850] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 960.805853] FAULT_INJECTION: forcing a failure. [ 960.805853] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 960.805877] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 960.805897] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 960.805914] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 960.805930] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 960.805946] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 960.805980] [ 960.847928] FAULT_INJECTION: forcing a failure. [ 960.847928] name failslab, interval 1, probability 0, space 0, times 0 [ 960.849630] CPU: 0 UID: 0 PID: 8327 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 960.849662] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 960.849677] Call Trace: [ 960.849685] [ 960.849694] dump_stack_lvl+0xfa/0x120 [ 960.849729] should_fail_ex+0x4d7/0x5e0 [ 960.849777] ? __d_alloc+0x34/0xa10 [ 960.849805] should_failslab+0xc2/0x120 [ 960.849833] kmem_cache_alloc_lru_noprof+0x84/0x770 [ 960.849872] ? find_held_lock+0x2b/0x80 [ 960.849903] ? __d_alloc+0x34/0xa10 [ 960.849929] __d_alloc+0x34/0xa10 [ 960.849955] ? mpol_shared_policy_init+0x24f/0x390 [ 960.850002] d_alloc_pseudo+0x1d/0xc0 [ 960.850039] alloc_file_pseudo+0xbe/0x220 [ 960.850080] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 960.850110] ? __shmem_get_inode+0x684/0xe80 [ 960.850144] __shmem_file_setup+0x1a8/0x370 [ 960.850179] __do_sys_memfd_create+0x2ce/0xab0 [ 960.850217] ? ksys_write+0x1a3/0x240 [ 960.850240] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 960.850274] ? irqentry_exit+0xee/0x650 [ 960.850297] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 960.850328] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 960.850366] do_syscall_64+0xbf/0x420 [ 960.850395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.850421] RIP: 0033:0x7f1fa08c4b19 [ 960.850439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 960.850464] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 960.850487] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c4b19 [ 960.850503] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f1fa091e0fb [ 960.850518] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 960.850533] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 960.850548] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 960.850577] [ 960.871198] CPU: 1 UID: 0 PID: 8323 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 960.871236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 960.871251] Call Trace: [ 960.871259] [ 960.871269] dump_stack_lvl+0xfa/0x120 [ 960.871305] should_fail_ex+0x4d7/0x5e0 [ 960.871353] should_fail_alloc_page+0xe0/0x110 [ 960.871384] prepare_alloc_pages+0x1eb/0x550 [ 960.871418] __alloc_frozen_pages_noprof+0x185/0x2070 [ 960.871464] ? do_raw_spin_lock+0x123/0x260 [ 960.871504] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 960.871546] ? do_raw_spin_unlock+0x53/0x220 [ 960.871583] ? lock_is_held_type+0x9e/0x120 [ 960.871609] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 960.871659] ? policy_nodemask+0xeb/0x4e0 [ 960.871697] alloc_pages_mpol+0xed/0x340 [ 960.871733] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 960.871767] ? filemap_get_entry+0x1bb/0x3b0 [ 960.871801] ? __pfx_filemap_get_entry+0x10/0x10 [ 960.871842] folio_alloc_mpol_noprof+0x38/0x2a0 [ 960.871885] shmem_alloc_folio+0x11b/0x140 [ 960.871915] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 960.871959] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 960.871999] ? simple_xattr_get+0x173/0x1d0 [ 960.872037] shmem_write_begin+0x194/0x3b0 [ 960.872072] ? __pfx_shmem_write_begin+0x10/0x10 [ 960.872106] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 960.872156] generic_perform_write+0x391/0x810 [ 960.872197] ? __pfx_generic_perform_write+0x10/0x10 [ 960.872230] ? file_update_time_flags+0x367/0x4f0 [ 960.872267] shmem_file_write_iter+0x111/0x140 [ 960.872295] vfs_write+0xbe9/0x1150 [ 960.872319] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 960.872345] ? __fget_files+0x34/0x3b0 [ 960.872370] ? __pfx_vfs_write+0x10/0x10 [ 960.872428] __x64_sys_pwrite64+0x1f1/0x260 [ 960.872453] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 960.872488] do_syscall_64+0xbf/0x420 [ 960.872517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.872542] RIP: 0033:0x7f32b3526ab7 [ 960.872563] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 960.872586] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 960.872610] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 960.872626] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 960.872641] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 960.872655] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 960.872669] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 960.872699] [ 960.874423] loop6: detected capacity change from 0 to 8 [ 960.926337] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:28:40 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 17) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 9) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 961.048868] loop4: detected capacity change from 0 to 5 [ 961.058972] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 961.075182] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 961.076147] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 961.077590] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:28:40 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xe0000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:28:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 10) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:40 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x4, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 961.294198] FAULT_INJECTION: forcing a failure. [ 961.294198] name failslab, interval 1, probability 0, space 0, times 0 [ 961.295873] CPU: 0 UID: 0 PID: 8349 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 961.295903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 961.295916] Call Trace: [ 961.295924] [ 961.295933] dump_stack_lvl+0xfa/0x120 [ 961.295963] should_fail_ex+0x4d7/0x5e0 [ 961.296006] ? alloc_empty_file+0x58/0x1e0 [ 961.296034] should_failslab+0xc2/0x120 [ 961.296067] kmem_cache_alloc_noprof+0x80/0x760 [ 961.296102] ? d_instantiate+0x92/0xb0 [ 961.296141] ? alloc_empty_file+0x58/0x1e0 [ 961.296168] ? _raw_spin_unlock+0x1e/0x40 [ 961.296199] alloc_empty_file+0x58/0x1e0 [ 961.296230] alloc_file_pseudo+0x12b/0x220 [ 961.296261] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 961.296298] __shmem_file_setup+0x1a8/0x370 [ 961.296329] __do_sys_memfd_create+0x2ce/0xab0 [ 961.296365] ? ksys_write+0x1a3/0x240 [ 961.296396] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 961.296430] ? irqentry_exit+0xee/0x650 [ 961.296450] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 961.296480] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 961.296518] do_syscall_64+0xbf/0x420 [ 961.296545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 961.296568] RIP: 0033:0x7f1fa08c4b19 [ 961.296586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 961.296608] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 961.296629] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c4b19 [ 961.296644] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f1fa091e0fb [ 961.296657] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 961.296671] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 961.296684] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 961.296712] [ 961.311604] loop7: detected capacity change from 0 to 32640 [ 961.368866] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 961.369749] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 961.371108] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 961.403861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 961.404849] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 961.406237] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 961.500274] loop6: detected capacity change from 0 to 32640 21:28:50 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 18) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:50 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x810000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:50 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 54) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:50 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x700, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:50 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x20000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 11) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:50 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:28:50 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x100000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 970.653511] loop4: detected capacity change from 0 to 5 [ 970.661123] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 970.679648] FAULT_INJECTION: forcing a failure. [ 970.679648] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 970.686412] CPU: 0 UID: 0 PID: 8375 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 970.686445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 970.686458] Call Trace: [ 970.686466] [ 970.686474] dump_stack_lvl+0xfa/0x120 [ 970.686506] should_fail_ex+0x4d7/0x5e0 [ 970.686550] should_fail_alloc_page+0xe0/0x110 [ 970.686578] prepare_alloc_pages+0x1eb/0x550 21:28:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 12) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 970.686603] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 970.686643] __alloc_frozen_pages_noprof+0x185/0x2070 [ 970.686684] ? pte_offset_map_lock+0x190/0x330 [ 970.686711] ? find_held_lock+0x2b/0x80 [ 970.686737] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 970.686778] ? lock_is_held_type+0x9e/0x120 [ 970.686801] ? lock_is_held_type+0x9e/0x120 [ 970.686820] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 970.686857] ? policy_nodemask+0xeb/0x4e0 [ 970.686893] alloc_pages_mpol+0xed/0x340 [ 970.686925] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 970.686956] ? filemap_get_entry+0x1bb/0x3b0 [ 970.686988] ? __pfx_filemap_get_entry+0x10/0x10 [ 970.687026] folio_alloc_mpol_noprof+0x38/0x2a0 [ 970.687072] shmem_alloc_folio+0x11b/0x140 [ 970.687099] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 970.687140] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 970.687178] ? fault_in_readable+0x12a/0x1d0 [ 970.687211] shmem_write_begin+0x194/0x3b0 [ 970.687243] ? __pfx_shmem_write_begin+0x10/0x10 [ 970.687275] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 970.687319] generic_perform_write+0x391/0x810 [ 970.687354] ? __pfx_generic_perform_write+0x10/0x10 [ 970.687386] ? file_update_time_flags+0x367/0x4f0 [ 970.687420] shmem_file_write_iter+0x111/0x140 [ 970.687446] vfs_write+0xbe9/0x1150 [ 970.687469] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 970.687493] ? __fget_files+0x34/0x3b0 [ 970.687516] ? __pfx_vfs_write+0x10/0x10 [ 970.687556] __x64_sys_pwrite64+0x1f1/0x260 [ 970.687580] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 970.687612] do_syscall_64+0xbf/0x420 [ 970.687639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 970.687662] RIP: 0033:0x7f9f6fba4ab7 [ 970.687680] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 970.687701] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 970.687723] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 970.687738] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 970.687751] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 970.687765] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 970.687778] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 970.687806] [ 970.736868] loop7: detected capacity change from 0 to 104 [ 970.741191] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 970.741688] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 970.742442] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 970.753222] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 970.774562] FAULT_INJECTION: forcing a failure. [ 970.774562] name failslab, interval 1, probability 0, space 0, times 0 [ 970.781209] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 970.782655] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 970.784346] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 970.788009] loop6: detected capacity change from 0 to 32640 [ 970.792528] CPU: 0 UID: 0 PID: 8383 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 970.792563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 970.792576] Call Trace: [ 970.792584] [ 970.792592] dump_stack_lvl+0xfa/0x120 [ 970.792623] should_fail_ex+0x4d7/0x5e0 [ 970.792665] ? security_file_alloc+0x35/0x130 [ 970.792689] should_failslab+0xc2/0x120 [ 970.792715] kmem_cache_alloc_noprof+0x80/0x760 [ 970.792748] ? __create_object+0x59/0x80 [ 970.792784] ? security_file_alloc+0x35/0x130 [ 970.792807] security_file_alloc+0x35/0x130 [ 970.792832] init_file+0x95/0x480 [ 970.792860] alloc_empty_file+0x76/0x1e0 [ 970.792891] alloc_file_pseudo+0x12b/0x220 [ 970.792922] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 970.792960] __shmem_file_setup+0x1a8/0x370 [ 970.792991] __do_sys_memfd_create+0x2ce/0xab0 [ 970.793026] ? ksys_write+0x1a3/0x240 [ 970.793055] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 970.793089] ? irqentry_exit+0xee/0x650 [ 970.793109] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 970.793139] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 970.793176] do_syscall_64+0xbf/0x420 [ 970.793203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 970.793225] RIP: 0033:0x7f1fa08c4b19 [ 970.793244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 970.793266] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 970.793288] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c4b19 [ 970.793302] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f1fa091e0fb [ 970.793316] RBP: 0000000000000002 R08: 0000000000000560 R09: ffffffffffffffff [ 970.793329] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 970.793342] R13: 0000000020000100 R14: 0000000000000ac0 R15: 0000000020013c00 [ 970.793370] 21:28:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 13) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:50 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 55) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:50 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 19) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 970.886709] FAULT_INJECTION: forcing a failure. [ 970.886709] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 970.887767] CPU: 1 UID: 0 PID: 8391 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 970.887791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 970.887802] Call Trace: [ 970.887807] [ 970.887812] dump_stack_lvl+0xfa/0x120 [ 970.887835] should_fail_ex+0x4d7/0x5e0 [ 970.887864] ? page_copy_sane+0xce/0x2b0 [ 970.887886] copy_folio_from_iter_atomic+0x383/0x1820 [ 970.887913] ? fault_in_readable+0x12a/0x1d0 [ 970.887932] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 970.887954] ? shmem_write_begin+0x1ab/0x3b0 [ 970.887973] ? __pfx_shmem_write_begin+0x10/0x10 [ 970.887991] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 970.888017] generic_perform_write+0x1d7/0x810 [ 970.888037] ? __pfx_generic_perform_write+0x10/0x10 [ 970.888059] ? file_update_time_flags+0x367/0x4f0 [ 970.888079] shmem_file_write_iter+0x111/0x140 [ 970.888095] vfs_write+0xbe9/0x1150 [ 970.888109] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 970.888123] ? __fget_files+0x34/0x3b0 [ 970.888137] ? __pfx_vfs_write+0x10/0x10 [ 970.888159] __x64_sys_pwrite64+0x1f1/0x260 [ 970.888172] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 970.888190] do_syscall_64+0xbf/0x420 [ 970.888206] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 970.888219] RIP: 0033:0x7f9f6fba4ab7 [ 970.888229] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 970.888241] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 970.888254] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 970.888263] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 970.888271] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 970.888278] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 970.888286] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 970.888301] [ 970.911955] FAULT_INJECTION: forcing a failure. [ 970.911955] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 970.913776] CPU: 0 UID: 0 PID: 8392 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 970.913811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 970.913826] Call Trace: [ 970.913835] [ 970.913844] dump_stack_lvl+0xfa/0x120 [ 970.913880] should_fail_ex+0x4d7/0x5e0 [ 970.913923] ? page_copy_sane+0xce/0x2b0 [ 970.913967] copy_folio_from_iter_atomic+0x383/0x1820 [ 970.914022] ? simple_xattr_get+0x173/0x1d0 [ 970.914070] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 970.914114] ? shmem_write_begin+0x1ab/0x3b0 [ 970.914151] ? __pfx_shmem_write_begin+0x10/0x10 [ 970.914186] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 970.914236] generic_perform_write+0x1d7/0x810 [ 970.914280] ? __pfx_generic_perform_write+0x10/0x10 [ 970.914319] ? file_update_time_flags+0x367/0x4f0 [ 970.914366] shmem_file_write_iter+0x111/0x140 [ 970.914403] vfs_write+0xbe9/0x1150 [ 970.914432] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 970.914463] ? __fget_files+0x34/0x3b0 [ 970.914490] ? __pfx_vfs_write+0x10/0x10 [ 970.914535] __x64_sys_pwrite64+0x1f1/0x260 [ 970.914566] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 970.914606] do_syscall_64+0xbf/0x420 [ 970.914639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 970.914668] RIP: 0033:0x7f32b3526ab7 [ 970.914688] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 970.914714] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 970.914738] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 970.914756] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 970.914774] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 970.914791] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 970.914806] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 970.914838] [ 970.915250] loop4: detected capacity change from 0 to 5 [ 970.932018] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 970.932650] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 970.933937] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 970.941459] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:28:50 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x78c, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:50 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x40000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 970.988689] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 970.989248] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 970.989954] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:28:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 14) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:50 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1ffffe, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 971.059857] FAULT_INJECTION: forcing a failure. [ 971.059857] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 971.061843] CPU: 1 UID: 0 PID: 8404 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 971.061861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 971.061868] Call Trace: [ 971.061873] [ 971.061877] dump_stack_lvl+0xfa/0x120 [ 971.061898] should_fail_ex+0x4d7/0x5e0 [ 971.061923] should_fail_alloc_page+0xe0/0x110 [ 971.061939] prepare_alloc_pages+0x1eb/0x550 [ 971.061957] __alloc_frozen_pages_noprof+0x185/0x2070 [ 971.061976] ? __is_insn_slot_addr+0x136/0x290 [ 971.061991] ? lock_release+0xc8/0x270 [ 971.062011] ? __is_insn_slot_addr+0x140/0x290 [ 971.062024] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 971.062050] ? lock_is_held_type+0x9e/0x120 [ 971.062064] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 971.062084] ? policy_nodemask+0xeb/0x4e0 [ 971.062103] alloc_pages_mpol+0xed/0x340 [ 971.062121] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 971.062137] ? filemap_get_entry+0x1bb/0x3b0 [ 971.062155] ? __pfx_filemap_get_entry+0x10/0x10 [ 971.062176] folio_alloc_mpol_noprof+0x38/0x2a0 [ 971.062197] shmem_alloc_folio+0x11b/0x140 [ 971.062212] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 971.062232] ? find_held_lock+0x2b/0x80 [ 971.062245] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 971.062263] ? do_raw_read_trylock+0x92/0xb0 [ 971.062282] ? simple_xattr_get+0x173/0x1d0 [ 971.062302] shmem_write_begin+0x194/0x3b0 [ 971.062320] ? __pfx_shmem_write_begin+0x10/0x10 [ 971.062337] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 971.062357] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 971.062373] ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0 [ 971.062393] generic_perform_write+0x391/0x810 [ 971.062412] ? __pfx_generic_perform_write+0x10/0x10 [ 971.062429] ? file_update_time_flags+0x367/0x4f0 [ 971.062448] shmem_file_write_iter+0x111/0x140 [ 971.062462] vfs_write+0xbe9/0x1150 [ 971.062475] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 971.062488] ? __fget_files+0x34/0x3b0 [ 971.062501] ? __pfx_vfs_write+0x10/0x10 [ 971.062522] __x64_sys_pwrite64+0x1f1/0x260 [ 971.062535] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 971.062553] do_syscall_64+0xbf/0x420 [ 971.062567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 971.062581] RIP: 0033:0x7f1fa0877ab7 [ 971.062591] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 971.062603] RSP: 002b:00007f1f9de39f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 971.062615] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa0877ab7 [ 971.062624] RDX: 000000000000003a RSI: 0000000020010000 RDI: 0000000000000004 [ 971.062631] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 971.062638] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 971.062646] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 971.062661] [ 971.086897] loop4: detected capacity change from 0 to 5 [ 971.089068] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 21:28:50 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1000000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:28:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 15) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:28:50 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x10, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 971.190428] FAULT_INJECTION: forcing a failure. [ 971.190428] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 971.192171] CPU: 0 UID: 0 PID: 8412 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 971.192200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 971.192214] Call Trace: [ 971.192222] [ 971.192231] dump_stack_lvl+0xfa/0x120 [ 971.192264] should_fail_ex+0x4d7/0x5e0 [ 971.192303] ? page_copy_sane+0xce/0x2b0 [ 971.192340] copy_folio_from_iter_atomic+0x383/0x1820 [ 971.192389] ? simple_xattr_get+0x173/0x1d0 [ 971.192423] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 971.192463] ? shmem_write_begin+0x1ab/0x3b0 [ 971.192509] ? __pfx_shmem_write_begin+0x10/0x10 [ 971.192541] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 971.192584] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 971.192618] ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0 [ 971.192655] generic_perform_write+0x1d7/0x810 [ 971.192692] ? __pfx_generic_perform_write+0x10/0x10 [ 971.192724] ? file_update_time_flags+0x367/0x4f0 [ 971.192759] shmem_file_write_iter+0x111/0x140 [ 971.192786] vfs_write+0xbe9/0x1150 [ 971.192809] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 971.192833] ? __fget_files+0x34/0x3b0 [ 971.192857] ? __pfx_vfs_write+0x10/0x10 [ 971.192898] __x64_sys_pwrite64+0x1f1/0x260 [ 971.192922] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 971.192955] do_syscall_64+0xbf/0x420 [ 971.192983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 971.193007] RIP: 0033:0x7f1fa0877ab7 [ 971.193025] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 971.193054] RSP: 002b:00007f1f9de39f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 971.193075] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa0877ab7 [ 971.193091] RDX: 000000000000003a RSI: 0000000020010000 RDI: 0000000000000004 [ 971.193105] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 971.193118] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 971.193132] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 971.193160] [ 971.241436] loop7: detected capacity change from 0 to 32640 [ 971.266522] loop4: detected capacity change from 0 to 5 [ 971.271664] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:28:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 16) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 971.329530] FAULT_INJECTION: forcing a failure. [ 971.329530] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 971.330694] CPU: 1 UID: 0 PID: 8420 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 971.330711] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 971.330718] Call Trace: [ 971.330723] [ 971.330727] dump_stack_lvl+0xfa/0x120 [ 971.330748] should_fail_ex+0x4d7/0x5e0 [ 971.330771] ? page_copy_sane+0xce/0x2b0 [ 971.330791] copy_folio_from_iter_atomic+0x383/0x1820 [ 971.330820] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 971.330841] ? shmem_write_begin+0x1ab/0x3b0 [ 971.330860] ? __pfx_shmem_write_begin+0x10/0x10 [ 971.330877] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 971.330899] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 971.330917] ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0 [ 971.330938] generic_perform_write+0x1d7/0x810 [ 971.330959] ? __pfx_generic_perform_write+0x10/0x10 [ 971.330976] ? file_update_time_flags+0x367/0x4f0 [ 971.330996] shmem_file_write_iter+0x111/0x140 [ 971.331011] vfs_write+0xbe9/0x1150 [ 971.331024] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 971.331038] ? __fget_files+0x34/0x3b0 [ 971.331056] ? __pfx_vfs_write+0x10/0x10 [ 971.331079] __x64_sys_pwrite64+0x1f1/0x260 [ 971.331092] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 971.331110] do_syscall_64+0xbf/0x420 [ 971.331125] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 971.331139] RIP: 0033:0x7f1fa0877ab7 [ 971.331149] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 971.331162] RSP: 002b:00007f1f9de39f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 971.331174] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa0877ab7 [ 971.331183] RDX: 00000000000000a0 RSI: 0000000020000280 RDI: 0000000000000004 [ 971.331190] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 971.331198] R10: 0000000000000560 R11: 0000000000000293 R12: 0000000000000004 [ 971.331205] R13: 0000000000000004 R14: 0000000020000058 R15: 0000000000000001 [ 971.331221] [ 971.355419] loop4: detected capacity change from 0 to 5 [ 971.362411] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:28:50 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x78d, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 971.543971] loop6: detected capacity change from 0 to 32640 21:29:01 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 20) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:01 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x78e, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:01 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 56) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:01 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 17) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:01 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1fffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:29:01 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x60000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:01 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:01 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x300, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 981.474865] FAULT_INJECTION: forcing a failure. [ 981.474865] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 981.475843] CPU: 1 UID: 0 PID: 8437 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 981.475860] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 981.475868] Call Trace: [ 981.475873] [ 981.475878] dump_stack_lvl+0xfa/0x120 [ 981.475899] should_fail_ex+0x4d7/0x5e0 [ 981.475924] ? page_copy_sane+0xce/0x2b0 [ 981.475946] copy_folio_from_iter_atomic+0x383/0x1820 [ 981.475974] ? fault_in_readable+0x12a/0x1d0 [ 981.475994] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 981.476017] ? shmem_write_begin+0x1ab/0x3b0 [ 981.476036] ? __pfx_shmem_write_begin+0x10/0x10 [ 981.476058] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 981.476085] generic_perform_write+0x1d7/0x810 [ 981.476106] ? __pfx_generic_perform_write+0x10/0x10 [ 981.476125] ? file_update_time_flags+0x367/0x4f0 [ 981.476146] shmem_file_write_iter+0x111/0x140 [ 981.476161] vfs_write+0xbe9/0x1150 [ 981.476174] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 981.476188] ? __fget_files+0x34/0x3b0 [ 981.476202] ? __pfx_vfs_write+0x10/0x10 [ 981.476225] __x64_sys_pwrite64+0x1f1/0x260 [ 981.476238] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 981.476257] do_syscall_64+0xbf/0x420 [ 981.476273] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.476287] RIP: 0033:0x7f32b3526ab7 [ 981.476298] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 981.476311] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 981.476324] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 981.476332] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 981.476340] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 981.476348] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 981.476356] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 981.476371] [ 981.494620] FAULT_INJECTION: forcing a failure. [ 981.494620] name failslab, interval 1, probability 0, space 0, times 0 [ 981.495533] CPU: 1 UID: 0 PID: 8439 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 981.495548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 981.495555] Call Trace: [ 981.495558] [ 981.495563] dump_stack_lvl+0xfa/0x120 [ 981.495576] should_fail_ex+0x4d7/0x5e0 [ 981.495598] ? do_getname+0x2b/0x3d0 [ 981.495613] should_failslab+0xc2/0x120 [ 981.495627] kmem_cache_alloc_noprof+0x80/0x760 [ 981.495647] ? vfs_write+0x169/0x1150 [ 981.495660] ? do_getname+0x2b/0x3d0 [ 981.495674] do_getname+0x2b/0x3d0 [ 981.495691] do_sys_openat2+0xa0/0x210 [ 981.495707] ? __pfx_do_sys_openat2+0x10/0x10 [ 981.495729] __x64_sys_openat+0x142/0x200 [ 981.495746] ? __pfx___x64_sys_openat+0x10/0x10 [ 981.495769] do_syscall_64+0xbf/0x420 [ 981.495783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.495794] RIP: 0033:0x7f1fa0877a04 [ 981.495803] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 981.495815] RSP: 002b:00007f1f9de39ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 981.495826] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa0877a04 [ 981.495834] RDX: 0000000000000002 RSI: 00007f1f9de3a000 RDI: 00000000ffffff9c [ 981.495842] RBP: 00007f1f9de3a000 R08: 0000000000000000 R09: ffffffffffffffff [ 981.495849] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 981.495856] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 981.495871] 21:29:01 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 18) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 981.565784] FAULT_INJECTION: forcing a failure. [ 981.565784] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 981.565973] loop4: detected capacity change from 0 to 5 [ 981.571482] CPU: 0 UID: 0 PID: 8451 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 981.571518] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 981.571532] Call Trace: [ 981.571540] [ 981.571550] dump_stack_lvl+0xfa/0x120 [ 981.571591] should_fail_ex+0x4d7/0x5e0 [ 981.571641] ? page_copy_sane+0xce/0x2b0 [ 981.571681] copy_folio_from_iter_atomic+0x383/0x1820 [ 981.571734] ? fault_in_readable+0x12a/0x1d0 [ 981.571770] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 981.571813] ? shmem_write_begin+0x1ab/0x3b0 [ 981.571848] ? __pfx_shmem_write_begin+0x10/0x10 [ 981.571882] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 981.571931] generic_perform_write+0x1d7/0x810 [ 981.571970] ? __pfx_generic_perform_write+0x10/0x10 [ 981.572004] ? file_update_time_flags+0x367/0x4f0 [ 981.572042] shmem_file_write_iter+0x111/0x140 [ 981.572071] vfs_write+0xbe9/0x1150 [ 981.572095] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 981.572122] ? __fget_files+0x34/0x3b0 [ 981.572147] ? __pfx_vfs_write+0x10/0x10 [ 981.572190] __x64_sys_pwrite64+0x1f1/0x260 [ 981.572216] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 981.572250] do_syscall_64+0xbf/0x420 [ 981.572280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.572305] RIP: 0033:0x7f9f6fba4ab7 [ 981.572324] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 981.572348] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 981.572372] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 981.572388] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 981.572403] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 981.572417] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 981.572431] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 981.572461] [ 981.614473] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 981.648764] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 981.649659] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 981.651015] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 981.694466] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 981.694652] loop7: detected capacity change from 0 to 32640 [ 981.695332] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 981.697119] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:29:01 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 19) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 981.735997] loop4: detected capacity change from 0 to 5 [ 981.740382] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 981.799445] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 981.800506] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 981.802449] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 981.885237] loop6: detected capacity change from 0 to 32640 21:29:11 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x810, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:11 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 21) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:11 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 57) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:11 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x810, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:29:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfeff3f, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:29:11 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:11 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 20) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:11 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x80000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 991.599617] FAULT_INJECTION: forcing a failure. [ 991.599617] name failslab, interval 1, probability 0, space 0, times 0 [ 991.601199] CPU: 1 UID: 0 PID: 8484 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 991.601216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 991.601224] Call Trace: [ 991.601228] [ 991.601232] dump_stack_lvl+0xfa/0x120 [ 991.601255] should_fail_ex+0x4d7/0x5e0 [ 991.601279] ? alloc_empty_file+0x58/0x1e0 [ 991.601296] should_failslab+0xc2/0x120 [ 991.601311] kmem_cache_alloc_noprof+0x80/0x760 [ 991.601329] ? __is_insn_slot_addr+0x136/0x290 [ 991.601344] ? lock_release+0xc8/0x270 [ 991.601363] ? alloc_empty_file+0x58/0x1e0 [ 991.601377] alloc_empty_file+0x58/0x1e0 [ 991.601394] path_openat+0xee/0x2d60 [ 991.601407] ? __kernel_text_address+0xd/0x40 [ 991.601424] ? unwind_get_return_address+0x59/0xa0 [ 991.601438] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 991.601455] ? arch_stack_walk+0x9c/0xf0 [ 991.601474] ? __pfx_path_openat+0x10/0x10 [ 991.601488] ? __lock_acquire+0x451/0x2250 [ 991.601507] do_file_open+0x209/0x460 [ 991.601520] ? __pfx_do_file_open+0x10/0x10 [ 991.601538] ? find_held_lock+0x2b/0x80 [ 991.601548] ? alloc_fd+0x2c1/0x560 [ 991.601561] ? lock_release+0xc8/0x270 [ 991.601577] ? _raw_spin_unlock+0x1e/0x40 [ 991.601596] ? alloc_fd+0x2c1/0x560 [ 991.601611] do_sys_openat2+0xe7/0x210 [ 991.601628] ? __pfx_do_sys_openat2+0x10/0x10 [ 991.601650] __x64_sys_openat+0x142/0x200 [ 991.601667] ? __pfx___x64_sys_openat+0x10/0x10 [ 991.601690] do_syscall_64+0xbf/0x420 [ 991.601705] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 991.601718] RIP: 0033:0x7f1fa0877a04 [ 991.601727] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 991.601740] RSP: 002b:00007f1f9de39ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 991.601752] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa0877a04 [ 991.601760] RDX: 0000000000000002 RSI: 00007f1f9de3a000 RDI: 00000000ffffff9c [ 991.601768] RBP: 00007f1f9de3a000 R08: 0000000000000000 R09: ffffffffffffffff [ 991.601775] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 991.601783] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 991.601797] [ 991.606812] FAULT_INJECTION: forcing a failure. [ 991.606812] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 991.642448] FAULT_INJECTION: forcing a failure. [ 991.642448] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 991.643426] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 21:29:11 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 21) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 991.644789] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 991.645830] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 991.649356] CPU: 0 UID: 0 PID: 8487 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 991.649392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 991.649407] Call Trace: [ 991.649415] [ 991.649424] dump_stack_lvl+0xfa/0x120 [ 991.649459] should_fail_ex+0x4d7/0x5e0 [ 991.649510] should_fail_alloc_page+0xe0/0x110 [ 991.649542] prepare_alloc_pages+0x1eb/0x550 [ 991.649570] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 991.649616] __alloc_frozen_pages_noprof+0x185/0x2070 [ 991.649656] ? pte_offset_map_lock+0x190/0x330 [ 991.649687] ? find_held_lock+0x2b/0x80 [ 991.649716] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 991.649763] ? lock_is_held_type+0x9e/0x120 [ 991.649791] ? lock_is_held_type+0x9e/0x120 [ 991.649813] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 991.649855] ? policy_nodemask+0xeb/0x4e0 [ 991.649897] alloc_pages_mpol+0xed/0x340 [ 991.649935] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 991.649970] ? filemap_get_entry+0x1bb/0x3b0 [ 991.650007] ? __pfx_filemap_get_entry+0x10/0x10 [ 991.650059] folio_alloc_mpol_noprof+0x38/0x2a0 [ 991.650105] shmem_alloc_folio+0x11b/0x140 [ 991.650137] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 991.650185] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 991.650231] ? fault_in_readable+0x12a/0x1d0 [ 991.650270] shmem_write_begin+0x194/0x3b0 [ 991.650307] ? __pfx_shmem_write_begin+0x10/0x10 [ 991.650344] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 991.650396] generic_perform_write+0x391/0x810 [ 991.650437] ? __pfx_generic_perform_write+0x10/0x10 [ 991.650473] ? file_update_time_flags+0x367/0x4f0 [ 991.650514] shmem_file_write_iter+0x111/0x140 [ 991.650544] vfs_write+0xbe9/0x1150 [ 991.650569] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 991.650598] ? __fget_files+0x34/0x3b0 [ 991.650625] ? __pfx_vfs_write+0x10/0x10 [ 991.650670] __x64_sys_pwrite64+0x1f1/0x260 [ 991.650698] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 991.650735] do_syscall_64+0xbf/0x420 [ 991.650766] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 991.650793] RIP: 0033:0x7f32b3526ab7 [ 991.650813] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 991.650838] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 991.650863] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 991.650881] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 991.650896] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 991.650912] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 991.650927] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 991.650958] [ 991.671078] CPU: 1 UID: 0 PID: 8486 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 991.671096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 991.671103] Call Trace: [ 991.671108] [ 991.671112] dump_stack_lvl+0xfa/0x120 [ 991.671129] should_fail_ex+0x4d7/0x5e0 [ 991.671152] should_fail_alloc_page+0xe0/0x110 [ 991.671168] prepare_alloc_pages+0x1eb/0x550 [ 991.671181] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 991.671202] __alloc_frozen_pages_noprof+0x185/0x2070 [ 991.671221] ? pte_offset_map_lock+0x190/0x330 [ 991.671237] ? find_held_lock+0x2b/0x80 [ 991.671252] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 991.671277] ? lock_is_held_type+0x9e/0x120 [ 991.671297] ? lock_is_held_type+0x9e/0x120 [ 991.671307] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 991.671327] ? policy_nodemask+0xeb/0x4e0 [ 991.671347] alloc_pages_mpol+0xed/0x340 [ 991.671365] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 991.671382] ? filemap_get_entry+0x1bb/0x3b0 [ 991.671399] ? __pfx_filemap_get_entry+0x10/0x10 [ 991.671420] folio_alloc_mpol_noprof+0x38/0x2a0 [ 991.671441] shmem_alloc_folio+0x11b/0x140 [ 991.671456] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 991.671479] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 991.671500] ? fault_in_readable+0x12a/0x1d0 [ 991.671518] shmem_write_begin+0x194/0x3b0 [ 991.671535] ? __pfx_shmem_write_begin+0x10/0x10 [ 991.671553] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 991.671577] generic_perform_write+0x391/0x810 [ 991.671597] ? __pfx_generic_perform_write+0x10/0x10 [ 991.671614] ? file_update_time_flags+0x367/0x4f0 [ 991.671633] shmem_file_write_iter+0x111/0x140 [ 991.671647] vfs_write+0xbe9/0x1150 [ 991.671659] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 991.671672] ? __fget_files+0x34/0x3b0 [ 991.671684] ? __pfx_vfs_write+0x10/0x10 [ 991.671707] __x64_sys_pwrite64+0x1f1/0x260 [ 991.671720] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 991.671738] do_syscall_64+0xbf/0x420 [ 991.671752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 991.671765] RIP: 0033:0x7f9f6fba4ab7 [ 991.671775] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 991.671787] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 991.671799] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 991.671807] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 991.671814] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 991.671821] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 991.671828] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 991.671844] [ 991.672689] loop7: detected capacity change from 0 to 112 [ 991.686985] loop6: detected capacity change from 0 to 16 [ 991.707833] loop4: detected capacity change from 0 to 5 [ 991.722947] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:29:11 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 22) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 991.771897] FAULT_INJECTION: forcing a failure. [ 991.771897] name failslab, interval 1, probability 0, space 0, times 0 [ 991.772875] CPU: 1 UID: 0 PID: 8501 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 991.772891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 991.772899] Call Trace: [ 991.772904] [ 991.772908] dump_stack_lvl+0xfa/0x120 [ 991.772929] should_fail_ex+0x4d7/0x5e0 [ 991.772953] ? security_file_alloc+0x35/0x130 [ 991.772967] should_failslab+0xc2/0x120 [ 991.772982] kmem_cache_alloc_noprof+0x80/0x760 [ 991.773001] ? __create_object+0x59/0x80 [ 991.773020] ? security_file_alloc+0x35/0x130 [ 991.773033] security_file_alloc+0x35/0x130 [ 991.773051] init_file+0x95/0x480 [ 991.773067] alloc_empty_file+0x76/0x1e0 [ 991.773083] path_openat+0xee/0x2d60 [ 991.773096] ? __kernel_text_address+0xd/0x40 [ 991.773113] ? unwind_get_return_address+0x59/0xa0 [ 991.773127] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 991.773144] ? arch_stack_walk+0x9c/0xf0 [ 991.773163] ? __pfx_path_openat+0x10/0x10 [ 991.773177] ? __lock_acquire+0x451/0x2250 [ 991.773196] do_file_open+0x209/0x460 [ 991.773209] ? __pfx_do_file_open+0x10/0x10 [ 991.773227] ? find_held_lock+0x2b/0x80 [ 991.773238] ? alloc_fd+0x2c1/0x560 [ 991.773250] ? lock_release+0xc8/0x270 [ 991.773267] ? _raw_spin_unlock+0x1e/0x40 [ 991.773284] ? alloc_fd+0x2c1/0x560 [ 991.773300] do_sys_openat2+0xe7/0x210 [ 991.773317] ? __pfx_do_sys_openat2+0x10/0x10 [ 991.773339] __x64_sys_openat+0x142/0x200 [ 991.773356] ? __pfx___x64_sys_openat+0x10/0x10 [ 991.773378] do_syscall_64+0xbf/0x420 [ 991.773394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 991.773406] RIP: 0033:0x7f1fa0877a04 [ 991.773416] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 991.773428] RSP: 002b:00007f1f9de39ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 991.773440] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa0877a04 [ 991.773449] RDX: 0000000000000002 RSI: 00007f1f9de3a000 RDI: 00000000ffffff9c [ 991.773456] RBP: 00007f1f9de3a000 R08: 0000000000000000 R09: ffffffffffffffff [ 991.773464] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 991.773471] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 991.773485] 21:29:11 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 23) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:11 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 22) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:29:11 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 58) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 991.916008] FAULT_INJECTION: forcing a failure. [ 991.916008] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 991.916991] CPU: 1 UID: 0 PID: 8505 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 991.917007] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 991.917014] Call Trace: [ 991.917019] [ 991.917023] dump_stack_lvl+0xfa/0x120 [ 991.917047] should_fail_ex+0x4d7/0x5e0 [ 991.917069] ? page_copy_sane+0xce/0x2b0 [ 991.917089] copy_folio_from_iter_atomic+0x383/0x1820 [ 991.917115] ? fault_in_readable+0x12a/0x1d0 [ 991.917134] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 991.917157] ? shmem_write_begin+0x1ab/0x3b0 [ 991.917175] ? __pfx_shmem_write_begin+0x10/0x10 [ 991.917193] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 991.917217] generic_perform_write+0x1d7/0x810 [ 991.917237] ? __pfx_generic_perform_write+0x10/0x10 [ 991.917254] ? file_update_time_flags+0x367/0x4f0 [ 991.917273] shmem_file_write_iter+0x111/0x140 [ 991.917288] vfs_write+0xbe9/0x1150 [ 991.917300] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 991.917314] ? __fget_files+0x34/0x3b0 [ 991.917327] ? __pfx_vfs_write+0x10/0x10 [ 991.917348] __x64_sys_pwrite64+0x1f1/0x260 [ 991.917361] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 991.917379] do_syscall_64+0xbf/0x420 [ 991.917394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 991.917407] RIP: 0033:0x7f32b3526ab7 [ 991.917416] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 991.917428] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 991.917440] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 991.917448] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 991.917455] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 991.917463] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 991.917470] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 991.917485] [ 991.975249] loop4: detected capacity change from 0 to 5 [ 991.986536] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 991.988751] FAULT_INJECTION: forcing a failure. [ 991.988751] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 991.990568] CPU: 0 UID: 0 PID: 8514 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 991.990599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 991.990613] Call Trace: [ 991.990621] [ 991.990630] dump_stack_lvl+0xfa/0x120 [ 991.990664] should_fail_ex+0x4d7/0x5e0 [ 991.990703] ? page_copy_sane+0xce/0x2b0 [ 991.990740] copy_folio_from_iter_atomic+0x383/0x1820 [ 991.990790] ? fault_in_readable+0x12a/0x1d0 [ 991.990824] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 991.990863] ? shmem_write_begin+0x1ab/0x3b0 [ 991.990896] ? __pfx_shmem_write_begin+0x10/0x10 [ 991.990928] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 991.990974] generic_perform_write+0x1d7/0x810 [ 991.991012] ? __pfx_generic_perform_write+0x10/0x10 [ 991.991052] ? file_update_time_flags+0x367/0x4f0 [ 991.991089] shmem_file_write_iter+0x111/0x140 [ 991.991116] vfs_write+0xbe9/0x1150 [ 991.991140] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 991.991166] ? __fget_files+0x34/0x3b0 [ 991.991190] ? __pfx_vfs_write+0x10/0x10 [ 991.991233] __x64_sys_pwrite64+0x1f1/0x260 [ 991.991259] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 991.991293] do_syscall_64+0xbf/0x420 [ 991.991321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 991.991346] RIP: 0033:0x7f9f6fba4ab7 [ 991.991365] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 991.991388] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 991.991411] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 991.991427] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 991.991442] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 991.991457] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 991.991471] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 991.991501] 21:29:11 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 24) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:11 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xa0000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:11 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xa00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:11 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x1008, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:29:11 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x2, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 992.205627] FAULT_INJECTION: forcing a failure. [ 992.205627] name failslab, interval 1, probability 0, space 0, times 0 [ 992.207642] CPU: 0 UID: 0 PID: 8528 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 992.207674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 992.207688] Call Trace: [ 992.207696] [ 992.207704] dump_stack_lvl+0xfa/0x120 [ 992.207737] should_fail_ex+0x4d7/0x5e0 [ 992.207783] ? __kernfs_new_node+0xd3/0x940 [ 992.207818] should_failslab+0xc2/0x120 [ 992.207846] kmem_cache_alloc_noprof+0x80/0x760 [ 992.207884] ? __pfx_avc_has_perm+0x10/0x10 [ 992.207918] ? __kernfs_new_node+0xd3/0x940 [ 992.207952] __kernfs_new_node+0xd3/0x940 [ 992.207985] ? __lock_acquire+0x451/0x2250 [ 992.208020] ? __pfx___kernfs_new_node+0x10/0x10 [ 992.208067] ? lock_acquire+0x15e/0x2d0 [ 992.208095] ? kernfs_root+0x23/0x2a0 [ 992.208127] ? find_held_lock+0x2b/0x80 [ 992.208148] ? kernfs_root+0xee/0x2a0 [ 992.208180] ? lock_release+0xc8/0x270 [ 992.208207] ? lock_is_held_type+0x9e/0x120 [ 992.208236] kernfs_new_node+0x13c/0x1e0 [ 992.208277] kernfs_create_dir_ns+0x4d/0x1a0 [ 992.208303] internal_create_group+0x440/0xeb0 [ 992.208338] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 992.208370] ? __pfx_internal_create_group+0x10/0x10 [ 992.208404] ? blk_validate_limits+0xc27/0x15c0 [ 992.208437] ? lock_is_held_type+0x9e/0x120 [ 992.208467] loop_configure+0xc46/0x15a0 [ 992.208527] ? __pfx_loop_configure+0x10/0x10 [ 992.208579] ? avc_has_extended_perms+0x107/0xf20 [ 992.208608] ? find_held_lock+0x2b/0x80 [ 992.208629] ? avc_has_extended_perms+0x23b/0xf20 [ 992.208657] ? lock_release+0xc8/0x270 [ 992.208690] lo_ioctl+0x674/0x1cb0 [ 992.208746] ? __pfx_lo_ioctl+0x10/0x10 [ 992.208781] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 992.208818] ? lock_acquire+0x15e/0x2d0 [ 992.208847] ? __virt_addr_valid+0x1c6/0x5d0 [ 992.208875] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 992.208910] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 992.208942] ? lock_release+0xc8/0x270 [ 992.208971] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 992.209010] ? blkdev_common_ioctl+0x1c3/0x2860 [ 992.209072] ? debug_mutex_wake_waiter+0x2c0/0x330 [ 992.209111] ? __fget_files+0x34/0x3b0 [ 992.209136] ? find_held_lock+0x2b/0x80 [ 992.209157] ? __fget_files+0x203/0x3b0 [ 992.209183] ? __pfx_lo_ioctl+0x10/0x10 [ 992.209219] blkdev_ioctl+0x365/0x6d0 [ 992.209249] ? __pfx_blkdev_ioctl+0x10/0x10 [ 992.209281] ? selinux_file_ioctl+0xb9/0x280 [ 992.209322] ? __pfx_blkdev_ioctl+0x10/0x10 [ 992.209355] __x64_sys_ioctl+0x18f/0x210 [ 992.209395] do_syscall_64+0xbf/0x420 [ 992.209423] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 992.209448] RIP: 0033:0x7f1fa08c48d7 [ 992.209467] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 992.209491] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 992.209515] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa08c48d7 [ 992.209530] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 992.209545] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 992.209559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 992.209573] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 992.209603] [ 992.231503] loop6: detected capacity change from 0 to 32640 [ 992.248464] loop4: detected capacity change from 0 to 5 21:29:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 992.293380] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 992.317823] loop7: detected capacity change from 0 to 32640 21:29:11 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x4000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:29:11 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 59) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 992.391870] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 992.393006] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 992.394592] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:29:12 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 25) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 992.434897] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 992.435667] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 992.436450] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:29:12 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc0000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 992.495990] FAULT_INJECTION: forcing a failure. [ 992.495990] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 992.496964] CPU: 1 UID: 0 PID: 8546 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 992.496981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 992.496989] Call Trace: [ 992.496995] [ 992.496999] dump_stack_lvl+0xfa/0x120 [ 992.497020] should_fail_ex+0x4d7/0x5e0 [ 992.497047] ? page_copy_sane+0xce/0x2b0 [ 992.497069] copy_folio_from_iter_atomic+0x383/0x1820 [ 992.497097] ? fault_in_readable+0x12a/0x1d0 [ 992.497116] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 992.497137] ? shmem_write_begin+0x1ab/0x3b0 [ 992.497156] ? __pfx_shmem_write_begin+0x10/0x10 [ 992.497173] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 992.497199] generic_perform_write+0x1d7/0x810 [ 992.497220] ? __pfx_generic_perform_write+0x10/0x10 [ 992.497238] ? file_update_time_flags+0x367/0x4f0 [ 992.497258] shmem_file_write_iter+0x111/0x140 [ 992.497273] vfs_write+0xbe9/0x1150 [ 992.497287] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 992.497301] ? __fget_files+0x34/0x3b0 [ 992.497315] ? __pfx_vfs_write+0x10/0x10 [ 992.497338] __x64_sys_pwrite64+0x1f1/0x260 [ 992.497351] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 992.497370] do_syscall_64+0xbf/0x420 [ 992.497385] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 992.497400] RIP: 0033:0x7f9f6fba4ab7 [ 992.497410] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 992.497424] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 992.497437] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 992.497445] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 992.497454] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 992.497462] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 992.497469] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 992.497485] 21:29:12 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:12 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x3, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:12 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 992.608880] loop4: detected capacity change from 0 to 5 [ 992.617373] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 992.654143] loop7: detected capacity change from 0 to 32640 [ 992.657173] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 992.657630] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 992.661412] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 992.702287] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 992.703539] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 992.705575] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 992.747275] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 992.748346] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 992.749781] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 992.751196] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 992.751662] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 992.752410] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 992.753413] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 992.757504] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 992.760116] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:29:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 23) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 26) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:20 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:20 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x80000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:29:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 60) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:20 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xe00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:20 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xe0000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:20 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1001.192590] FAULT_INJECTION: forcing a failure. [ 1001.192590] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1001.193922] CPU: 1 UID: 0 PID: 8575 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1001.193938] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1001.193946] Call Trace: [ 1001.193950] [ 1001.193954] dump_stack_lvl+0xfa/0x120 [ 1001.193973] should_fail_ex+0x4d7/0x5e0 [ 1001.193998] should_fail_alloc_page+0xe0/0x110 [ 1001.194014] prepare_alloc_pages+0x1eb/0x550 [ 1001.194028] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1001.194053] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1001.194071] ? pte_offset_map_lock+0x190/0x330 [ 1001.194085] ? find_held_lock+0x2b/0x80 [ 1001.194099] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1001.194120] ? lock_is_held_type+0x9e/0x120 [ 1001.194133] ? lock_is_held_type+0x9e/0x120 [ 1001.194142] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1001.194163] ? policy_nodemask+0xeb/0x4e0 [ 1001.194181] alloc_pages_mpol+0xed/0x340 [ 1001.194198] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1001.194217] ? filemap_get_entry+0x1bb/0x3b0 [ 1001.194235] ? __pfx_filemap_get_entry+0x10/0x10 [ 1001.194254] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1001.194274] shmem_alloc_folio+0x11b/0x140 [ 1001.194289] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1001.194311] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1001.194330] ? fault_in_readable+0x12a/0x1d0 [ 1001.194348] shmem_write_begin+0x194/0x3b0 [ 1001.194364] ? __pfx_shmem_write_begin+0x10/0x10 [ 1001.194380] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1001.194403] generic_perform_write+0x391/0x810 [ 1001.194422] ? __pfx_generic_perform_write+0x10/0x10 [ 1001.194438] ? file_update_time_flags+0x367/0x4f0 [ 1001.194457] shmem_file_write_iter+0x111/0x140 [ 1001.194470] vfs_write+0xbe9/0x1150 [ 1001.194482] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1001.194495] ? __fget_files+0x34/0x3b0 [ 1001.194507] ? __pfx_vfs_write+0x10/0x10 [ 1001.194528] __x64_sys_pwrite64+0x1f1/0x260 [ 1001.194540] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1001.194557] do_syscall_64+0xbf/0x420 [ 1001.194571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1001.194584] RIP: 0033:0x7f9f6fba4ab7 [ 1001.194594] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1001.194606] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1001.194617] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1001.194625] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1001.194632] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1001.194640] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1001.194646] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1001.194661] [ 1001.218226] loop7: detected capacity change from 0 to 120 [ 1001.220482] EXT4-fs (loop7): VFS: Can't find ext4 filesystem 21:29:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 61) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1001.235641] FAULT_INJECTION: forcing a failure. [ 1001.235641] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1001.237577] CPU: 0 UID: 0 PID: 8580 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1001.237611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1001.237626] Call Trace: [ 1001.237635] [ 1001.237650] dump_stack_lvl+0xfa/0x120 [ 1001.237685] should_fail_ex+0x4d7/0x5e0 [ 1001.237730] ? page_copy_sane+0xce/0x2b0 [ 1001.237773] copy_folio_from_iter_atomic+0x383/0x1820 [ 1001.237829] ? fault_in_readable+0x12a/0x1d0 [ 1001.237867] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1001.237913] ? shmem_write_begin+0x1ab/0x3b0 [ 1001.237950] ? __pfx_shmem_write_begin+0x10/0x10 [ 1001.237987] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1001.238039] generic_perform_write+0x1d7/0x810 [ 1001.238086] ? __pfx_generic_perform_write+0x10/0x10 [ 1001.238122] ? file_update_time_flags+0x367/0x4f0 [ 1001.238161] shmem_file_write_iter+0x111/0x140 [ 1001.238191] vfs_write+0xbe9/0x1150 [ 1001.238216] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1001.238246] ? __fget_files+0x34/0x3b0 [ 1001.238274] ? __pfx_vfs_write+0x10/0x10 [ 1001.238320] __x64_sys_pwrite64+0x1f1/0x260 [ 1001.238347] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1001.238383] do_syscall_64+0xbf/0x420 [ 1001.238413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1001.238440] RIP: 0033:0x7f32b3526ab7 [ 1001.238460] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1001.238486] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1001.238511] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1001.238528] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1001.238544] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1001.238560] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1001.238575] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1001.238607] [ 1001.249094] FAULT_INJECTION: forcing a failure. [ 1001.249094] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1001.252849] loop4: detected capacity change from 0 to 5 [ 1001.253889] CPU: 1 UID: 0 PID: 8584 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1001.253908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1001.253915] Call Trace: [ 1001.253920] [ 1001.253925] dump_stack_lvl+0xfa/0x120 [ 1001.253943] should_fail_ex+0x4d7/0x5e0 [ 1001.253964] ? page_copy_sane+0xce/0x2b0 [ 1001.253986] copy_folio_from_iter_atomic+0x383/0x1820 [ 1001.254013] ? fault_in_readable+0x12a/0x1d0 [ 1001.254032] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1001.254059] ? shmem_write_begin+0x1ab/0x3b0 [ 1001.254076] ? __pfx_shmem_write_begin+0x10/0x10 [ 1001.254094] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1001.254120] generic_perform_write+0x1d7/0x810 [ 1001.254140] ? __pfx_generic_perform_write+0x10/0x10 [ 1001.254157] ? file_update_time_flags+0x367/0x4f0 [ 1001.254177] shmem_file_write_iter+0x111/0x140 [ 1001.254192] vfs_write+0xbe9/0x1150 [ 1001.254204] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1001.254218] ? __fget_files+0x34/0x3b0 [ 1001.254231] ? __pfx_vfs_write+0x10/0x10 [ 1001.254253] __x64_sys_pwrite64+0x1f1/0x260 [ 1001.254265] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1001.254283] do_syscall_64+0xbf/0x420 [ 1001.254299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1001.254312] RIP: 0033:0x7f9f6fba4ab7 [ 1001.254321] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1001.254334] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1001.254346] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1001.254354] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1001.254361] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1001.254369] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1001.254376] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1001.254391] [ 1001.351787] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1001.352543] loop7: detected capacity change from 0 to 32640 21:29:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 27) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1001.438767] loop6: detected capacity change from 0 to 32640 21:29:21 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 62) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1001.490876] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1001.492404] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1001.493969] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1001.507865] FAULT_INJECTION: forcing a failure. [ 1001.507865] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1001.508863] CPU: 1 UID: 0 PID: 8602 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1001.508883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1001.508892] Call Trace: [ 1001.508897] [ 1001.508902] dump_stack_lvl+0xfa/0x120 [ 1001.508921] should_fail_ex+0x4d7/0x5e0 [ 1001.508944] ? page_copy_sane+0xce/0x2b0 [ 1001.508964] copy_folio_from_iter_atomic+0x383/0x1820 [ 1001.508991] ? fault_in_readable+0x12a/0x1d0 [ 1001.509010] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1001.509031] ? shmem_write_begin+0x1ab/0x3b0 [ 1001.509053] ? __pfx_shmem_write_begin+0x10/0x10 [ 1001.509069] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1001.509093] generic_perform_write+0x1d7/0x810 [ 1001.509114] ? __pfx_generic_perform_write+0x10/0x10 [ 1001.509130] ? file_update_time_flags+0x367/0x4f0 [ 1001.509150] shmem_file_write_iter+0x111/0x140 [ 1001.509164] vfs_write+0xbe9/0x1150 [ 1001.509177] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1001.509190] ? __fget_files+0x34/0x3b0 [ 1001.509203] ? __pfx_vfs_write+0x10/0x10 [ 1001.509225] __x64_sys_pwrite64+0x1f1/0x260 [ 1001.509238] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1001.509256] do_syscall_64+0xbf/0x420 [ 1001.509271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1001.509284] RIP: 0033:0x7f9f6fba4ab7 [ 1001.509294] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1001.509306] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1001.509318] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1001.509326] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1001.509334] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1001.509341] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1001.509348] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1001.509364] [ 1001.509587] loop4: detected capacity change from 0 to 5 [ 1001.580689] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:29:21 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x1000000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:29:21 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x100000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:21 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x5000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:29:21 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x8, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1001.721586] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1001.723224] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1001.723919] loop7: detected capacity change from 0 to 32640 [ 1001.724867] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1001.733178] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1001.733677] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1001.734494] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1001.753452] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1001.754806] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1001.756200] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1001.794735] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1001.795647] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1001.797142] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1001.828598] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1001.829130] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1001.829846] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:29:30 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 24) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:30 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 28) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:30 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 63) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:30 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x2000000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:29:30 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x10, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:30 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x6000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:29:30 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1ffffe, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1011.083944] FAULT_INJECTION: forcing a failure. [ 1011.083944] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1011.084941] loop4: detected capacity change from 0 to 5 [ 1011.086849] CPU: 1 UID: 0 PID: 8636 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1011.086868] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1011.086876] Call Trace: [ 1011.086881] [ 1011.086886] dump_stack_lvl+0xfa/0x120 [ 1011.086907] should_fail_ex+0x4d7/0x5e0 [ 1011.086934] should_fail_alloc_page+0xe0/0x110 [ 1011.086951] prepare_alloc_pages+0x1eb/0x550 [ 1011.086966] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1011.086990] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1011.087010] ? pte_offset_map_lock+0x190/0x330 [ 1011.087027] ? find_held_lock+0x2b/0x80 [ 1011.087046] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1011.087072] ? lock_is_held_type+0x9e/0x120 [ 1011.087087] ? lock_is_held_type+0x9e/0x120 [ 1011.087098] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1011.087120] ? policy_nodemask+0xeb/0x4e0 [ 1011.087141] alloc_pages_mpol+0xed/0x340 [ 1011.087160] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1011.087178] ? filemap_get_entry+0x1bb/0x3b0 [ 1011.087197] ? __pfx_filemap_get_entry+0x10/0x10 [ 1011.087220] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1011.087243] shmem_alloc_folio+0x11b/0x140 [ 1011.087259] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1011.087283] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1011.087305] ? fault_in_readable+0x12a/0x1d0 [ 1011.087325] shmem_write_begin+0x194/0x3b0 [ 1011.087343] ? __pfx_shmem_write_begin+0x10/0x10 [ 1011.087362] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1011.087387] generic_perform_write+0x391/0x810 [ 1011.087408] ? __pfx_generic_perform_write+0x10/0x10 [ 1011.087427] ? file_update_time_flags+0x367/0x4f0 [ 1011.087447] shmem_file_write_iter+0x111/0x140 [ 1011.087462] vfs_write+0xbe9/0x1150 [ 1011.087475] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1011.087490] ? __fget_files+0x34/0x3b0 [ 1011.087504] ? __pfx_vfs_write+0x10/0x10 [ 1011.087526] __x64_sys_pwrite64+0x1f1/0x260 [ 1011.087540] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1011.087559] do_syscall_64+0xbf/0x420 [ 1011.087575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1011.087589] RIP: 0033:0x7f32b3526ab7 [ 1011.087599] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1011.087613] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1011.087626] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1011.087634] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1011.087642] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1011.087650] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1011.087658] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1011.087674] [ 1011.118704] FAULT_INJECTION: forcing a failure. [ 1011.118704] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1011.122121] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1011.122958] loop6: detected capacity change from 0 to 24 [ 1011.125223] CPU: 0 UID: 0 PID: 8638 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1011.125260] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1011.125274] Call Trace: [ 1011.125282] [ 1011.125290] dump_stack_lvl+0xfa/0x120 [ 1011.125320] should_fail_ex+0x4d7/0x5e0 [ 1011.125365] should_fail_alloc_page+0xe0/0x110 [ 1011.125394] prepare_alloc_pages+0x1eb/0x550 [ 1011.125419] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1011.125461] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1011.125498] ? pte_offset_map_lock+0x190/0x330 [ 1011.125527] ? find_held_lock+0x2b/0x80 [ 1011.125554] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1011.125599] ? lock_is_held_type+0x9e/0x120 [ 1011.125623] ? lock_is_held_type+0x9e/0x120 [ 1011.125644] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1011.125682] ? policy_nodemask+0xeb/0x4e0 [ 1011.125720] alloc_pages_mpol+0xed/0x340 [ 1011.125755] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1011.125788] ? filemap_get_entry+0x1bb/0x3b0 [ 1011.125822] ? __pfx_filemap_get_entry+0x10/0x10 [ 1011.125863] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1011.125906] shmem_alloc_folio+0x11b/0x140 [ 1011.125934] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1011.125979] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1011.126020] ? fault_in_readable+0x12a/0x1d0 [ 1011.126063] shmem_write_begin+0x194/0x3b0 [ 1011.126097] ? __pfx_shmem_write_begin+0x10/0x10 [ 1011.126131] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1011.126178] generic_perform_write+0x391/0x810 [ 1011.126217] ? __pfx_generic_perform_write+0x10/0x10 [ 1011.126252] ? file_update_time_flags+0x367/0x4f0 [ 1011.126288] shmem_file_write_iter+0x111/0x140 [ 1011.126316] vfs_write+0xbe9/0x1150 [ 1011.126340] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1011.126366] ? __fget_files+0x34/0x3b0 [ 1011.126390] ? __pfx_vfs_write+0x10/0x10 [ 1011.126434] __x64_sys_pwrite64+0x1f1/0x260 [ 1011.126460] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1011.126495] do_syscall_64+0xbf/0x420 [ 1011.126524] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1011.126548] RIP: 0033:0x7f9f6fba4ab7 [ 1011.126567] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1011.126590] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1011.126613] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1011.126629] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1011.126644] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1011.126658] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1011.126672] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1011.126702] [ 1011.128897] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 1011.137951] loop7: detected capacity change from 0 to 128 [ 1011.180928] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 1011.280181] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1011.280653] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1011.283071] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:29:40 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 25) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:40 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1008, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:40 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x300, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:40 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x3000000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:29:40 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 64) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:40 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:29:40 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1fffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 29) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1020.545542] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1020.546039] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1020.547925] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1020.551888] FAULT_INJECTION: forcing a failure. [ 1020.551888] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1020.552897] CPU: 1 UID: 0 PID: 8659 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1020.552913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1020.552921] Call Trace: [ 1020.552925] [ 1020.552930] dump_stack_lvl+0xfa/0x120 [ 1020.552951] should_fail_ex+0x4d7/0x5e0 [ 1020.552973] ? page_copy_sane+0xce/0x2b0 [ 1020.552994] copy_folio_from_iter_atomic+0x383/0x1820 [ 1020.553028] ? fault_in_readable+0x12a/0x1d0 [ 1020.553051] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1020.553072] ? shmem_write_begin+0x1ab/0x3b0 [ 1020.553090] ? __pfx_shmem_write_begin+0x10/0x10 [ 1020.553107] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1020.553133] generic_perform_write+0x1d7/0x810 [ 1020.553154] ? __pfx_generic_perform_write+0x10/0x10 [ 1020.553171] ? file_update_time_flags+0x367/0x4f0 [ 1020.553192] shmem_file_write_iter+0x111/0x140 [ 1020.553206] vfs_write+0xbe9/0x1150 [ 1020.553218] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1020.553231] ? __fget_files+0x34/0x3b0 [ 1020.553244] ? __pfx_vfs_write+0x10/0x10 [ 1020.553266] __x64_sys_pwrite64+0x1f1/0x260 [ 1020.553279] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1020.553297] do_syscall_64+0xbf/0x420 [ 1020.553316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1020.553330] RIP: 0033:0x7f9f6fba4ab7 [ 1020.553339] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1020.553351] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1020.553364] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1020.553372] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1020.553379] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1020.553387] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1020.553395] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1020.553410] [ 1020.576457] FAULT_INJECTION: forcing a failure. [ 1020.576457] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1020.578567] CPU: 0 UID: 0 PID: 8666 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1020.578602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1020.578617] Call Trace: [ 1020.578626] [ 1020.578637] dump_stack_lvl+0xfa/0x120 [ 1020.578674] should_fail_ex+0x4d7/0x5e0 [ 1020.578720] ? page_copy_sane+0xce/0x2b0 [ 1020.578765] copy_folio_from_iter_atomic+0x383/0x1820 [ 1020.578824] ? fault_in_readable+0x12a/0x1d0 [ 1020.578864] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1020.578911] ? shmem_write_begin+0x1ab/0x3b0 [ 1020.578950] ? __pfx_shmem_write_begin+0x10/0x10 [ 1020.578989] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1020.579051] generic_perform_write+0x1d7/0x810 [ 1020.579096] ? __pfx_generic_perform_write+0x10/0x10 [ 1020.579134] ? file_update_time_flags+0x367/0x4f0 [ 1020.579177] shmem_file_write_iter+0x111/0x140 [ 1020.579209] vfs_write+0xbe9/0x1150 [ 1020.579236] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1020.579265] ? __fget_files+0x34/0x3b0 [ 1020.579293] ? __pfx_vfs_write+0x10/0x10 [ 1020.579341] __x64_sys_pwrite64+0x1f1/0x260 [ 1020.579371] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1020.579409] do_syscall_64+0xbf/0x420 [ 1020.579442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1020.579471] RIP: 0033:0x7f32b3526ab7 [ 1020.579491] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1020.579516] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1020.579542] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1020.579559] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1020.579576] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1020.579592] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1020.579608] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1020.579641] [ 1020.617571] loop4: detected capacity change from 0 to 5 [ 1020.626726] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:29:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 30) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1020.698504] loop7: detected capacity change from 0 to 32640 21:29:40 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1020.748296] FAULT_INJECTION: forcing a failure. [ 1020.748296] name failslab, interval 1, probability 0, space 0, times 0 [ 1020.754168] CPU: 0 UID: 0 PID: 8683 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1020.754201] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1020.754215] Call Trace: [ 1020.754222] [ 1020.754231] dump_stack_lvl+0xfa/0x120 [ 1020.754263] should_fail_ex+0x4d7/0x5e0 [ 1020.754305] ? __kernfs_new_node+0xd3/0x940 [ 1020.754338] should_failslab+0xc2/0x120 [ 1020.754373] kmem_cache_alloc_noprof+0x80/0x760 [ 1020.754415] ? __kernfs_new_node+0xd3/0x940 [ 1020.754446] __kernfs_new_node+0xd3/0x940 [ 1020.754477] ? __lock_acquire+0x451/0x2250 [ 1020.754510] ? __pfx___kernfs_new_node+0x10/0x10 [ 1020.754547] ? lock_acquire+0x15e/0x2d0 [ 1020.754575] ? kernfs_root+0x23/0x2a0 [ 1020.754606] ? find_held_lock+0x2b/0x80 [ 1020.754626] ? kernfs_root+0xee/0x2a0 [ 1020.754658] ? lock_release+0xc8/0x270 [ 1020.754684] ? lock_is_held_type+0x9e/0x120 [ 1020.754711] kernfs_new_node+0x13c/0x1e0 [ 1020.754753] __kernfs_create_file+0x55/0x360 [ 1020.754783] sysfs_add_file_mode_ns+0x21c/0x430 [ 1020.754816] ? __pfx_dev_attr_store+0x10/0x10 [ 1020.754856] internal_create_group+0x662/0xeb0 [ 1020.754898] ? __pfx_internal_create_group+0x10/0x10 [ 1020.754932] ? blk_validate_limits+0xc27/0x15c0 [ 1020.754963] ? lock_is_held_type+0x9e/0x120 21:29:40 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 65) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1020.754987] loop_configure+0xc46/0x15a0 [ 1020.755048] ? __pfx_loop_configure+0x10/0x10 [ 1020.755096] ? avc_has_extended_perms+0x107/0xf20 [ 1020.755125] ? find_held_lock+0x2b/0x80 [ 1020.755144] ? avc_has_extended_perms+0x23b/0xf20 [ 1020.755171] ? lock_release+0xc8/0x270 [ 1020.755202] lo_ioctl+0x674/0x1cb0 [ 1020.755241] ? __pfx_lo_ioctl+0x10/0x10 [ 1020.755273] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 1020.755300] ? __lock_acquire+0x451/0x2250 [ 1020.755331] ? update_load_avg+0x153/0x1c90 [ 1020.755367] ? __lock_acquire+0x451/0x2250 [ 1020.755396] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1020.755433] ? blkdev_common_ioctl+0x1c3/0x2860 [ 1020.755490] ? debug_mutex_wake_waiter+0x2c0/0x330 [ 1020.755527] ? __fget_files+0x34/0x3b0 [ 1020.755550] ? find_held_lock+0x2b/0x80 [ 1020.755570] ? __fget_files+0x203/0x3b0 [ 1020.755594] ? __pfx_lo_ioctl+0x10/0x10 [ 1020.755627] blkdev_ioctl+0x365/0x6d0 [ 1020.755656] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1020.755685] ? selinux_file_ioctl+0xb9/0x280 [ 1020.755723] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1020.755754] __x64_sys_ioctl+0x18f/0x210 [ 1020.755792] do_syscall_64+0xbf/0x420 [ 1020.755819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1020.755842] RIP: 0033:0x7f1fa08c48d7 [ 1020.755860] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1020.755882] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1020.755903] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa08c48d7 [ 1020.755918] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1020.755931] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1020.755944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1020.755957] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 1020.755985] [ 1020.795758] FAULT_INJECTION: forcing a failure. [ 1020.795758] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1020.801235] CPU: 1 UID: 0 PID: 8686 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1020.801254] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1020.801263] Call Trace: [ 1020.801267] [ 1020.801273] dump_stack_lvl+0xfa/0x120 [ 1020.801296] should_fail_ex+0x4d7/0x5e0 [ 1020.801322] ? page_copy_sane+0xce/0x2b0 [ 1020.801344] copy_folio_from_iter_atomic+0x383/0x1820 [ 1020.801374] ? fault_in_readable+0x12a/0x1d0 [ 1020.801394] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1020.801417] ? shmem_write_begin+0x1ab/0x3b0 [ 1020.801437] ? __pfx_shmem_write_begin+0x10/0x10 [ 1020.801456] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1020.801484] generic_perform_write+0x1d7/0x810 [ 1020.801506] ? __pfx_generic_perform_write+0x10/0x10 [ 1020.801525] ? file_update_time_flags+0x367/0x4f0 [ 1020.801547] shmem_file_write_iter+0x111/0x140 [ 1020.801563] vfs_write+0xbe9/0x1150 [ 1020.801576] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1020.801590] ? __fget_files+0x34/0x3b0 [ 1020.801605] ? __pfx_vfs_write+0x10/0x10 [ 1020.801627] __x64_sys_pwrite64+0x1f1/0x260 [ 1020.801642] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1020.801660] do_syscall_64+0xbf/0x420 [ 1020.801677] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1020.801692] RIP: 0033:0x7f9f6fba4ab7 [ 1020.801702] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1020.801716] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1020.801729] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1020.801738] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1020.801746] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1020.801754] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1020.801762] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1020.801778] [ 1020.840640] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1020.841135] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1020.841839] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1020.851842] loop4: detected capacity change from 0 to 5 [ 1020.925613] loop7: detected capacity change from 0 to 32640 21:29:40 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x4000000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:29:40 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8100000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:29:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 31) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:40 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfeff3f, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1021.065130] loop6: detected capacity change from 0 to 32640 21:29:40 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 66) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1021.119113] loop4: detected capacity change from 0 to 5 [ 1021.143544] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1021.152399] FAULT_INJECTION: forcing a failure. [ 1021.152399] name fail_page_alloc, interval 1, probability 0, space 0, times 0 21:29:40 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x810, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1021.161444] CPU: 0 UID: 0 PID: 8706 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1021.161475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1021.161489] Call Trace: [ 1021.161496] [ 1021.161504] dump_stack_lvl+0xfa/0x120 [ 1021.161537] should_fail_ex+0x4d7/0x5e0 [ 1021.161581] should_fail_alloc_page+0xe0/0x110 [ 1021.161609] prepare_alloc_pages+0x1eb/0x550 [ 1021.161634] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1021.161674] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1021.161708] ? pte_offset_map_lock+0x190/0x330 [ 1021.161736] ? find_held_lock+0x2b/0x80 [ 1021.161762] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1021.161803] ? lock_is_held_type+0x9e/0x120 [ 1021.161827] ? lock_is_held_type+0x9e/0x120 [ 1021.161846] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1021.161884] ? policy_nodemask+0xeb/0x4e0 [ 1021.161920] alloc_pages_mpol+0xed/0x340 [ 1021.161953] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1021.161984] ? filemap_get_entry+0x1bb/0x3b0 [ 1021.162017] ? __pfx_filemap_get_entry+0x10/0x10 [ 1021.162064] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1021.162103] shmem_alloc_folio+0x11b/0x140 [ 1021.162131] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1021.162177] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1021.162215] ? fault_in_readable+0x12a/0x1d0 [ 1021.162249] shmem_write_begin+0x194/0x3b0 [ 1021.162281] ? __pfx_shmem_write_begin+0x10/0x10 [ 1021.162313] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1021.162357] generic_perform_write+0x391/0x810 [ 1021.162393] ? __pfx_generic_perform_write+0x10/0x10 [ 1021.162425] ? file_update_time_flags+0x367/0x4f0 [ 1021.162460] shmem_file_write_iter+0x111/0x140 [ 1021.162486] vfs_write+0xbe9/0x1150 [ 1021.162508] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1021.162533] ? __fget_files+0x34/0x3b0 [ 1021.162556] ? __pfx_vfs_write+0x10/0x10 [ 1021.162597] __x64_sys_pwrite64+0x1f1/0x260 [ 1021.162620] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1021.162653] do_syscall_64+0xbf/0x420 [ 1021.162680] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1021.162703] RIP: 0033:0x7f9f6fba4ab7 [ 1021.162721] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1021.162743] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1021.162765] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1021.162780] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1021.162794] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1021.162807] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1021.162820] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1021.162849] [ 1021.204251] loop7: detected capacity change from 0 to 136 [ 1021.210915] EXT4-fs (loop7): VFS: Can't find ext4 filesystem 21:29:40 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 26) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 32) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:40 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 67) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1021.316747] FAULT_INJECTION: forcing a failure. [ 1021.316747] name failslab, interval 1, probability 0, space 0, times 0 [ 1021.318505] CPU: 0 UID: 0 PID: 8715 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1021.318534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1021.318548] Call Trace: [ 1021.318555] [ 1021.318564] dump_stack_lvl+0xfa/0x120 [ 1021.318595] should_fail_ex+0x4d7/0x5e0 [ 1021.318640] ? __kernfs_new_node+0xd3/0x940 [ 1021.318674] should_failslab+0xc2/0x120 [ 1021.318702] kmem_cache_alloc_noprof+0x80/0x760 [ 1021.318745] ? __kernfs_new_node+0xd3/0x940 [ 1021.318777] __kernfs_new_node+0xd3/0x940 [ 1021.318807] ? __lock_acquire+0x451/0x2250 [ 1021.318840] ? __pfx___kernfs_new_node+0x10/0x10 [ 1021.318877] ? lock_acquire+0x15e/0x2d0 [ 1021.318905] ? kernfs_root+0x23/0x2a0 [ 1021.318936] ? find_held_lock+0x2b/0x80 [ 1021.318956] ? kernfs_root+0xee/0x2a0 [ 1021.318988] ? lock_release+0xc8/0x270 [ 1021.319014] ? lock_is_held_type+0x9e/0x120 [ 1021.319048] kernfs_new_node+0x13c/0x1e0 [ 1021.319089] __kernfs_create_file+0x55/0x360 [ 1021.319119] sysfs_add_file_mode_ns+0x21c/0x430 [ 1021.319152] ? __pfx_dev_attr_store+0x10/0x10 [ 1021.319192] internal_create_group+0x662/0xeb0 [ 1021.319234] ? __pfx_internal_create_group+0x10/0x10 [ 1021.319268] ? blk_validate_limits+0xc27/0x15c0 [ 1021.319299] ? lock_is_held_type+0x9e/0x120 [ 1021.319323] loop_configure+0xc46/0x15a0 [ 1021.319378] ? __pfx_loop_configure+0x10/0x10 [ 1021.319426] ? avc_has_extended_perms+0x107/0xf20 [ 1021.319454] ? find_held_lock+0x2b/0x80 [ 1021.319474] ? avc_has_extended_perms+0x23b/0xf20 [ 1021.319500] ? lock_release+0xc8/0x270 [ 1021.319532] lo_ioctl+0x674/0x1cb0 [ 1021.319570] ? __pfx_lo_ioctl+0x10/0x10 [ 1021.319602] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 1021.319637] ? lock_acquire+0x15e/0x2d0 [ 1021.319665] ? __virt_addr_valid+0x1c6/0x5d0 [ 1021.319691] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1021.319724] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1021.319754] ? lock_release+0xc8/0x270 [ 1021.319781] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1021.319818] ? blkdev_common_ioctl+0x1c3/0x2860 [ 1021.319875] ? debug_mutex_wake_waiter+0x2c0/0x330 [ 1021.319912] ? __fget_files+0x34/0x3b0 [ 1021.319935] ? find_held_lock+0x2b/0x80 [ 1021.319955] ? __fget_files+0x203/0x3b0 [ 1021.319979] ? __pfx_lo_ioctl+0x10/0x10 [ 1021.320012] blkdev_ioctl+0x365/0x6d0 [ 1021.320041] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1021.320071] ? selinux_file_ioctl+0xb9/0x280 [ 1021.320108] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1021.320139] __x64_sys_ioctl+0x18f/0x210 [ 1021.320177] do_syscall_64+0xbf/0x420 [ 1021.320204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1021.320227] RIP: 0033:0x7f1fa08c48d7 [ 1021.320244] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1021.320266] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1021.320288] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa08c48d7 [ 1021.320303] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1021.320316] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1021.320330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1021.320343] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 1021.320371] [ 1021.355377] FAULT_INJECTION: forcing a failure. [ 1021.355377] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1021.364255] FAULT_INJECTION: forcing a failure. [ 1021.364255] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1021.368828] CPU: 0 UID: 0 PID: 8718 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1021.368869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1021.368882] Call Trace: [ 1021.368890] [ 1021.368898] dump_stack_lvl+0xfa/0x120 [ 1021.368930] should_fail_ex+0x4d7/0x5e0 [ 1021.368969] ? page_copy_sane+0xce/0x2b0 [ 1021.369006] copy_folio_from_iter_atomic+0x383/0x1820 [ 1021.369066] ? fault_in_readable+0x12a/0x1d0 [ 1021.369100] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1021.369139] ? shmem_write_begin+0x1ab/0x3b0 [ 1021.369172] ? __pfx_shmem_write_begin+0x10/0x10 [ 1021.369203] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1021.369250] generic_perform_write+0x1d7/0x810 [ 1021.369288] ? __pfx_generic_perform_write+0x10/0x10 [ 1021.369320] ? file_update_time_flags+0x367/0x4f0 [ 1021.369356] shmem_file_write_iter+0x111/0x140 [ 1021.369383] vfs_write+0xbe9/0x1150 [ 1021.369405] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1021.369430] ? __fget_files+0x34/0x3b0 [ 1021.369454] ? __pfx_vfs_write+0x10/0x10 [ 1021.369495] __x64_sys_pwrite64+0x1f1/0x260 [ 1021.369519] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1021.369552] do_syscall_64+0xbf/0x420 [ 1021.369580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1021.369604] RIP: 0033:0x7f32b3526ab7 [ 1021.369621] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1021.369642] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1021.369664] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1021.369679] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1021.369692] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1021.369706] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1021.369719] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1021.369747] [ 1021.371179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1021.375336] loop4: detected capacity change from 0 to 5 [ 1021.375625] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1021.390291] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1021.391431] CPU: 0 UID: 0 PID: 8717 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1021.391473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1021.391487] Call Trace: [ 1021.391495] [ 1021.391504] dump_stack_lvl+0xfa/0x120 [ 1021.391537] should_fail_ex+0x4d7/0x5e0 [ 1021.391578] ? page_copy_sane+0xce/0x2b0 [ 1021.391617] copy_folio_from_iter_atomic+0x383/0x1820 [ 1021.391670] ? fault_in_readable+0x12a/0x1d0 [ 1021.391706] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1021.391749] ? shmem_write_begin+0x1ab/0x3b0 [ 1021.391784] ? __pfx_shmem_write_begin+0x10/0x10 [ 1021.391818] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1021.391867] generic_perform_write+0x1d7/0x810 [ 1021.391907] ? __pfx_generic_perform_write+0x10/0x10 [ 1021.391941] ? file_update_time_flags+0x367/0x4f0 [ 1021.391979] shmem_file_write_iter+0x111/0x140 [ 1021.392007] vfs_write+0xbe9/0x1150 [ 1021.392031] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1021.392065] ? __fget_files+0x34/0x3b0 [ 1021.392090] ? __pfx_vfs_write+0x10/0x10 [ 1021.392133] __x64_sys_pwrite64+0x1f1/0x260 [ 1021.392159] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1021.392194] do_syscall_64+0xbf/0x420 [ 1021.392224] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1021.392249] RIP: 0033:0x7f9f6fba4ab7 [ 1021.392269] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1021.392294] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1021.392318] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1021.392334] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1021.392349] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1021.392364] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1021.392379] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1021.392409] [ 1021.440347] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1021.473151] loop6: detected capacity change from 0 to 32640 [ 1021.660630] loop7: detected capacity change from 0 to 32640 21:29:50 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 68) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 33) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:29:50 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3f00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:50 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:50 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:29:50 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x1008, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:29:50 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x8100000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:29:50 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 27) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1030.619484] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1030.620742] loop4: detected capacity change from 0 to 5 [ 1030.621802] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1030.626831] FAULT_INJECTION: forcing a failure. [ 1030.626831] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1030.628516] CPU: 1 UID: 0 PID: 8741 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1030.628548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1030.628561] Call Trace: [ 1030.628569] [ 1030.628577] dump_stack_lvl+0xfa/0x120 [ 1030.628608] should_fail_ex+0x4d7/0x5e0 [ 1030.628648] ? page_copy_sane+0xce/0x2b0 [ 1030.628687] copy_folio_from_iter_atomic+0x383/0x1820 [ 1030.628739] ? fault_in_readable+0x12a/0x1d0 [ 1030.628773] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1030.628816] ? shmem_write_begin+0x1ab/0x3b0 [ 1030.628850] ? __pfx_shmem_write_begin+0x10/0x10 [ 1030.628863] FAULT_INJECTION: forcing a failure. [ 1030.628863] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1030.628884] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1030.628933] generic_perform_write+0x1d7/0x810 [ 1030.628971] ? __pfx_generic_perform_write+0x10/0x10 [ 1030.629005] ? file_update_time_flags+0x367/0x4f0 [ 1030.629049] shmem_file_write_iter+0x111/0x140 [ 1030.629077] vfs_write+0xbe9/0x1150 [ 1030.629100] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1030.629143] ? __fget_files+0x34/0x3b0 [ 1030.629167] ? __pfx_vfs_write+0x10/0x10 [ 1030.629209] __x64_sys_pwrite64+0x1f1/0x260 [ 1030.629235] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1030.629269] do_syscall_64+0xbf/0x420 [ 1030.629298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1030.629322] RIP: 0033:0x7f9f6fba4ab7 [ 1030.629340] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1030.629364] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1030.629387] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1030.629403] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1030.629418] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1030.629432] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1030.629446] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1030.629475] [ 1030.630621] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1030.637533] CPU: 0 UID: 0 PID: 8746 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1030.637568] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1030.637582] Call Trace: [ 1030.637590] [ 1030.637598] dump_stack_lvl+0xfa/0x120 [ 1030.637631] should_fail_ex+0x4d7/0x5e0 [ 1030.637676] should_fail_alloc_page+0xe0/0x110 [ 1030.637706] prepare_alloc_pages+0x1eb/0x550 [ 1030.637731] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1030.637774] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1030.637812] ? pte_offset_map_lock+0x190/0x330 [ 1030.637840] ? find_held_lock+0x2b/0x80 [ 1030.637868] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1030.637912] ? lock_is_held_type+0x9e/0x120 [ 1030.637937] ? lock_is_held_type+0x9e/0x120 [ 1030.637958] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1030.637997] ? policy_nodemask+0xeb/0x4e0 [ 1030.638036] alloc_pages_mpol+0xed/0x340 [ 1030.638079] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1030.638113] ? filemap_get_entry+0x1bb/0x3b0 [ 1030.638148] ? __pfx_filemap_get_entry+0x10/0x10 [ 1030.638189] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1030.638231] shmem_alloc_folio+0x11b/0x140 [ 1030.638260] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1030.638306] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1030.638347] ? fault_in_readable+0x12a/0x1d0 [ 1030.638382] shmem_write_begin+0x194/0x3b0 [ 1030.638417] ? __pfx_shmem_write_begin+0x10/0x10 [ 1030.638452] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1030.638499] generic_perform_write+0x391/0x810 [ 1030.638538] ? __pfx_generic_perform_write+0x10/0x10 [ 1030.638572] ? file_update_time_flags+0x367/0x4f0 [ 1030.638609] shmem_file_write_iter+0x111/0x140 [ 1030.638637] vfs_write+0xbe9/0x1150 [ 1030.638662] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1030.638688] ? __fget_files+0x34/0x3b0 [ 1030.638712] ? __pfx_vfs_write+0x10/0x10 [ 1030.638755] __x64_sys_pwrite64+0x1f1/0x260 [ 1030.638780] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1030.638814] do_syscall_64+0xbf/0x420 [ 1030.638843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1030.638868] RIP: 0033:0x7f32b3526ab7 [ 1030.638886] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1030.638909] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1030.638932] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1030.638948] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1030.638963] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1030.638977] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1030.638991] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1030.639020] [ 1030.642419] loop6: detected capacity change from 0 to 32 [ 1030.705487] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1030.736865] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1030.737840] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1030.739161] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:29:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 34) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1030.864910] FAULT_INJECTION: forcing a failure. [ 1030.864910] name failslab, interval 1, probability 0, space 0, times 0 [ 1030.866666] CPU: 1 UID: 0 PID: 8759 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1030.866694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1030.866706] Call Trace: [ 1030.866718] [ 1030.866726] dump_stack_lvl+0xfa/0x120 [ 1030.866755] should_fail_ex+0x4d7/0x5e0 [ 1030.866795] ? __kernfs_new_node+0xd3/0x940 [ 1030.866826] should_failslab+0xc2/0x120 [ 1030.866850] kmem_cache_alloc_noprof+0x80/0x760 [ 1030.866890] ? __kernfs_new_node+0xd3/0x940 [ 1030.866921] __kernfs_new_node+0xd3/0x940 [ 1030.866948] ? __lock_acquire+0x451/0x2250 [ 1030.866980] ? __pfx___kernfs_new_node+0x10/0x10 [ 1030.867014] ? lock_acquire+0x15e/0x2d0 [ 1030.867039] ? kernfs_root+0x23/0x2a0 [ 1030.867074] ? find_held_lock+0x2b/0x80 [ 1030.867092] ? kernfs_root+0xee/0x2a0 [ 1030.867121] ? lock_release+0xc8/0x270 [ 1030.867146] ? lock_is_held_type+0x9e/0x120 [ 1030.867171] kernfs_new_node+0x13c/0x1e0 [ 1030.867209] __kernfs_create_file+0x55/0x360 [ 1030.867237] sysfs_add_file_mode_ns+0x21c/0x430 [ 1030.867268] ? __pfx_dev_attr_store+0x10/0x10 [ 1030.867304] internal_create_group+0x662/0xeb0 [ 1030.867344] ? __pfx_internal_create_group+0x10/0x10 [ 1030.867375] ? blk_validate_limits+0xc27/0x15c0 [ 1030.867404] ? lock_is_held_type+0x9e/0x120 [ 1030.867427] loop_configure+0xc46/0x15a0 [ 1030.867479] ? __pfx_loop_configure+0x10/0x10 [ 1030.867524] ? avc_has_extended_perms+0x107/0xf20 [ 1030.867550] ? find_held_lock+0x2b/0x80 [ 1030.867568] ? avc_has_extended_perms+0x23b/0xf20 [ 1030.867593] ? lock_release+0xc8/0x270 [ 1030.867622] lo_ioctl+0x674/0x1cb0 [ 1030.867658] ? __pfx_lo_ioctl+0x10/0x10 [ 1030.867688] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 1030.867721] ? lock_acquire+0x15e/0x2d0 [ 1030.867746] ? __virt_addr_valid+0x1c6/0x5d0 [ 1030.867771] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1030.867802] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1030.867829] ? lock_release+0xc8/0x270 [ 1030.867855] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1030.867889] ? blkdev_common_ioctl+0x1c3/0x2860 [ 1030.867942] ? debug_mutex_wake_waiter+0x2c0/0x330 [ 1030.867977] ? __fget_files+0x34/0x3b0 [ 1030.867999] ? find_held_lock+0x2b/0x80 [ 1030.868017] ? __fget_files+0x203/0x3b0 [ 1030.868040] ? __pfx_lo_ioctl+0x10/0x10 [ 1030.868072] blkdev_ioctl+0x365/0x6d0 [ 1030.868102] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1030.868129] ? selinux_file_ioctl+0xb9/0x280 [ 1030.868164] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1030.868193] __x64_sys_ioctl+0x18f/0x210 [ 1030.868228] do_syscall_64+0xbf/0x420 [ 1030.868253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1030.868274] RIP: 0033:0x7f1fa08c48d7 [ 1030.868290] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1030.868312] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1030.868332] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa08c48d7 [ 1030.868346] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1030.868358] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1030.868371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1030.868383] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 1030.868409] [ 1030.913018] loop4: detected capacity change from 0 to 5 [ 1030.918007] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:29:50 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x4000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1031.049868] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1031.050613] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1031.051795] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1031.079888] loop7: detected capacity change from 0 to 32640 [ 1031.081938] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1031.083680] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1031.085009] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:30:00 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 69) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:00 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 28) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:00 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x10000000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:30:00 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 35) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:00 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:00 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x10000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:30:00 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:00 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x80000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1040.467860] FAULT_INJECTION: forcing a failure. [ 1040.467860] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1040.473156] FAULT_INJECTION: forcing a failure. [ 1040.473156] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1040.474308] CPU: 1 UID: 0 PID: 8783 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1040.474325] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1040.474333] Call Trace: [ 1040.474338] [ 1040.474343] dump_stack_lvl+0xfa/0x120 [ 1040.474366] should_fail_ex+0x4d7/0x5e0 [ 1040.474390] ? page_copy_sane+0xce/0x2b0 [ 1040.474412] copy_folio_from_iter_atomic+0x383/0x1820 [ 1040.474439] ? fault_in_readable+0x12a/0x1d0 [ 1040.474458] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1040.474479] ? shmem_write_begin+0x1ab/0x3b0 [ 1040.474498] ? __pfx_shmem_write_begin+0x10/0x10 [ 1040.474515] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1040.474543] generic_perform_write+0x1d7/0x810 [ 1040.474565] ? __pfx_generic_perform_write+0x10/0x10 [ 1040.474582] ? file_update_time_flags+0x367/0x4f0 [ 1040.474602] shmem_file_write_iter+0x111/0x140 [ 1040.474617] vfs_write+0xbe9/0x1150 [ 1040.474630] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1040.474643] ? __fget_files+0x34/0x3b0 [ 1040.474657] ? __pfx_vfs_write+0x10/0x10 [ 1040.474679] __x64_sys_pwrite64+0x1f1/0x260 [ 1040.474692] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1040.474709] do_syscall_64+0xbf/0x420 [ 1040.474725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.474740] RIP: 0033:0x7f32b3526ab7 [ 1040.474750] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1040.474762] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1040.474774] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1040.474783] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1040.474791] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1040.474799] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1040.474806] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1040.474822] [ 1040.488082] CPU: 0 UID: 0 PID: 8779 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1040.488120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1040.488136] Call Trace: [ 1040.488144] [ 1040.488154] dump_stack_lvl+0xfa/0x120 [ 1040.488186] should_fail_ex+0x4d7/0x5e0 [ 1040.488236] should_fail_alloc_page+0xe0/0x110 [ 1040.488269] prepare_alloc_pages+0x1eb/0x550 [ 1040.488299] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1040.488348] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1040.488390] ? pte_offset_map_lock+0x190/0x330 [ 1040.488423] ? find_held_lock+0x2b/0x80 [ 1040.488455] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1040.488505] ? lock_is_held_type+0x9e/0x120 [ 1040.488534] ? lock_is_held_type+0x9e/0x120 [ 1040.488557] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1040.488603] ? policy_nodemask+0xeb/0x4e0 [ 1040.488649] alloc_pages_mpol+0xed/0x340 [ 1040.488689] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1040.488726] ? filemap_get_entry+0x1bb/0x3b0 [ 1040.488764] ? __pfx_filemap_get_entry+0x10/0x10 [ 1040.488811] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1040.488859] shmem_alloc_folio+0x11b/0x140 [ 1040.488891] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1040.488942] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1040.488989] ? fault_in_readable+0x12a/0x1d0 [ 1040.489028] shmem_write_begin+0x194/0x3b0 [ 1040.489075] ? __pfx_shmem_write_begin+0x10/0x10 [ 1040.489114] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1040.489168] generic_perform_write+0x391/0x810 [ 1040.489212] ? __pfx_generic_perform_write+0x10/0x10 [ 1040.489266] ? file_update_time_flags+0x367/0x4f0 [ 1040.489306] shmem_file_write_iter+0x111/0x140 [ 1040.489338] vfs_write+0xbe9/0x1150 [ 1040.489364] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1040.489393] ? __fget_files+0x34/0x3b0 [ 1040.489421] ? __pfx_vfs_write+0x10/0x10 [ 1040.489470] __x64_sys_pwrite64+0x1f1/0x260 [ 1040.489500] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1040.489540] do_syscall_64+0xbf/0x420 [ 1040.489571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.489599] RIP: 0033:0x7f9f6fba4ab7 [ 1040.489619] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1040.489645] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1040.489671] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1040.489690] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1040.489706] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1040.489722] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1040.489738] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1040.489772] [ 1040.494811] loop4: detected capacity change from 0 to 5 [ 1040.500157] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1040.503570] loop7: detected capacity change from 0 to 144 [ 1040.503712] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1040.512276] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 1040.513865] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1040.520290] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1040.520456] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1040.522151] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1040.522878] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:30:00 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 70) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:00 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 36) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1040.580949] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1040.586823] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1040.588358] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1040.621444] FAULT_INJECTION: forcing a failure. [ 1040.621444] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1040.624824] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1040.626589] CPU: 1 UID: 0 PID: 8796 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1040.626607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1040.626616] Call Trace: [ 1040.626621] [ 1040.626626] dump_stack_lvl+0xfa/0x120 [ 1040.626647] should_fail_ex+0x4d7/0x5e0 [ 1040.626671] ? page_copy_sane+0xce/0x2b0 [ 1040.626692] copy_folio_from_iter_atomic+0x383/0x1820 [ 1040.626718] ? fault_in_readable+0x12a/0x1d0 [ 1040.626738] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1040.626759] ? shmem_write_begin+0x1ab/0x3b0 [ 1040.626781] ? __pfx_shmem_write_begin+0x10/0x10 [ 1040.626798] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1040.626825] generic_perform_write+0x1d7/0x810 [ 1040.626852] ? __pfx_generic_perform_write+0x10/0x10 [ 1040.626869] ? file_update_time_flags+0x367/0x4f0 [ 1040.626890] shmem_file_write_iter+0x111/0x140 [ 1040.626905] vfs_write+0xbe9/0x1150 [ 1040.626918] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1040.626931] ? __fget_files+0x34/0x3b0 [ 1040.626945] ? __pfx_vfs_write+0x10/0x10 [ 1040.626967] __x64_sys_pwrite64+0x1f1/0x260 [ 1040.626980] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1040.626998] do_syscall_64+0xbf/0x420 [ 1040.627014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.627028] RIP: 0033:0x7f9f6fba4ab7 [ 1040.627038] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1040.627051] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1040.627064] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1040.627072] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1040.627080] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1040.627088] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1040.627095] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1040.627111] [ 1040.627233] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1040.635610] FAULT_INJECTION: forcing a failure. [ 1040.635610] name failslab, interval 1, probability 0, space 0, times 0 [ 1040.635679] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1040.636169] CPU: 1 UID: 0 PID: 8797 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1040.636185] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1040.636192] Call Trace: [ 1040.636196] [ 1040.636200] dump_stack_lvl+0xfa/0x120 [ 1040.636214] should_fail_ex+0x4d7/0x5e0 [ 1040.636236] ? __kernfs_new_node+0xd3/0x940 [ 1040.636254] should_failslab+0xc2/0x120 [ 1040.636269] kmem_cache_alloc_noprof+0x80/0x760 [ 1040.636293] ? __kernfs_new_node+0xd3/0x940 [ 1040.636310] __kernfs_new_node+0xd3/0x940 [ 1040.636326] ? __lock_acquire+0x451/0x2250 [ 1040.636346] ? __pfx___kernfs_new_node+0x10/0x10 [ 1040.636365] ? lock_acquire+0x15e/0x2d0 [ 1040.636380] ? kernfs_root+0x23/0x2a0 [ 1040.636401] ? find_held_lock+0x2b/0x80 [ 1040.636412] ? kernfs_root+0xee/0x2a0 [ 1040.636429] ? lock_release+0xc8/0x270 [ 1040.636443] ? lock_is_held_type+0x9e/0x120 [ 1040.636458] kernfs_new_node+0x13c/0x1e0 [ 1040.636480] __kernfs_create_file+0x55/0x360 [ 1040.636497] sysfs_add_file_mode_ns+0x21c/0x430 [ 1040.636515] ? __pfx_dev_attr_store+0x10/0x10 [ 1040.636538] internal_create_group+0x662/0xeb0 [ 1040.636561] ? __pfx_internal_create_group+0x10/0x10 [ 1040.636579] ? blk_validate_limits+0xc27/0x15c0 [ 1040.636598] ? lock_is_held_type+0x9e/0x120 [ 1040.636611] loop_configure+0xc46/0x15a0 [ 1040.636643] ? __pfx_loop_configure+0x10/0x10 [ 1040.636669] ? avc_has_extended_perms+0x107/0xf20 [ 1040.636685] ? find_held_lock+0x2b/0x80 [ 1040.636696] ? avc_has_extended_perms+0x23b/0xf20 [ 1040.636713] ? lock_release+0xc8/0x270 [ 1040.636736] lo_ioctl+0x674/0x1cb0 [ 1040.636765] ? __pfx_lo_ioctl+0x10/0x10 [ 1040.636790] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 1040.636809] ? lock_acquire+0x15e/0x2d0 [ 1040.636824] ? __virt_addr_valid+0x1c6/0x5d0 [ 1040.636839] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1040.636858] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1040.636874] ? lock_release+0xc8/0x270 [ 1040.636889] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1040.636911] ? blkdev_common_ioctl+0x1c3/0x2860 [ 1040.636942] ? debug_mutex_wake_waiter+0x2c0/0x330 [ 1040.636963] ? __fget_files+0x34/0x3b0 [ 1040.636975] ? find_held_lock+0x2b/0x80 [ 1040.636986] ? __fget_files+0x203/0x3b0 [ 1040.636999] ? __pfx_lo_ioctl+0x10/0x10 [ 1040.637017] blkdev_ioctl+0x365/0x6d0 [ 1040.637033] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1040.637049] ? selinux_file_ioctl+0xb9/0x280 [ 1040.637070] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1040.637087] __x64_sys_ioctl+0x18f/0x210 [ 1040.637108] do_syscall_64+0xbf/0x420 [ 1040.637122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.637134] RIP: 0033:0x7f1fa08c48d7 [ 1040.637143] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1040.637154] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1040.637166] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa08c48d7 [ 1040.637174] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1040.637181] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1040.637188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1040.637195] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 1040.637210] [ 1040.637369] loop4: detected capacity change from 0 to 5 21:30:00 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:00 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8c07, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1040.759392] loop6: detected capacity change from 0 to 32640 21:30:00 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x20000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:30:00 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x1000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1040.868264] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1040.869205] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1040.872101] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:30:00 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x40000000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:30:00 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 37) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1041.023746] loop4: detected capacity change from 0 to 5 [ 1041.035112] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1041.186125] loop7: detected capacity change from 0 to 32640 21:30:08 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 71) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:08 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x2000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:08 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8d07, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:08 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:08 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 38) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:08 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 29) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:08 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3f000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:30:08 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x2, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 1049.420170] FAULT_INJECTION: forcing a failure. [ 1049.420170] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1049.423110] FAULT_INJECTION: forcing a failure. [ 1049.423110] name failslab, interval 1, probability 0, space 0, times 0 [ 1049.424011] CPU: 1 UID: 0 PID: 8839 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1049.424027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1049.424034] Call Trace: [ 1049.424039] [ 1049.424046] dump_stack_lvl+0xfa/0x120 [ 1049.424066] should_fail_ex+0x4d7/0x5e0 [ 1049.424091] ? __kernfs_new_node+0xd3/0x940 [ 1049.424110] should_failslab+0xc2/0x120 [ 1049.424125] kmem_cache_alloc_noprof+0x80/0x760 [ 1049.424148] ? __kernfs_new_node+0xd3/0x940 [ 1049.424165] __kernfs_new_node+0xd3/0x940 [ 1049.424182] ? __lock_acquire+0x451/0x2250 [ 1049.424200] ? __pfx___kernfs_new_node+0x10/0x10 [ 1049.424220] ? lock_acquire+0x15e/0x2d0 [ 1049.424235] ? kernfs_root+0x23/0x2a0 [ 1049.424252] ? find_held_lock+0x2b/0x80 [ 1049.424263] ? kernfs_root+0xee/0x2a0 [ 1049.424279] ? lock_release+0xc8/0x270 [ 1049.424294] ? lock_is_held_type+0x9e/0x120 [ 1049.424308] kernfs_new_node+0x13c/0x1e0 [ 1049.424331] __kernfs_create_file+0x55/0x360 [ 1049.424347] sysfs_add_file_mode_ns+0x21c/0x430 [ 1049.424365] ? __pfx_dev_attr_store+0x10/0x10 [ 1049.424388] internal_create_group+0x662/0xeb0 [ 1049.424411] ? __pfx_internal_create_group+0x10/0x10 [ 1049.424428] ? blk_validate_limits+0xc27/0x15c0 [ 1049.424447] ? lock_is_held_type+0x9e/0x120 [ 1049.424459] loop_configure+0xc46/0x15a0 [ 1049.424490] ? __pfx_loop_configure+0x10/0x10 [ 1049.424516] ? avc_has_extended_perms+0x107/0xf20 [ 1049.424532] ? find_held_lock+0x2b/0x80 [ 1049.424543] ? avc_has_extended_perms+0x23b/0xf20 [ 1049.424557] ? lock_release+0xc8/0x270 [ 1049.424574] lo_ioctl+0x674/0x1cb0 [ 1049.424595] ? __pfx_lo_ioctl+0x10/0x10 [ 1049.424613] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 1049.424626] ? __lock_acquire+0x451/0x2250 [ 1049.424644] ? update_load_avg+0x153/0x1c90 [ 1049.424664] ? __lock_acquire+0x451/0x2250 [ 1049.424679] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1049.424700] ? blkdev_common_ioctl+0x1c3/0x2860 [ 1049.424731] ? debug_mutex_wake_waiter+0x2c0/0x330 [ 1049.424752] ? __fget_files+0x34/0x3b0 [ 1049.424765] ? find_held_lock+0x2b/0x80 [ 1049.424775] ? __fget_files+0x203/0x3b0 [ 1049.424789] ? __pfx_lo_ioctl+0x10/0x10 [ 1049.424807] blkdev_ioctl+0x365/0x6d0 [ 1049.424822] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1049.424838] ? selinux_file_ioctl+0xb9/0x280 [ 1049.424859] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1049.424876] __x64_sys_ioctl+0x18f/0x210 [ 1049.424897] do_syscall_64+0xbf/0x420 [ 1049.424912] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1049.424925] RIP: 0033:0x7f1fa08c48d7 [ 1049.424935] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1049.424947] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1049.424959] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa08c48d7 [ 1049.424967] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1049.424974] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1049.424981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1049.424989] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 1049.425003] [ 1049.448302] CPU: 0 UID: 0 PID: 8837 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1049.448339] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1049.448354] Call Trace: [ 1049.448363] [ 1049.448372] dump_stack_lvl+0xfa/0x120 [ 1049.448404] should_fail_ex+0x4d7/0x5e0 [ 1049.448447] ? page_copy_sane+0xce/0x2b0 [ 1049.448491] copy_folio_from_iter_atomic+0x383/0x1820 [ 1049.448549] ? fault_in_readable+0x12a/0x1d0 [ 1049.448588] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1049.448635] ? shmem_write_begin+0x1ab/0x3b0 [ 1049.448674] ? __pfx_shmem_write_begin+0x10/0x10 [ 1049.448712] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1049.448766] generic_perform_write+0x1d7/0x810 [ 1049.448809] ? __pfx_generic_perform_write+0x10/0x10 [ 1049.448848] ? file_update_time_flags+0x367/0x4f0 [ 1049.448888] shmem_file_write_iter+0x111/0x140 [ 1049.448920] vfs_write+0xbe9/0x1150 [ 1049.448948] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1049.448977] ? __fget_files+0x34/0x3b0 [ 1049.449004] ? __pfx_vfs_write+0x10/0x10 [ 1049.449062] __x64_sys_pwrite64+0x1f1/0x260 [ 1049.449095] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1049.449134] do_syscall_64+0xbf/0x420 [ 1049.449166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1049.449193] RIP: 0033:0x7f9f6fba4ab7 [ 1049.449213] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1049.449239] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1049.449265] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1049.449283] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1049.449299] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1049.449327] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1049.449343] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1049.449377] [ 1049.468739] loop4: detected capacity change from 0 to 5 [ 1049.485843] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1049.500671] FAULT_INJECTION: forcing a failure. [ 1049.500671] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1049.504144] CPU: 0 UID: 0 PID: 8849 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) 21:30:09 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 39) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1049.504178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1049.504192] Call Trace: [ 1049.504201] [ 1049.504209] dump_stack_lvl+0xfa/0x120 [ 1049.504243] should_fail_ex+0x4d7/0x5e0 [ 1049.504284] ? page_copy_sane+0xce/0x2b0 [ 1049.504323] copy_folio_from_iter_atomic+0x383/0x1820 [ 1049.504376] ? fault_in_readable+0x12a/0x1d0 [ 1049.504412] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1049.504453] ? shmem_write_begin+0x1ab/0x3b0 [ 1049.504488] ? __pfx_shmem_write_begin+0x10/0x10 [ 1049.504523] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1049.504571] generic_perform_write+0x1d7/0x810 [ 1049.504610] ? __pfx_generic_perform_write+0x10/0x10 [ 1049.504644] ? file_update_time_flags+0x367/0x4f0 [ 1049.504682] shmem_file_write_iter+0x111/0x140 [ 1049.504710] vfs_write+0xbe9/0x1150 [ 1049.504734] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1049.504761] ? __fget_files+0x34/0x3b0 [ 1049.504786] ? __pfx_vfs_write+0x10/0x10 [ 1049.504830] __x64_sys_pwrite64+0x1f1/0x260 [ 1049.504856] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1049.504891] do_syscall_64+0xbf/0x420 [ 1049.504920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1049.504945] RIP: 0033:0x7f32b3526ab7 [ 1049.504964] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1049.504987] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1049.505010] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1049.505026] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1049.505048] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1049.505063] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1049.505077] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1049.505108] [ 1049.546276] loop4: detected capacity change from 0 to 5 [ 1049.548486] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1049.565534] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1049.565980] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1049.566797] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:30:09 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 40) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1049.601695] loop7: detected capacity change from 0 to 32640 21:30:09 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 72) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1049.677483] FAULT_INJECTION: forcing a failure. [ 1049.677483] name failslab, interval 1, probability 0, space 0, times 0 [ 1049.683144] CPU: 0 UID: 0 PID: 8865 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1049.683178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1049.683192] Call Trace: [ 1049.683200] [ 1049.683209] dump_stack_lvl+0xfa/0x120 [ 1049.683243] should_fail_ex+0x4d7/0x5e0 [ 1049.683289] ? __kernfs_new_node+0xd3/0x940 [ 1049.683323] should_failslab+0xc2/0x120 [ 1049.683350] kmem_cache_alloc_noprof+0x80/0x760 [ 1049.683396] ? __kernfs_new_node+0xd3/0x940 [ 1049.683429] __kernfs_new_node+0xd3/0x940 [ 1049.683461] ? __lock_acquire+0x451/0x2250 [ 1049.683496] ? __pfx___kernfs_new_node+0x10/0x10 [ 1049.683535] ? lock_acquire+0x15e/0x2d0 [ 1049.683564] ? kernfs_root+0x23/0x2a0 [ 1049.683598] ? find_held_lock+0x2b/0x80 [ 1049.683619] ? kernfs_root+0xee/0x2a0 [ 1049.683653] ? lock_release+0xc8/0x270 [ 1049.683680] ? lock_is_held_type+0x9e/0x120 [ 1049.683709] kernfs_new_node+0x13c/0x1e0 [ 1049.683753] __kernfs_create_file+0x55/0x360 [ 1049.683785] sysfs_add_file_mode_ns+0x21c/0x430 [ 1049.683820] ? __pfx_dev_attr_store+0x10/0x10 [ 1049.683863] internal_create_group+0x662/0xeb0 [ 1049.683908] ? __pfx_internal_create_group+0x10/0x10 [ 1049.683951] ? lock_is_held_type+0x9e/0x120 [ 1049.683976] loop_configure+0xc46/0x15a0 [ 1049.684043] ? __pfx_loop_configure+0x10/0x10 [ 1049.684095] ? avc_has_extended_perms+0x107/0xf20 [ 1049.684126] ? find_held_lock+0x2b/0x80 [ 1049.684146] ? avc_has_extended_perms+0x23b/0xf20 [ 1049.684175] ? lock_release+0xc8/0x270 [ 1049.684208] lo_ioctl+0x674/0x1cb0 [ 1049.684250] ? __pfx_lo_ioctl+0x10/0x10 [ 1049.684285] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 1049.684312] ? __lock_acquire+0x451/0x2250 [ 1049.684347] ? update_load_avg+0x153/0x1c90 [ 1049.684385] ? __lock_acquire+0x451/0x2250 [ 1049.684415] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1049.684454] ? blkdev_common_ioctl+0x1c3/0x2860 [ 1049.684515] ? debug_mutex_wake_waiter+0x2c0/0x330 [ 1049.684555] ? __fget_files+0x34/0x3b0 [ 1049.684580] ? find_held_lock+0x2b/0x80 [ 1049.684601] ? __fget_files+0x203/0x3b0 [ 1049.684627] ? __pfx_lo_ioctl+0x10/0x10 [ 1049.684662] blkdev_ioctl+0x365/0x6d0 [ 1049.684693] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1049.684724] ? selinux_file_ioctl+0xb9/0x280 [ 1049.684765] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1049.684798] __x64_sys_ioctl+0x18f/0x210 [ 1049.684838] do_syscall_64+0xbf/0x420 [ 1049.684867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1049.684891] RIP: 0033:0x7f1fa08c48d7 [ 1049.684910] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1049.684934] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1049.684957] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa08c48d7 [ 1049.684974] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1049.684988] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1049.685002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1049.685017] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 1049.685046] [ 1049.741169] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1049.741642] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1049.742361] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1049.746629] FAULT_INJECTION: forcing a failure. [ 1049.746629] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1049.751186] CPU: 0 UID: 0 PID: 8866 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1049.751221] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1049.751235] Call Trace: [ 1049.751243] [ 1049.751252] dump_stack_lvl+0xfa/0x120 [ 1049.751286] should_fail_ex+0x4d7/0x5e0 [ 1049.751332] should_fail_alloc_page+0xe0/0x110 [ 1049.751370] prepare_alloc_pages+0x1eb/0x550 [ 1049.751397] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1049.751439] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1049.751477] ? pte_offset_map_lock+0x190/0x330 [ 1049.751506] ? find_held_lock+0x2b/0x80 [ 1049.751534] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1049.751578] ? lock_is_held_type+0x9e/0x120 [ 1049.751603] ? lock_is_held_type+0x9e/0x120 [ 1049.751624] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1049.751663] ? policy_nodemask+0xeb/0x4e0 [ 1049.751701] alloc_pages_mpol+0xed/0x340 [ 1049.751736] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1049.751769] ? filemap_get_entry+0x1bb/0x3b0 [ 1049.751803] ? __pfx_filemap_get_entry+0x10/0x10 [ 1049.751844] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1049.751886] shmem_alloc_folio+0x11b/0x140 [ 1049.751915] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1049.751960] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1049.752000] ? fault_in_readable+0x12a/0x1d0 [ 1049.752036] shmem_write_begin+0x194/0x3b0 [ 1049.752070] ? __pfx_shmem_write_begin+0x10/0x10 [ 1049.752109] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1049.752156] generic_perform_write+0x391/0x810 [ 1049.752195] ? __pfx_generic_perform_write+0x10/0x10 [ 1049.752229] ? file_update_time_flags+0x367/0x4f0 [ 1049.752266] shmem_file_write_iter+0x111/0x140 [ 1049.752294] vfs_write+0xbe9/0x1150 [ 1049.752318] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1049.752344] ? __fget_files+0x34/0x3b0 [ 1049.752369] ? __pfx_vfs_write+0x10/0x10 [ 1049.752412] __x64_sys_pwrite64+0x1f1/0x260 [ 1049.752438] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1049.752472] do_syscall_64+0xbf/0x420 [ 1049.752501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1049.752526] RIP: 0033:0x7f9f6fba4ab7 [ 1049.752545] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1049.752568] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1049.752591] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1049.752607] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1049.752622] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1049.752636] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1049.752650] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1049.752680] [ 1049.758071] loop6: detected capacity change from 0 to 32640 [ 1049.766807] loop7: detected capacity change from 0 to 152 21:30:09 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8e07, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1049.808925] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 1049.819931] loop4: detected capacity change from 0 to 5 21:30:09 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x3000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:09 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3ffffe00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:30:09 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x5000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:09 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 73) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:09 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 30) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:09 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 41) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:09 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x3, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 1050.042988] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1050.044559] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1050.046005] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1050.055278] FAULT_INJECTION: forcing a failure. [ 1050.055278] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1050.056891] loop4: detected capacity change from 0 to 5 [ 1050.058657] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1050.059833] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1050.061368] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1050.062209] FAULT_INJECTION: forcing a failure. [ 1050.062209] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1050.067758] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1050.069655] CPU: 0 UID: 0 PID: 8882 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1050.069692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1050.069706] Call Trace: [ 1050.069714] [ 1050.069724] dump_stack_lvl+0xfa/0x120 [ 1050.069759] should_fail_ex+0x4d7/0x5e0 [ 1050.069800] ? page_copy_sane+0xce/0x2b0 [ 1050.069839] copy_folio_from_iter_atomic+0x383/0x1820 [ 1050.069892] ? fault_in_readable+0x12a/0x1d0 [ 1050.069927] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1050.069969] ? shmem_write_begin+0x1ab/0x3b0 [ 1050.070003] ? __pfx_shmem_write_begin+0x10/0x10 [ 1050.070046] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1050.070100] generic_perform_write+0x1d7/0x810 [ 1050.070139] ? __pfx_generic_perform_write+0x10/0x10 [ 1050.070173] ? file_update_time_flags+0x367/0x4f0 [ 1050.070211] shmem_file_write_iter+0x111/0x140 [ 1050.070239] vfs_write+0xbe9/0x1150 [ 1050.070263] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1050.070289] ? __fget_files+0x34/0x3b0 [ 1050.070314] ? __pfx_vfs_write+0x10/0x10 [ 1050.070358] __x64_sys_pwrite64+0x1f1/0x260 [ 1050.070384] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1050.070419] do_syscall_64+0xbf/0x420 [ 1050.070448] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1050.070473] RIP: 0033:0x7f9f6fba4ab7 [ 1050.070492] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1050.070516] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1050.070540] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1050.070555] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1050.070571] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1050.070585] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1050.070599] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1050.070629] [ 1050.072570] CPU: 1 UID: 0 PID: 8887 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1050.072604] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1050.072619] Call Trace: [ 1050.072627] [ 1050.072636] dump_stack_lvl+0xfa/0x120 [ 1050.072671] should_fail_ex+0x4d7/0x5e0 [ 1050.072717] should_fail_alloc_page+0xe0/0x110 [ 1050.072747] prepare_alloc_pages+0x1eb/0x550 [ 1050.072773] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1050.072815] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1050.072851] ? pte_offset_map_lock+0x190/0x330 [ 1050.072879] ? find_held_lock+0x2b/0x80 [ 1050.072905] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1050.072947] ? lock_is_held_type+0x9e/0x120 [ 1050.072972] ? lock_is_held_type+0x9e/0x120 [ 1050.072991] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1050.073029] ? policy_nodemask+0xeb/0x4e0 [ 1050.073074] alloc_pages_mpol+0xed/0x340 [ 1050.073107] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1050.073138] ? filemap_get_entry+0x1bb/0x3b0 [ 1050.073171] ? __pfx_filemap_get_entry+0x10/0x10 [ 1050.073209] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1050.073250] shmem_alloc_folio+0x11b/0x140 [ 1050.073278] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1050.073321] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1050.073372] ? fault_in_readable+0x12a/0x1d0 [ 1050.073406] shmem_write_begin+0x194/0x3b0 [ 1050.073439] ? __pfx_shmem_write_begin+0x10/0x10 [ 1050.073471] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1050.073516] generic_perform_write+0x391/0x810 [ 1050.073552] ? __pfx_generic_perform_write+0x10/0x10 [ 1050.073584] ? file_update_time_flags+0x367/0x4f0 [ 1050.073619] shmem_file_write_iter+0x111/0x140 [ 1050.073646] vfs_write+0xbe9/0x1150 [ 1050.073669] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1050.073693] ? __fget_files+0x34/0x3b0 [ 1050.073718] ? __pfx_vfs_write+0x10/0x10 [ 1050.073758] __x64_sys_pwrite64+0x1f1/0x260 [ 1050.073783] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1050.073815] do_syscall_64+0xbf/0x420 [ 1050.073844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1050.073868] RIP: 0033:0x7f32b3526ab7 [ 1050.073886] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1050.073908] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1050.073931] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1050.073946] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1050.073959] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1050.073973] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1050.073987] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1050.074015] [ 1050.076686] loop6: detected capacity change from 0 to 40 [ 1050.148718] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 1050.165231] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1050.166272] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1050.167560] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1050.345607] loop7: detected capacity change from 0 to 32640 21:30:19 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 31) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:19 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf500, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:19 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 74) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:19 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x6000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:19 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x4000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x40000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:30:19 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:30:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 42) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1060.409708] FAULT_INJECTION: forcing a failure. [ 1060.409708] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1060.410720] CPU: 1 UID: 0 PID: 8908 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1060.410738] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1060.410746] Call Trace: [ 1060.410751] [ 1060.410755] dump_stack_lvl+0xfa/0x120 [ 1060.410777] should_fail_ex+0x4d7/0x5e0 [ 1060.410801] ? page_copy_sane+0xce/0x2b0 [ 1060.410822] copy_folio_from_iter_atomic+0x383/0x1820 [ 1060.410850] ? fault_in_readable+0x12a/0x1d0 [ 1060.410870] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1060.410893] ? shmem_write_begin+0x1ab/0x3b0 [ 1060.410912] ? __pfx_shmem_write_begin+0x10/0x10 [ 1060.410931] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1060.410957] generic_perform_write+0x1d7/0x810 [ 1060.410978] ? __pfx_generic_perform_write+0x10/0x10 [ 1060.410996] ? file_update_time_flags+0x367/0x4f0 [ 1060.411017] shmem_file_write_iter+0x111/0x140 [ 1060.411032] vfs_write+0xbe9/0x1150 [ 1060.411050] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1060.411064] ? __fget_files+0x34/0x3b0 [ 1060.411078] ? __pfx_vfs_write+0x10/0x10 [ 1060.411101] __x64_sys_pwrite64+0x1f1/0x260 [ 1060.411114] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1060.411133] do_syscall_64+0xbf/0x420 [ 1060.411149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1060.411163] RIP: 0033:0x7f9f6fba4ab7 [ 1060.411174] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1060.411186] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1060.411199] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1060.411208] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1060.411216] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1060.411224] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1060.411231] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1060.411247] [ 1060.444980] FAULT_INJECTION: forcing a failure. [ 1060.444980] name failslab, interval 1, probability 0, space 0, times 0 [ 1060.445943] CPU: 1 UID: 0 PID: 8914 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1060.445959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1060.445967] Call Trace: [ 1060.445971] [ 1060.445976] dump_stack_lvl+0xfa/0x120 [ 1060.445995] should_fail_ex+0x4d7/0x5e0 [ 1060.446020] ? __kernfs_new_node+0xd3/0x940 [ 1060.446044] should_failslab+0xc2/0x120 [ 1060.446059] kmem_cache_alloc_noprof+0x80/0x760 [ 1060.446082] ? __kernfs_new_node+0xd3/0x940 [ 1060.446098] __kernfs_new_node+0xd3/0x940 [ 1060.446115] ? __lock_acquire+0x451/0x2250 [ 1060.446133] ? __pfx___kernfs_new_node+0x10/0x10 [ 1060.446153] ? lock_acquire+0x15e/0x2d0 [ 1060.446167] ? kernfs_root+0x23/0x2a0 [ 1060.446184] ? find_held_lock+0x2b/0x80 [ 1060.446195] ? kernfs_root+0xee/0x2a0 [ 1060.446212] ? lock_release+0xc8/0x270 [ 1060.446226] ? lock_is_held_type+0x9e/0x120 [ 1060.446241] kernfs_new_node+0x13c/0x1e0 [ 1060.446263] __kernfs_create_file+0x55/0x360 [ 1060.446279] sysfs_add_file_mode_ns+0x21c/0x430 [ 1060.446297] ? __pfx_dev_attr_store+0x10/0x10 [ 1060.446320] internal_create_group+0x662/0xeb0 [ 1060.446342] ? __pfx_internal_create_group+0x10/0x10 [ 1060.446360] ? blk_validate_limits+0xc27/0x15c0 [ 1060.446378] ? lock_is_held_type+0x9e/0x120 [ 1060.446391] loop_configure+0xc46/0x15a0 [ 1060.446421] ? __pfx_loop_configure+0x10/0x10 [ 1060.446447] ? avc_has_extended_perms+0x107/0xf20 [ 1060.446463] ? find_held_lock+0x2b/0x80 [ 1060.446473] ? avc_has_extended_perms+0x23b/0xf20 [ 1060.446488] ? lock_release+0xc8/0x270 [ 1060.446504] lo_ioctl+0x674/0x1cb0 [ 1060.446525] ? __pfx_lo_ioctl+0x10/0x10 [ 1060.446542] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 1060.446561] ? lock_acquire+0x15e/0x2d0 [ 1060.446576] ? __virt_addr_valid+0x1c6/0x5d0 [ 1060.446591] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1060.446609] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1060.446624] ? lock_release+0xc8/0x270 [ 1060.446639] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1060.446659] ? blkdev_common_ioctl+0x1c3/0x2860 [ 1060.446691] ? debug_mutex_wake_waiter+0x2c0/0x330 [ 1060.446711] ? __fget_files+0x34/0x3b0 [ 1060.446724] ? find_held_lock+0x2b/0x80 [ 1060.446734] ? __fget_files+0x203/0x3b0 [ 1060.446747] ? __pfx_lo_ioctl+0x10/0x10 [ 1060.446765] blkdev_ioctl+0x365/0x6d0 [ 1060.446780] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1060.446796] ? selinux_file_ioctl+0xb9/0x280 [ 1060.446817] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1060.446834] __x64_sys_ioctl+0x18f/0x210 [ 1060.446854] do_syscall_64+0xbf/0x420 [ 1060.446869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1060.446882] RIP: 0033:0x7f1fa08c48d7 [ 1060.446892] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1060.446903] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1060.446915] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa08c48d7 [ 1060.446923] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1060.446930] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1060.446938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1060.446945] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 1060.446960] [ 1060.472825] FAULT_INJECTION: forcing a failure. [ 1060.472825] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1060.477498] CPU: 0 UID: 0 PID: 8919 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1060.477539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1060.477555] Call Trace: [ 1060.477563] [ 1060.477571] dump_stack_lvl+0xfa/0x120 [ 1060.477602] should_fail_ex+0x4d7/0x5e0 [ 1060.477638] ? page_copy_sane+0xce/0x2b0 [ 1060.477677] copy_folio_from_iter_atomic+0x383/0x1820 [ 1060.477751] ? fault_in_readable+0x12a/0x1d0 [ 1060.477787] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1060.477829] ? shmem_write_begin+0x1ab/0x3b0 [ 1060.477863] ? __pfx_shmem_write_begin+0x10/0x10 [ 1060.477898] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1060.477946] generic_perform_write+0x1d7/0x810 [ 1060.477985] ? __pfx_generic_perform_write+0x10/0x10 [ 1060.478019] ? file_update_time_flags+0x367/0x4f0 [ 1060.478055] shmem_file_write_iter+0x111/0x140 [ 1060.478088] vfs_write+0xbe9/0x1150 [ 1060.478112] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1060.478138] ? __fget_files+0x34/0x3b0 [ 1060.478163] ? __pfx_vfs_write+0x10/0x10 [ 1060.478206] __x64_sys_pwrite64+0x1f1/0x260 [ 1060.478232] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1060.478266] do_syscall_64+0xbf/0x420 [ 1060.478295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1060.478319] RIP: 0033:0x7f32b3526ab7 [ 1060.478339] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1060.478363] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1060.478386] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1060.478402] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1060.478417] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1060.478431] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1060.478446] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1060.478476] [ 1060.481200] loop4: detected capacity change from 0 to 5 [ 1060.513387] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:30:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 43) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1060.573796] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1060.575285] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1060.577090] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1060.608573] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1060.610997] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1060.614145] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1060.643976] loop4: detected capacity change from 0 to 5 [ 1060.662356] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:30:20 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x8100000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:20 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf4ffffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1060.697580] loop7: detected capacity change from 0 to 32640 21:30:20 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x20000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1060.767781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1060.768292] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1060.768999] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1060.786461] loop6: detected capacity change from 0 to 32640 [ 1060.889133] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1060.889610] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1060.892084] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1060.917995] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1060.918505] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1060.921090] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:30:30 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x2, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:30:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 44) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:30 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x10000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:30 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x40000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:30 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 32) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:30 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf5000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:30:30 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 75) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:30 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1070.817500] loop4: detected capacity change from 0 to 5 [ 1070.822795] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1070.825446] FAULT_INJECTION: forcing a failure. [ 1070.825446] name failslab, interval 1, probability 0, space 0, times 0 [ 1070.827984] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1070.831821] FAULT_INJECTION: forcing a failure. [ 1070.831821] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1070.832438] FAULT_INJECTION: forcing a failure. [ 1070.832438] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1070.833592] CPU: 1 UID: 0 PID: 8965 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1070.833625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1070.833641] Call Trace: [ 1070.833649] [ 1070.833658] dump_stack_lvl+0xfa/0x120 [ 1070.833692] should_fail_ex+0x4d7/0x5e0 [ 1070.833735] ? page_copy_sane+0xce/0x2b0 [ 1070.833774] copy_folio_from_iter_atomic+0x383/0x1820 [ 1070.833828] ? fault_in_readable+0x12a/0x1d0 [ 1070.833864] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1070.833907] ? shmem_write_begin+0x1ab/0x3b0 [ 1070.833943] ? __pfx_shmem_write_begin+0x10/0x10 [ 1070.833977] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1070.834027] generic_perform_write+0x1d7/0x810 [ 1070.834074] ? __pfx_generic_perform_write+0x10/0x10 [ 1070.834108] ? file_update_time_flags+0x367/0x4f0 [ 1070.834147] shmem_file_write_iter+0x111/0x140 [ 1070.834175] vfs_write+0xbe9/0x1150 [ 1070.834199] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1070.834225] ? __fget_files+0x34/0x3b0 [ 1070.834251] ? __pfx_vfs_write+0x10/0x10 [ 1070.834294] __x64_sys_pwrite64+0x1f1/0x260 [ 1070.834319] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1070.834354] do_syscall_64+0xbf/0x420 [ 1070.834383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1070.834408] RIP: 0033:0x7f32b3526ab7 [ 1070.834427] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1070.834452] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1070.834475] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1070.834491] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1070.834506] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1070.834521] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1070.834536] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1070.834566] [ 1070.857162] CPU: 1 UID: 0 PID: 8960 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1070.857197] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1070.857211] Call Trace: [ 1070.857218] [ 1070.857227] dump_stack_lvl+0xfa/0x120 [ 1070.857257] should_fail_ex+0x4d7/0x5e0 [ 1070.857301] should_failslab+0xc2/0x120 [ 1070.857329] __kmalloc_noprof+0xd6/0x880 [ 1070.857363] ? __create_object+0x59/0x80 [ 1070.857394] ? kobject_get_path+0xc9/0x200 [ 1070.857431] ? kobject_get_path+0xc9/0x200 [ 1070.857462] kobject_get_path+0xc9/0x200 [ 1070.857494] ? kasan_save_track+0x14/0x30 [ 1070.857525] kobject_uevent_env+0x252/0xf90 [ 1070.857579] ? lock_is_held_type+0x9e/0x120 [ 1070.857604] loop_configure+0xe3d/0x15a0 [ 1070.857664] ? __pfx_loop_configure+0x10/0x10 [ 1070.857715] ? avc_has_extended_perms+0x107/0xf20 [ 1070.857745] ? find_held_lock+0x2b/0x80 [ 1070.857767] ? avc_has_extended_perms+0x23b/0xf20 [ 1070.857796] ? lock_release+0xc8/0x270 [ 1070.857830] lo_ioctl+0x674/0x1cb0 [ 1070.857872] ? __pfx_lo_ioctl+0x10/0x10 [ 1070.857907] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 1070.857944] ? lock_acquire+0x15e/0x2d0 [ 1070.857974] ? __virt_addr_valid+0x1c6/0x5d0 [ 1070.858003] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1070.858038] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1070.858076] ? lock_release+0xc8/0x270 [ 1070.858105] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1070.858145] ? blkdev_common_ioctl+0x1c3/0x2860 [ 1070.858205] ? debug_mutex_wake_waiter+0x2c0/0x330 [ 1070.858244] ? __fget_files+0x34/0x3b0 [ 1070.858268] ? find_held_lock+0x2b/0x80 [ 1070.858289] ? __fget_files+0x203/0x3b0 [ 1070.858315] ? __pfx_lo_ioctl+0x10/0x10 [ 1070.858351] blkdev_ioctl+0x365/0x6d0 [ 1070.858382] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1070.858414] ? selinux_file_ioctl+0xb9/0x280 [ 1070.858455] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1070.858488] __x64_sys_ioctl+0x18f/0x210 [ 1070.858529] do_syscall_64+0xbf/0x420 [ 1070.858557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1070.858580] RIP: 0033:0x7f1fa08c48d7 [ 1070.858600] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1070.858624] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1070.858646] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa08c48d7 [ 1070.858662] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1070.858676] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1070.858690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1070.858704] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 1070.858733] [ 1070.873998] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1070.875247] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1070.921137] CPU: 0 UID: 0 PID: 8961 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1070.921172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1070.921186] Call Trace: [ 1070.921194] [ 1070.921202] dump_stack_lvl+0xfa/0x120 [ 1070.921237] should_fail_ex+0x4d7/0x5e0 [ 1070.921289] should_fail_alloc_page+0xe0/0x110 [ 1070.921317] prepare_alloc_pages+0x1eb/0x550 [ 1070.921343] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1070.921383] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1070.921418] ? pte_offset_map_lock+0x190/0x330 [ 1070.921446] ? find_held_lock+0x2b/0x80 [ 1070.921472] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1070.921513] ? lock_is_held_type+0x9e/0x120 [ 1070.921536] ? lock_is_held_type+0x9e/0x120 [ 1070.921568] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1070.921606] ? policy_nodemask+0xeb/0x4e0 [ 1070.921642] alloc_pages_mpol+0xed/0x340 [ 1070.921675] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1070.921706] ? filemap_get_entry+0x1bb/0x3b0 [ 1070.921739] ? __pfx_filemap_get_entry+0x10/0x10 [ 1070.921777] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1070.921816] shmem_alloc_folio+0x11b/0x140 [ 1070.921844] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1070.921886] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1070.921924] ? fault_in_readable+0x12a/0x1d0 [ 1070.921957] shmem_write_begin+0x194/0x3b0 [ 1070.921990] ? __pfx_shmem_write_begin+0x10/0x10 [ 1070.922022] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1070.922066] generic_perform_write+0x391/0x810 [ 1070.922102] ? __pfx_generic_perform_write+0x10/0x10 [ 1070.922134] ? file_update_time_flags+0x367/0x4f0 [ 1070.922169] shmem_file_write_iter+0x111/0x140 [ 1070.922195] vfs_write+0xbe9/0x1150 [ 1070.922218] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1070.922242] ? __fget_files+0x34/0x3b0 [ 1070.922266] ? __pfx_vfs_write+0x10/0x10 [ 1070.922307] __x64_sys_pwrite64+0x1f1/0x260 [ 1070.922331] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1070.922363] do_syscall_64+0xbf/0x420 [ 1070.922391] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1070.922414] RIP: 0033:0x7f9f6fba4ab7 [ 1070.922433] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1070.922455] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1070.922477] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1070.922492] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1070.922506] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1070.922519] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1070.922532] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1070.922561] 21:30:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 45) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1071.007866] loop7: detected capacity change from 0 to 160 [ 1071.045904] loop4: detected capacity change from 0 to 5 [ 1071.053904] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1071.054706] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1071.055926] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1071.059134] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:30:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 46) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:30 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 76) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1071.174558] loop4: detected capacity change from 0 to 5 [ 1071.175376] FAULT_INJECTION: forcing a failure. [ 1071.175376] name failslab, interval 1, probability 0, space 0, times 0 [ 1071.190082] CPU: 1 UID: 0 PID: 8982 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1071.190116] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1071.190128] Call Trace: [ 1071.190135] [ 1071.190142] dump_stack_lvl+0xfa/0x120 [ 1071.190170] should_fail_ex+0x4d7/0x5e0 [ 1071.190208] should_failslab+0xc2/0x120 [ 1071.190231] kmem_cache_alloc_node_noprof+0x87/0x780 [ 1071.190262] ? mark_held_locks+0x49/0x80 [ 1071.190287] ? __alloc_skb+0x159/0x430 [ 1071.190315] ? __alloc_skb+0x159/0x430 [ 1071.190336] __alloc_skb+0x159/0x430 [ 1071.190357] ? __alloc_skb+0x369/0x430 [ 1071.190378] ? __pfx___alloc_skb+0x10/0x10 [ 1071.190400] ? lock_acquire+0x15e/0x2d0 [ 1071.190423] ? netlink_has_listeners+0x7f/0x430 [ 1071.190451] ? netlink_has_listeners+0x20d/0x430 [ 1071.190476] ? lock_release+0xc8/0x270 [ 1071.190502] alloc_uevent_skb+0x7b/0x210 [ 1071.190534] kobject_uevent_env+0xa8c/0xf90 [ 1071.190566] ? lock_is_held_type+0x9e/0x120 [ 1071.190588] loop_configure+0xe3d/0x15a0 [ 1071.190636] ? __pfx_loop_configure+0x10/0x10 [ 1071.190683] ? avc_has_extended_perms+0x107/0xf20 [ 1071.190708] ? find_held_lock+0x2b/0x80 [ 1071.190725] ? avc_has_extended_perms+0x23b/0xf20 [ 1071.190752] ? lock_release+0xc8/0x270 [ 1071.190779] lo_ioctl+0x674/0x1cb0 [ 1071.190812] ? __pfx_lo_ioctl+0x10/0x10 [ 1071.190839] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 1071.190862] ? __lock_acquire+0x451/0x2250 [ 1071.190889] ? update_load_avg+0x153/0x1c90 [ 1071.190920] ? __lock_acquire+0x451/0x2250 [ 1071.190944] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1071.190976] ? blkdev_common_ioctl+0x1c3/0x2860 [ 1071.191025] ? debug_mutex_wake_waiter+0x2c0/0x330 [ 1071.191062] ? __fget_files+0x34/0x3b0 [ 1071.191082] ? find_held_lock+0x2b/0x80 [ 1071.191099] ? __fget_files+0x203/0x3b0 [ 1071.191119] ? __pfx_lo_ioctl+0x10/0x10 [ 1071.191148] blkdev_ioctl+0x365/0x6d0 [ 1071.191172] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1071.191197] ? selinux_file_ioctl+0xb9/0x280 [ 1071.191230] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1071.191257] __x64_sys_ioctl+0x18f/0x210 [ 1071.191289] do_syscall_64+0xbf/0x420 [ 1071.191313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1071.191333] RIP: 0033:0x7f1fa08c48d7 [ 1071.191348] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1071.191367] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1071.191386] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa08c48d7 [ 1071.191399] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1071.191411] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1071.191423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1071.191434] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 1071.191458] [ 1071.192182] FAULT_INJECTION: forcing a failure. [ 1071.192182] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1071.204610] loop6: detected capacity change from 0 to 32640 [ 1071.211412] CPU: 0 UID: 0 PID: 8983 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1071.211446] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1071.211459] Call Trace: [ 1071.211468] [ 1071.211476] dump_stack_lvl+0xfa/0x120 [ 1071.211510] should_fail_ex+0x4d7/0x5e0 [ 1071.211550] ? page_copy_sane+0xce/0x2b0 [ 1071.211587] copy_folio_from_iter_atomic+0x383/0x1820 [ 1071.211636] ? fault_in_readable+0x12a/0x1d0 [ 1071.211670] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1071.211709] ? shmem_write_begin+0x1ab/0x3b0 [ 1071.211741] ? __pfx_shmem_write_begin+0x10/0x10 [ 1071.211773] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1071.211818] generic_perform_write+0x1d7/0x810 [ 1071.211855] ? __pfx_generic_perform_write+0x10/0x10 [ 1071.211887] ? file_update_time_flags+0x367/0x4f0 [ 1071.211922] shmem_file_write_iter+0x111/0x140 [ 1071.211949] vfs_write+0xbe9/0x1150 [ 1071.211971] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1071.211996] ? __fget_files+0x34/0x3b0 [ 1071.212020] ? __pfx_vfs_write+0x10/0x10 [ 1071.212068] __x64_sys_pwrite64+0x1f1/0x260 [ 1071.212092] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1071.212125] do_syscall_64+0xbf/0x420 [ 1071.212156] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1071.212181] RIP: 0033:0x7f9f6fba4ab7 [ 1071.212199] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1071.212222] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1071.212244] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1071.212259] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1071.212273] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1071.212286] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1071.212299] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1071.212327] 21:30:30 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x60000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:30 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf5ffffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1071.261134] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:30:30 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x3, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:30:30 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 33) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:30 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8100000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:30 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x40000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 47) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1071.442017] FAULT_INJECTION: forcing a failure. [ 1071.442017] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1071.445106] CPU: 1 UID: 0 PID: 8993 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1071.445131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1071.445142] Call Trace: [ 1071.445147] [ 1071.445159] dump_stack_lvl+0xfa/0x120 [ 1071.445184] should_fail_ex+0x4d7/0x5e0 [ 1071.445218] should_fail_alloc_page+0xe0/0x110 [ 1071.445240] prepare_alloc_pages+0x1eb/0x550 [ 1071.445260] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1071.445291] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1071.445318] ? pte_offset_map_lock+0x190/0x330 [ 1071.445339] ? find_held_lock+0x2b/0x80 [ 1071.445359] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1071.445391] ? lock_is_held_type+0x9e/0x120 [ 1071.445409] ? lock_is_held_type+0x9e/0x120 [ 1071.445424] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1071.445453] ? policy_nodemask+0xeb/0x4e0 [ 1071.445481] alloc_pages_mpol+0xed/0x340 [ 1071.445506] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1071.445530] ? filemap_get_entry+0x1bb/0x3b0 [ 1071.445564] ? __pfx_filemap_get_entry+0x10/0x10 [ 1071.445593] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1071.445624] shmem_alloc_folio+0x11b/0x140 [ 1071.445646] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1071.445678] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1071.445707] ? fault_in_readable+0x12a/0x1d0 [ 1071.445733] shmem_write_begin+0x194/0x3b0 [ 1071.445757] ? __pfx_shmem_write_begin+0x10/0x10 [ 1071.445782] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1071.445816] generic_perform_write+0x391/0x810 [ 1071.445843] ? __pfx_generic_perform_write+0x10/0x10 [ 1071.445867] ? file_update_time_flags+0x367/0x4f0 [ 1071.445894] shmem_file_write_iter+0x111/0x140 [ 1071.445914] vfs_write+0xbe9/0x1150 [ 1071.445931] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1071.445950] ? __fget_files+0x34/0x3b0 [ 1071.445969] ? __pfx_vfs_write+0x10/0x10 [ 1071.445999] __x64_sys_pwrite64+0x1f1/0x260 [ 1071.446017] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1071.446046] do_syscall_64+0xbf/0x420 [ 1071.446068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1071.446087] RIP: 0033:0x7f32b3526ab7 [ 1071.446100] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1071.446118] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1071.446135] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1071.446146] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1071.446157] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1071.446167] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1071.446177] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1071.446198] [ 1071.490996] loop4: detected capacity change from 0 to 5 [ 1071.496971] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1071.518112] loop6: detected capacity change from 0 to 48 [ 1071.521769] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1071.522394] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1071.523394] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1071.529289] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:30:31 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 34) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:31 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 48) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1071.574277] FAULT_INJECTION: forcing a failure. [ 1071.574277] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1071.575494] CPU: 1 UID: 0 PID: 9006 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1071.575513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1071.575523] Call Trace: [ 1071.575528] [ 1071.575533] dump_stack_lvl+0xfa/0x120 [ 1071.575555] should_fail_ex+0x4d7/0x5e0 [ 1071.575581] ? page_copy_sane+0xce/0x2b0 [ 1071.575606] copy_folio_from_iter_atomic+0x383/0x1820 [ 1071.575639] ? fault_in_readable+0x12a/0x1d0 [ 1071.575661] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1071.575687] ? shmem_write_begin+0x1ab/0x3b0 [ 1071.575710] ? __pfx_shmem_write_begin+0x10/0x10 [ 1071.575731] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1071.575762] generic_perform_write+0x1d7/0x810 [ 1071.575786] ? __pfx_generic_perform_write+0x10/0x10 [ 1071.575807] ? file_update_time_flags+0x367/0x4f0 [ 1071.575830] shmem_file_write_iter+0x111/0x140 [ 1071.575848] vfs_write+0xbe9/0x1150 [ 1071.575864] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1071.575880] ? __fget_files+0x34/0x3b0 [ 1071.575896] ? __pfx_vfs_write+0x10/0x10 [ 1071.575922] __x64_sys_pwrite64+0x1f1/0x260 [ 1071.575938] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1071.575959] do_syscall_64+0xbf/0x420 [ 1071.575978] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1071.575993] RIP: 0033:0x7f32b3526ab7 [ 1071.576005] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1071.576020] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1071.576034] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1071.576049] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1071.576058] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1071.576068] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1071.576076] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1071.576095] [ 1071.599905] loop4: detected capacity change from 0 to 5 [ 1071.600692] FAULT_INJECTION: forcing a failure. [ 1071.600692] name failslab, interval 1, probability 0, space 0, times 0 [ 1071.601811] CPU: 1 UID: 0 PID: 9008 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1071.601833] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1071.601844] Call Trace: [ 1071.601851] [ 1071.601856] dump_stack_lvl+0xfa/0x120 [ 1071.601876] should_fail_ex+0x4d7/0x5e0 [ 1071.601907] ? skb_clone+0x191/0x400 [ 1071.601931] should_failslab+0xc2/0x120 [ 1071.601948] kmem_cache_alloc_noprof+0x80/0x760 [ 1071.601971] ? netlink_broadcast_filtered+0xe6/0xe90 [ 1071.601996] ? skb_clone+0x191/0x400 [ 1071.602014] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1071.602034] skb_clone+0x191/0x400 [ 1071.602058] netlink_broadcast_filtered+0xab1/0xe90 [ 1071.602085] ? __pfx_netlink_broadcast_filtered+0x10/0x10 [ 1071.602110] netlink_broadcast+0x39/0x50 [ 1071.602133] kobject_uevent_env+0xa58/0xf90 [ 1071.602159] ? lock_is_held_type+0x9e/0x120 [ 1071.602176] loop_configure+0xe3d/0x15a0 [ 1071.602212] ? __pfx_loop_configure+0x10/0x10 [ 1071.602243] ? avc_has_extended_perms+0x107/0xf20 [ 1071.602262] ? find_held_lock+0x2b/0x80 [ 1071.602275] ? avc_has_extended_perms+0x23b/0xf20 [ 1071.602292] ? lock_release+0xc8/0x270 [ 1071.602312] lo_ioctl+0x674/0x1cb0 [ 1071.602337] ? __pfx_lo_ioctl+0x10/0x10 [ 1071.602358] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 1071.602380] ? lock_acquire+0x15e/0x2d0 [ 1071.602398] ? __virt_addr_valid+0x1c6/0x5d0 [ 1071.602416] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1071.602438] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1071.602457] ? lock_release+0xc8/0x270 [ 1071.602475] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1071.602498] ? blkdev_common_ioctl+0x1c3/0x2860 [ 1071.602536] ? debug_mutex_wake_waiter+0x2c0/0x330 [ 1071.602559] ? __fget_files+0x34/0x3b0 [ 1071.602574] ? find_held_lock+0x2b/0x80 [ 1071.602587] ? __fget_files+0x203/0x3b0 [ 1071.602602] ? __pfx_lo_ioctl+0x10/0x10 [ 1071.602623] blkdev_ioctl+0x365/0x6d0 [ 1071.602642] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1071.602660] ? selinux_file_ioctl+0xb9/0x280 [ 1071.602686] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1071.602705] __x64_sys_ioctl+0x18f/0x210 [ 1071.602730] do_syscall_64+0xbf/0x420 [ 1071.602747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1071.602761] RIP: 0033:0x7f1fa08c48d7 [ 1071.602772] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1071.602786] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1071.602800] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa08c48d7 [ 1071.602809] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1071.602818] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1071.602827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1071.602835] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 1071.602853] [ 1071.640664] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:30:31 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 49) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1071.692520] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1071.693516] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1071.694791] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1071.720988] loop4: detected capacity change from 0 to 5 [ 1071.721652] FAULT_INJECTION: forcing a failure. [ 1071.721652] name failslab, interval 1, probability 0, space 0, times 0 21:30:31 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x80000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1071.743112] CPU: 1 UID: 0 PID: 9012 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1071.743132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1071.743141] Call Trace: [ 1071.743147] [ 1071.743152] dump_stack_lvl+0xfa/0x120 [ 1071.743174] should_fail_ex+0x4d7/0x5e0 [ 1071.743202] ? skb_clone+0x191/0x400 [ 1071.743222] should_failslab+0xc2/0x120 [ 1071.743240] kmem_cache_alloc_noprof+0x80/0x760 [ 1071.743261] ? netlink_broadcast_filtered+0xe6/0xe90 [ 1071.743286] ? skb_clone+0x191/0x400 [ 1071.743303] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1071.743323] skb_clone+0x191/0x400 [ 1071.743344] netlink_broadcast_filtered+0xab1/0xe90 [ 1071.743370] ? __pfx_netlink_broadcast_filtered+0x10/0x10 [ 1071.743395] netlink_broadcast+0x39/0x50 [ 1071.743415] kobject_uevent_env+0xa58/0xf90 [ 1071.743439] ? lock_is_held_type+0x9e/0x120 [ 1071.743455] loop_configure+0xe3d/0x15a0 [ 1071.743490] ? __pfx_loop_configure+0x10/0x10 [ 1071.743520] ? avc_has_extended_perms+0x107/0xf20 [ 1071.743538] ? find_held_lock+0x2b/0x80 [ 1071.743550] ? avc_has_extended_perms+0x23b/0xf20 [ 1071.743567] ? lock_release+0xc8/0x270 [ 1071.743586] lo_ioctl+0x674/0x1cb0 [ 1071.743610] ? __pfx_lo_ioctl+0x10/0x10 [ 1071.743630] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 1071.743651] ? lock_acquire+0x15e/0x2d0 [ 1071.743669] ? __virt_addr_valid+0x1c6/0x5d0 [ 1071.743686] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1071.743707] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1071.743726] ? lock_release+0xc8/0x270 [ 1071.743743] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1071.743766] ? blkdev_common_ioctl+0x1c3/0x2860 [ 1071.743802] ? debug_mutex_wake_waiter+0x2c0/0x330 [ 1071.743826] ? __fget_files+0x34/0x3b0 [ 1071.743841] ? find_held_lock+0x2b/0x80 [ 1071.743853] ? __fget_files+0x203/0x3b0 [ 1071.743868] ? __pfx_lo_ioctl+0x10/0x10 [ 1071.743889] blkdev_ioctl+0x365/0x6d0 [ 1071.743907] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1071.743926] ? selinux_file_ioctl+0xb9/0x280 [ 1071.743949] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1071.743969] __x64_sys_ioctl+0x18f/0x210 [ 1071.743993] do_syscall_64+0xbf/0x420 [ 1071.744010] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1071.744025] RIP: 0033:0x7f1fa08c48d7 [ 1071.744040] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1071.744055] RSP: 002b:00007f1f9de39f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1071.744069] RAX: ffffffffffffffda RBX: 00007f1fa090e970 RCX: 00007f1fa08c48d7 [ 1071.744078] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1071.744087] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 1071.744095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1071.744104] R13: 0000000000000004 R14: 0000000020000070 R15: 0000000000000002 [ 1071.744121] [ 1071.770917] loop7: detected capacity change from 0 to 32640 [ 1071.806886] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1071.807913] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1071.813152] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1071.827809] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1071.876516] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1071.877354] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1071.888099] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:30:40 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 77) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:40 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfbffffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:30:40 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 35) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:40 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:40 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x4, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:30:40 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 50) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:40 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xa0000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1080.910673] FAULT_INJECTION: forcing a failure. [ 1080.910673] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1080.911703] CPU: 1 UID: 0 PID: 9030 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1080.911722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1080.911730] Call Trace: [ 1080.911735] [ 1080.911740] dump_stack_lvl+0xfa/0x120 [ 1080.911761] should_fail_ex+0x4d7/0x5e0 [ 1080.911785] ? page_copy_sane+0xce/0x2b0 [ 1080.911807] copy_folio_from_iter_atomic+0x383/0x1820 [ 1080.911835] ? fault_in_readable+0x12a/0x1d0 [ 1080.911855] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1080.911878] ? shmem_write_begin+0x1ab/0x3b0 [ 1080.911897] ? __pfx_shmem_write_begin+0x10/0x10 [ 1080.911916] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1080.911943] generic_perform_write+0x1d7/0x810 [ 1080.911964] ? __pfx_generic_perform_write+0x10/0x10 [ 1080.911982] ? file_update_time_flags+0x367/0x4f0 [ 1080.912004] shmem_file_write_iter+0x111/0x140 [ 1080.912019] vfs_write+0xbe9/0x1150 [ 1080.912033] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1080.912052] ? __fget_files+0x34/0x3b0 [ 1080.912066] ? __pfx_vfs_write+0x10/0x10 [ 1080.912089] __x64_sys_pwrite64+0x1f1/0x260 [ 1080.912103] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1080.912121] do_syscall_64+0xbf/0x420 [ 1080.912137] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1080.912152] RIP: 0033:0x7f32b3526ab7 [ 1080.912162] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1080.912175] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1080.912188] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1080.912196] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1080.912204] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1080.912212] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1080.912219] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1080.912235] [ 1080.943728] FAULT_INJECTION: forcing a failure. [ 1080.943728] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1080.948447] CPU: 0 UID: 0 PID: 9033 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1080.948486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1080.948502] Call Trace: [ 1080.948510] [ 1080.948521] dump_stack_lvl+0xfa/0x120 [ 1080.948558] should_fail_ex+0x4d7/0x5e0 [ 1080.948603] ? page_copy_sane+0xce/0x2b0 [ 1080.948647] copy_folio_from_iter_atomic+0x383/0x1820 [ 1080.948706] ? fault_in_readable+0x12a/0x1d0 [ 1080.948745] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1080.948792] ? shmem_write_begin+0x1ab/0x3b0 [ 1080.948831] ? __pfx_shmem_write_begin+0x10/0x10 [ 1080.948869] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1080.948923] generic_perform_write+0x1d7/0x810 [ 1080.948967] ? __pfx_generic_perform_write+0x10/0x10 [ 1080.949005] ? file_update_time_flags+0x367/0x4f0 [ 1080.949057] shmem_file_write_iter+0x111/0x140 [ 1080.949089] vfs_write+0xbe9/0x1150 [ 1080.949115] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1080.949145] ? __fget_files+0x34/0x3b0 [ 1080.949173] ? __pfx_vfs_write+0x10/0x10 [ 1080.949222] __x64_sys_pwrite64+0x1f1/0x260 [ 1080.949251] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1080.949290] do_syscall_64+0xbf/0x420 [ 1080.949322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1080.949351] RIP: 0033:0x7f9f6fba4ab7 [ 1080.949372] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1080.949397] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1080.949424] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1080.949442] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1080.949458] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1080.949474] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1080.949490] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1080.949524] [ 1080.982468] set_capacity_and_notify: 1 callbacks suppressed [ 1080.982489] loop4: detected capacity change from 0 to 5 [ 1080.987503] FAULT_INJECTION: forcing a failure. [ 1080.987503] name failslab, interval 1, probability 0, space 0, times 0 [ 1080.994720] CPU: 0 UID: 0 PID: 9037 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1080.994755] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1080.994769] Call Trace: [ 1080.994777] [ 1080.994786] dump_stack_lvl+0xfa/0x120 [ 1080.994819] should_fail_ex+0x4d7/0x5e0 [ 1080.994865] ? do_getname+0x2b/0x3d0 [ 1080.994895] should_failslab+0xc2/0x120 [ 1080.994923] kmem_cache_alloc_noprof+0x80/0x760 [ 1080.994959] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 1080.995000] ? do_getname+0x2b/0x3d0 [ 1080.995030] do_getname+0x2b/0x3d0 [ 1080.995072] __x64_sys_mkdir+0x55/0x80 [ 1080.995099] do_syscall_64+0xbf/0x420 [ 1080.995128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1080.995153] RIP: 0033:0x7f1fa08c3c27 [ 1080.995172] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1080.995197] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1080.995220] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1080.995236] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1080.995251] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1080.995266] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1080.995280] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1080.995310] [ 1081.018533] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1081.020783] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1081.022546] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1081.128504] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1081.129974] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1081.131335] loop7: detected capacity change from 0 to 32640 [ 1081.138704] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1081.178579] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1081.179135] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1081.179934] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1081.231690] loop6: detected capacity change from 0 to 32640 21:30:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 51) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:49 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 36) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:49 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc0000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:49 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x2, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:49 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x8, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:30:49 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:49 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 78) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:49 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfeff1f00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1089.579583] loop4: detected capacity change from 0 to 5 [ 1089.583345] FAULT_INJECTION: forcing a failure. [ 1089.583345] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1089.587137] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1089.589537] FAULT_INJECTION: forcing a failure. [ 1089.589537] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1089.590116] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1089.591576] CPU: 0 UID: 0 PID: 9070 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1089.591613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1089.591629] Call Trace: [ 1089.591639] [ 1089.591649] dump_stack_lvl+0xfa/0x120 [ 1089.591688] should_fail_ex+0x4d7/0x5e0 [ 1089.591743] should_fail_alloc_page+0xe0/0x110 [ 1089.591780] prepare_alloc_pages+0x1eb/0x550 [ 1089.591812] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1089.591864] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1089.591910] ? pte_offset_map_lock+0x190/0x330 [ 1089.591945] ? find_held_lock+0x2b/0x80 [ 1089.591978] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1089.592032] ? lock_is_held_type+0x9e/0x120 [ 1089.592069] ? lock_is_held_type+0x9e/0x120 [ 1089.592094] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1089.592143] ? policy_nodemask+0xeb/0x4e0 [ 1089.592190] alloc_pages_mpol+0xed/0x340 [ 1089.592234] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1089.592274] ? filemap_get_entry+0x1bb/0x3b0 [ 1089.592317] ? __pfx_filemap_get_entry+0x10/0x10 [ 1089.592366] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1089.592418] shmem_alloc_folio+0x11b/0x140 [ 1089.592453] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1089.592507] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1089.592556] ? fault_in_readable+0x12a/0x1d0 [ 1089.592600] shmem_write_begin+0x194/0x3b0 [ 1089.592642] ? __pfx_shmem_write_begin+0x10/0x10 [ 1089.592684] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1089.592742] generic_perform_write+0x391/0x810 [ 1089.592788] ? __pfx_generic_perform_write+0x10/0x10 [ 1089.592830] ? file_update_time_flags+0x367/0x4f0 [ 1089.592875] shmem_file_write_iter+0x111/0x140 [ 1089.592910] vfs_write+0xbe9/0x1150 [ 1089.592939] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1089.592971] ? __fget_files+0x34/0x3b0 [ 1089.593002] ? __pfx_vfs_write+0x10/0x10 [ 1089.593054] __x64_sys_pwrite64+0x1f1/0x260 [ 1089.593085] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1089.593117] ? trace_hardirqs_off+0x65/0x100 [ 1089.593164] do_syscall_64+0xbf/0x420 [ 1089.593199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1089.593229] RIP: 0033:0x7f32b3526ab7 [ 1089.593252] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1089.593282] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1089.593310] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1089.593330] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1089.593348] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1089.593366] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1089.593383] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1089.593419] [ 1089.597739] loop6: detected capacity change from 0 to 56 [ 1089.598137] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1089.599184] CPU: 0 UID: 0 PID: 9069 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1089.599222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1089.599239] Call Trace: [ 1089.599248] [ 1089.599259] dump_stack_lvl+0xfa/0x120 21:30:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 52) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1089.599293] should_fail_ex+0x4d7/0x5e0 [ 1089.599346] should_fail_alloc_page+0xe0/0x110 [ 1089.599381] prepare_alloc_pages+0x1eb/0x550 [ 1089.599411] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1089.599462] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1089.599507] ? pte_offset_map_lock+0x190/0x330 [ 1089.599542] ? find_held_lock+0x2b/0x80 [ 1089.599575] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1089.599629] ? lock_is_held_type+0x9e/0x120 [ 1089.599659] ? lock_is_held_type+0x9e/0x120 [ 1089.599684] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1089.599731] ? policy_nodemask+0xeb/0x4e0 [ 1089.599778] alloc_pages_mpol+0xed/0x340 [ 1089.599820] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1089.599861] ? filemap_get_entry+0x1bb/0x3b0 [ 1089.599903] ? __pfx_filemap_get_entry+0x10/0x10 [ 1089.599953] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1089.600005] shmem_alloc_folio+0x11b/0x140 [ 1089.600047] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1089.600101] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1089.600151] ? fault_in_readable+0x12a/0x1d0 [ 1089.600194] shmem_write_begin+0x194/0x3b0 [ 1089.600236] ? __pfx_shmem_write_begin+0x10/0x10 [ 1089.600278] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1089.600336] generic_perform_write+0x391/0x810 [ 1089.600382] ? __pfx_generic_perform_write+0x10/0x10 [ 1089.600423] ? file_update_time_flags+0x367/0x4f0 [ 1089.600467] shmem_file_write_iter+0x111/0x140 [ 1089.600502] vfs_write+0xbe9/0x1150 [ 1089.600530] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1089.600563] ? __fget_files+0x34/0x3b0 [ 1089.600592] ? __pfx_vfs_write+0x10/0x10 [ 1089.600644] __x64_sys_pwrite64+0x1f1/0x260 [ 1089.600675] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1089.600717] do_syscall_64+0xbf/0x420 [ 1089.600752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1089.600781] RIP: 0033:0x7f9f6fba4ab7 [ 1089.600803] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1089.600832] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1089.600859] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1089.600879] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1089.600897] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1089.600915] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1089.600933] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1089.600969] [ 1089.605020] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 1089.605451] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1089.607607] loop7: detected capacity change from 0 to 168 [ 1089.686515] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1089.686980] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1089.688220] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1089.693884] loop4: detected capacity change from 0 to 5 21:30:49 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 37) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1089.714286] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:30:49 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x10, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 1089.790560] FAULT_INJECTION: forcing a failure. [ 1089.790560] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1089.791653] CPU: 1 UID: 0 PID: 9088 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1089.791671] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1089.791678] Call Trace: [ 1089.791683] [ 1089.791688] dump_stack_lvl+0xfa/0x120 [ 1089.791707] should_fail_ex+0x4d7/0x5e0 [ 1089.791729] ? page_copy_sane+0xce/0x2b0 [ 1089.791748] copy_folio_from_iter_atomic+0x383/0x1820 [ 1089.791773] ? fault_in_readable+0x12a/0x1d0 [ 1089.791791] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1089.791812] ? shmem_write_begin+0x1ab/0x3b0 [ 1089.791829] ? __pfx_shmem_write_begin+0x10/0x10 [ 1089.791846] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1089.791870] generic_perform_write+0x1d7/0x810 [ 1089.791889] ? __pfx_generic_perform_write+0x10/0x10 [ 1089.791906] ? file_update_time_flags+0x367/0x4f0 [ 1089.791925] shmem_file_write_iter+0x111/0x140 [ 1089.791939] vfs_write+0xbe9/0x1150 [ 1089.791952] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1089.791965] ? __fget_files+0x34/0x3b0 [ 1089.791978] ? __pfx_vfs_write+0x10/0x10 [ 1089.792001] __x64_sys_pwrite64+0x1f1/0x260 [ 1089.792013] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1089.792031] do_syscall_64+0xbf/0x420 [ 1089.792046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1089.792059] RIP: 0033:0x7f32b3526ab7 [ 1089.792069] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1089.792082] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1089.792094] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1089.792102] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1089.792110] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1089.792117] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1089.792124] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1089.792140] 21:30:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 53) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:49 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 79) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1089.878207] loop4: detected capacity change from 0 to 5 [ 1089.886321] FAULT_INJECTION: forcing a failure. [ 1089.886321] name fail_usercopy, interval 1, probability 0, space 0, times 0 21:30:49 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffdffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:30:49 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xe0000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:49 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x3, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1089.904121] CPU: 0 UID: 0 PID: 9091 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1089.904157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1089.904172] Call Trace: [ 1089.904181] [ 1089.904190] dump_stack_lvl+0xfa/0x120 [ 1089.904225] should_fail_ex+0x4d7/0x5e0 [ 1089.904272] strncpy_from_user+0x3b/0x2f0 [ 1089.904310] do_getname+0x70/0x3d0 [ 1089.904346] __x64_sys_mkdir+0x55/0x80 [ 1089.904377] do_syscall_64+0xbf/0x420 [ 1089.904406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1089.904432] RIP: 0033:0x7f1fa08c3c27 [ 1089.904452] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1089.904477] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1089.904502] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1089.904518] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1089.904534] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1089.904549] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1089.904564] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1089.904595] [ 1089.935666] FAULT_INJECTION: forcing a failure. [ 1089.935666] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1089.936895] CPU: 1 UID: 0 PID: 9098 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1089.936912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1089.936920] Call Trace: [ 1089.936924] [ 1089.936929] dump_stack_lvl+0xfa/0x120 [ 1089.936948] should_fail_ex+0x4d7/0x5e0 [ 1089.936970] ? page_copy_sane+0xce/0x2b0 [ 1089.936991] copy_folio_from_iter_atomic+0x383/0x1820 [ 1089.937017] ? fault_in_readable+0x12a/0x1d0 [ 1089.937041] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1089.937062] ? shmem_write_begin+0x1ab/0x3b0 [ 1089.937083] ? __pfx_shmem_write_begin+0x10/0x10 [ 1089.937100] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1089.937125] generic_perform_write+0x1d7/0x810 [ 1089.937145] ? __pfx_generic_perform_write+0x10/0x10 [ 1089.937163] ? file_update_time_flags+0x367/0x4f0 [ 1089.937183] shmem_file_write_iter+0x111/0x140 [ 1089.937197] vfs_write+0xbe9/0x1150 [ 1089.937210] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1089.937224] ? __fget_files+0x34/0x3b0 [ 1089.937237] ? __pfx_vfs_write+0x10/0x10 [ 1089.937260] __x64_sys_pwrite64+0x1f1/0x260 [ 1089.937273] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1089.937291] do_syscall_64+0xbf/0x420 [ 1089.937306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1089.937319] RIP: 0033:0x7f9f6fba4ab7 [ 1089.937329] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1089.937342] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1089.937354] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1089.937362] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1089.937370] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1089.937378] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1089.937385] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1089.937400] 21:30:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 54) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1090.034226] loop6: detected capacity change from 0 to 32640 21:30:49 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x300, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:30:49 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x10000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1090.090718] loop4: detected capacity change from 0 to 5 [ 1090.096834] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1090.097975] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1090.102136] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1090.111481] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:30:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 55) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:49 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 38) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:49 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xffff1f00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1090.224545] loop4: detected capacity change from 0 to 5 [ 1090.229409] FAULT_INJECTION: forcing a failure. [ 1090.229409] name failslab, interval 1, probability 0, space 0, times 0 [ 1090.230492] CPU: 1 UID: 0 PID: 9118 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1090.230510] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1090.230518] Call Trace: [ 1090.230524] [ 1090.230529] dump_stack_lvl+0xfa/0x120 [ 1090.230551] should_fail_ex+0x4d7/0x5e0 [ 1090.230577] ? __d_alloc+0x34/0xa10 [ 1090.230594] should_failslab+0xc2/0x120 [ 1090.230609] kmem_cache_alloc_lru_noprof+0x84/0x770 [ 1090.230630] ? __d_lookup+0x255/0x490 [ 1090.230655] ? __d_alloc+0x34/0xa10 [ 1090.230669] __d_alloc+0x34/0xa10 [ 1090.230687] d_alloc+0x4a/0x1e0 [ 1090.230704] lookup_one_qstr_excl+0x174/0x270 [ 1090.230722] ? mnt_want_write+0x153/0x420 [ 1090.230744] filename_create+0x1c1/0x400 [ 1090.230766] ? __pfx_filename_create+0x10/0x10 [ 1090.230787] ? __virt_addr_valid+0x2e8/0x5d0 [ 1090.230809] do_mkdirat+0xa8/0x440 [ 1090.230825] ? __pfx_do_mkdirat+0x10/0x10 [ 1090.230840] ? strncpy_from_user+0x21b/0x2f0 [ 1090.230863] __x64_sys_mkdir+0x65/0x80 [ 1090.230878] do_syscall_64+0xbf/0x420 [ 1090.230895] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1090.230909] RIP: 0033:0x7f1fa08c3c27 [ 1090.230919] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1090.230933] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1090.230946] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1090.230955] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1090.230963] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1090.230971] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1090.230979] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1090.230996] [ 1090.254507] FAULT_INJECTION: forcing a failure. [ 1090.254507] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1090.259269] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1090.259752] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1090.260572] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1090.267161] CPU: 1 UID: 0 PID: 9122 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1090.267179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1090.267187] Call Trace: [ 1090.267192] [ 1090.267196] dump_stack_lvl+0xfa/0x120 [ 1090.267215] should_fail_ex+0x4d7/0x5e0 [ 1090.267237] ? page_copy_sane+0xce/0x2b0 [ 1090.267258] copy_folio_from_iter_atomic+0x383/0x1820 [ 1090.267285] ? fault_in_readable+0x12a/0x1d0 [ 1090.267304] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1090.267326] ? shmem_write_begin+0x1ab/0x3b0 [ 1090.267344] ? __pfx_shmem_write_begin+0x10/0x10 [ 1090.267362] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1090.267392] generic_perform_write+0x1d7/0x810 [ 1090.267412] ? __pfx_generic_perform_write+0x10/0x10 [ 1090.267429] ? file_update_time_flags+0x367/0x4f0 [ 1090.267448] shmem_file_write_iter+0x111/0x140 [ 1090.267462] vfs_write+0xbe9/0x1150 [ 1090.267475] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1090.267489] ? __fget_files+0x34/0x3b0 [ 1090.267502] ? __pfx_vfs_write+0x10/0x10 [ 1090.267524] __x64_sys_pwrite64+0x1f1/0x260 [ 1090.267538] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1090.267555] do_syscall_64+0xbf/0x420 [ 1090.267570] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1090.267583] RIP: 0033:0x7f32b3526ab7 [ 1090.267594] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1090.267606] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1090.267619] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1090.267627] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1090.267635] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1090.267643] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1090.267650] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1090.267666] [ 1090.291281] loop7: detected capacity change from 0 to 32640 [ 1090.436470] loop6: detected capacity change from 0 to 32640 21:30:58 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 39) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:58 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x100000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:58 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 56) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:30:58 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x4, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:58 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x810, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:30:58 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffffdff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:30:58 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x20000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:30:58 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 80) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1098.964611] FAULT_INJECTION: forcing a failure. [ 1098.964611] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1098.966556] loop4: detected capacity change from 0 to 5 [ 1098.970097] CPU: 1 UID: 0 PID: 9141 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1098.970115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1098.970123] Call Trace: [ 1098.970128] [ 1098.970133] dump_stack_lvl+0xfa/0x120 [ 1098.970154] should_fail_ex+0x4d7/0x5e0 [ 1098.970176] ? page_copy_sane+0xce/0x2b0 [ 1098.970197] copy_folio_from_iter_atomic+0x383/0x1820 [ 1098.970224] ? fault_in_readable+0x12a/0x1d0 [ 1098.970242] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1098.970264] ? shmem_write_begin+0x1ab/0x3b0 [ 1098.970282] ? __pfx_shmem_write_begin+0x10/0x10 [ 1098.970299] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1098.970325] generic_perform_write+0x1d7/0x810 [ 1098.970345] ? __pfx_generic_perform_write+0x10/0x10 [ 1098.970362] ? file_update_time_flags+0x367/0x4f0 [ 1098.970383] shmem_file_write_iter+0x111/0x140 [ 1098.970397] vfs_write+0xbe9/0x1150 [ 1098.970410] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1098.970423] ? __fget_files+0x34/0x3b0 [ 1098.970437] ? __pfx_vfs_write+0x10/0x10 [ 1098.970459] __x64_sys_pwrite64+0x1f1/0x260 [ 1098.970472] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1098.970490] do_syscall_64+0xbf/0x420 [ 1098.970505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1098.970518] RIP: 0033:0x7f9f6fba4ab7 [ 1098.970528] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1098.970541] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1098.970553] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1098.970562] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1098.970570] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1098.970577] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1098.970585] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1098.970600] [ 1098.986213] FAULT_INJECTION: forcing a failure. [ 1098.986213] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1098.987429] CPU: 1 UID: 0 PID: 9142 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1098.987445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1098.987452] Call Trace: [ 1098.987455] [ 1098.987460] dump_stack_lvl+0xfa/0x120 [ 1098.987474] should_fail_ex+0x4d7/0x5e0 [ 1098.987496] strncpy_from_user+0x3b/0x2f0 [ 1098.987515] do_getname+0x70/0x3d0 [ 1098.987533] __x64_sys_mkdir+0x55/0x80 [ 1098.987547] do_syscall_64+0xbf/0x420 [ 1098.987562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1098.987574] RIP: 0033:0x7f1fa08c3c27 [ 1098.987583] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1098.987595] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1098.987607] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1098.987615] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1098.987623] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1098.987630] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1098.987638] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1098.987654] 21:30:58 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 57) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1099.021219] FAULT_INJECTION: forcing a failure. [ 1099.021219] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1099.024189] CPU: 0 UID: 0 PID: 9153 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1099.024233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1099.024249] Call Trace: [ 1099.024258] [ 1099.024267] dump_stack_lvl+0xfa/0x120 [ 1099.024302] should_fail_ex+0x4d7/0x5e0 [ 1099.024351] should_fail_alloc_page+0xe0/0x110 [ 1099.024384] prepare_alloc_pages+0x1eb/0x550 [ 1099.024413] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1099.024460] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1099.024501] ? pte_offset_map_lock+0x190/0x330 [ 1099.024532] ? find_held_lock+0x2b/0x80 [ 1099.024562] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1099.024610] ? lock_is_held_type+0x9e/0x120 [ 1099.024637] ? lock_is_held_type+0x9e/0x120 [ 1099.024659] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1099.024703] ? policy_nodemask+0xeb/0x4e0 [ 1099.024744] alloc_pages_mpol+0xed/0x340 [ 1099.024783] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1099.024820] ? filemap_get_entry+0x1bb/0x3b0 [ 1099.024858] ? __pfx_filemap_get_entry+0x10/0x10 [ 1099.024902] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1099.024948] shmem_alloc_folio+0x11b/0x140 [ 1099.024980] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1099.025029] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1099.025073] ? fault_in_readable+0x12a/0x1d0 [ 1099.025112] shmem_write_begin+0x194/0x3b0 [ 1099.025150] ? __pfx_shmem_write_begin+0x10/0x10 [ 1099.025187] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1099.025238] generic_perform_write+0x391/0x810 [ 1099.025280] ? __pfx_generic_perform_write+0x10/0x10 [ 1099.025317] ? file_update_time_flags+0x367/0x4f0 [ 1099.025357] shmem_file_write_iter+0x111/0x140 [ 1099.025388] vfs_write+0xbe9/0x1150 [ 1099.025414] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1099.025443] ? __fget_files+0x34/0x3b0 [ 1099.025471] ? __pfx_vfs_write+0x10/0x10 [ 1099.025517] __x64_sys_pwrite64+0x1f1/0x260 [ 1099.025546] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1099.025583] do_syscall_64+0xbf/0x420 [ 1099.025615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1099.025642] RIP: 0033:0x7f32b3526ab7 [ 1099.025663] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1099.025688] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1099.025714] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1099.025732] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1099.025748] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1099.025765] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1099.025780] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1099.025812] [ 1099.093342] loop6: detected capacity change from 0 to 64 [ 1099.094204] loop4: detected capacity change from 0 to 5 [ 1099.095356] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 1099.095663] FAULT_INJECTION: forcing a failure. [ 1099.095663] name failslab, interval 1, probability 0, space 0, times 0 [ 1099.098838] CPU: 0 UID: 0 PID: 9160 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1099.098872] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1099.098887] Call Trace: [ 1099.098896] [ 1099.098906] dump_stack_lvl+0xfa/0x120 [ 1099.098945] should_fail_ex+0x4d7/0x5e0 [ 1099.098991] ? jbd2__journal_start+0x193/0x820 [ 1099.099030] should_failslab+0xc2/0x120 [ 1099.099058] kmem_cache_alloc_noprof+0x80/0x760 [ 1099.099098] ? lock_is_held_type+0x9e/0x120 [ 1099.099126] ? jbd2__journal_start+0x193/0x820 [ 1099.099164] jbd2__journal_start+0x193/0x820 [ 1099.099207] __ext4_journal_start_sb+0x325/0x580 [ 1099.099245] __ext4_new_inode+0x2c81/0x4cd0 [ 1099.099291] ? __pfx___ext4_new_inode+0x10/0x10 [ 1099.099323] ? __pfx_avc_has_perm+0x10/0x10 [ 1099.099352] ? __pfx___dquot_initialize+0x10/0x10 [ 1099.099404] ext4_mkdir+0x331/0xb30 [ 1099.099450] ? __pfx_ext4_mkdir+0x10/0x10 [ 1099.099486] ? security_inode_permission+0x72/0xe0 [ 1099.099518] vfs_mkdir+0x6d8/0xc00 [ 1099.099560] do_mkdirat+0x11a/0x440 [ 1099.099590] ? __pfx_do_mkdirat+0x10/0x10 [ 1099.099618] ? strncpy_from_user+0x21b/0x2f0 [ 1099.099661] __x64_sys_mkdir+0x65/0x80 [ 1099.099690] do_syscall_64+0xbf/0x420 [ 1099.099722] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1099.099747] RIP: 0033:0x7f1fa08c3c27 [ 1099.099767] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1099.099791] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1099.099815] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1099.099831] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1099.099846] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1099.099861] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1099.099876] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1099.099907] [ 1099.148267] EXT4-fs error (device sda) in __ext4_new_inode:1086: Out of memory 21:30:58 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 40) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1099.203229] FAULT_INJECTION: forcing a failure. [ 1099.203229] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1099.219717] CPU: 0 UID: 0 PID: 9164 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1099.219756] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1099.219772] Call Trace: [ 1099.219781] [ 1099.219792] dump_stack_lvl+0xfa/0x120 [ 1099.219829] should_fail_ex+0x4d7/0x5e0 [ 1099.219875] ? page_copy_sane+0xce/0x2b0 [ 1099.219918] copy_folio_from_iter_atomic+0x383/0x1820 [ 1099.219975] ? fault_in_readable+0x12a/0x1d0 [ 1099.220019] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1099.220072] ? shmem_write_begin+0x1ab/0x3b0 [ 1099.220109] ? __pfx_shmem_write_begin+0x10/0x10 [ 1099.220147] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1099.220199] generic_perform_write+0x1d7/0x810 [ 1099.220241] ? __pfx_generic_perform_write+0x10/0x10 [ 1099.220278] ? file_update_time_flags+0x367/0x4f0 [ 1099.220319] shmem_file_write_iter+0x111/0x140 [ 1099.220350] vfs_write+0xbe9/0x1150 [ 1099.220376] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1099.220405] ? __fget_files+0x34/0x3b0 [ 1099.220433] ? __pfx_vfs_write+0x10/0x10 [ 1099.220480] __x64_sys_pwrite64+0x1f1/0x260 [ 1099.220508] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1099.220545] do_syscall_64+0xbf/0x420 [ 1099.220577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1099.220605] RIP: 0033:0x7f32b3526ab7 [ 1099.220625] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1099.220653] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1099.220679] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1099.220696] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1099.220713] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1099.220729] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1099.220745] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1099.220778] [ 1099.407164] loop7: detected capacity change from 0 to 32640 [ 1099.578135] loop6: detected capacity change from 0 to 32640 21:31:08 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 58) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:08 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffffff4, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:31:08 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 41) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:08 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 81) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:08 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x1008, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:31:08 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3f000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:08 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:08 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1ffffe, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1109.082872] FAULT_INJECTION: forcing a failure. [ 1109.082872] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1109.084221] CPU: 1 UID: 0 PID: 9177 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1109.084243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1109.084254] Call Trace: [ 1109.084261] [ 1109.084268] dump_stack_lvl+0xfa/0x120 [ 1109.084294] should_fail_ex+0x4d7/0x5e0 [ 1109.084324] ? page_copy_sane+0xce/0x2b0 [ 1109.084352] copy_folio_from_iter_atomic+0x383/0x1820 [ 1109.084389] ? fault_in_readable+0x12a/0x1d0 [ 1109.084415] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1109.084445] ? shmem_write_begin+0x1ab/0x3b0 [ 1109.084470] ? __pfx_shmem_write_begin+0x10/0x10 [ 1109.084494] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1109.084529] generic_perform_write+0x1d7/0x810 [ 1109.084557] ? __pfx_generic_perform_write+0x10/0x10 [ 1109.084581] ? file_update_time_flags+0x367/0x4f0 [ 1109.084608] shmem_file_write_iter+0x111/0x140 [ 1109.084628] vfs_write+0xbe9/0x1150 [ 1109.084645] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1109.084664] ? __fget_files+0x34/0x3b0 [ 1109.084682] ? __pfx_vfs_write+0x10/0x10 [ 1109.084713] __x64_sys_pwrite64+0x1f1/0x260 [ 1109.084732] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1109.084756] do_syscall_64+0xbf/0x420 [ 1109.084777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1109.084796] RIP: 0033:0x7f32b3526ab7 [ 1109.084809] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1109.084827] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1109.084844] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1109.084855] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1109.084866] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1109.084877] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1109.084887] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1109.084909] [ 1109.120468] FAULT_INJECTION: forcing a failure. [ 1109.120468] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1109.121804] CPU: 1 UID: 0 PID: 9183 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1109.121827] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1109.121837] Call Trace: [ 1109.121844] [ 1109.121851] dump_stack_lvl+0xfa/0x120 [ 1109.121875] should_fail_ex+0x4d7/0x5e0 [ 1109.121909] should_fail_alloc_page+0xe0/0x110 [ 1109.121932] prepare_alloc_pages+0x1eb/0x550 [ 1109.121962] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1109.121994] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1109.122022] ? pte_offset_map_lock+0x190/0x330 [ 1109.122049] ? find_held_lock+0x2b/0x80 [ 1109.122070] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1109.122103] ? lock_is_held_type+0x9e/0x120 [ 1109.122122] ? lock_is_held_type+0x9e/0x120 [ 1109.122137] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1109.122169] ? policy_nodemask+0xeb/0x4e0 [ 1109.122197] alloc_pages_mpol+0xed/0x340 [ 1109.122224] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1109.122248] ? filemap_get_entry+0x1bb/0x3b0 [ 1109.122274] ? __pfx_filemap_get_entry+0x10/0x10 [ 1109.122305] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1109.122336] shmem_alloc_folio+0x11b/0x140 [ 1109.122358] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1109.122391] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1109.122421] ? fault_in_readable+0x12a/0x1d0 [ 1109.122448] shmem_write_begin+0x194/0x3b0 [ 1109.122473] ? __pfx_shmem_write_begin+0x10/0x10 [ 1109.122499] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1109.122533] generic_perform_write+0x391/0x810 [ 1109.122561] ? __pfx_generic_perform_write+0x10/0x10 [ 1109.122586] ? file_update_time_flags+0x367/0x4f0 [ 1109.122614] shmem_file_write_iter+0x111/0x140 [ 1109.122634] vfs_write+0xbe9/0x1150 [ 1109.122651] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1109.122671] ? __fget_files+0x34/0x3b0 [ 1109.122689] ? __pfx_vfs_write+0x10/0x10 [ 1109.122720] __x64_sys_pwrite64+0x1f1/0x260 [ 1109.122739] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1109.122764] do_syscall_64+0xbf/0x420 [ 1109.122786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1109.122804] RIP: 0033:0x7f9f6fba4ab7 [ 1109.122818] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1109.122836] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1109.122853] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1109.122865] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1109.122876] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1109.122887] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1109.122898] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1109.122920] [ 1109.142574] loop4: detected capacity change from 0 to 5 [ 1109.158366] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1109.162985] loop7: detected capacity change from 0 to 176 [ 1109.175214] EXT4-fs (loop7): VFS: Can't find ext4 filesystem 21:31:08 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 59) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:08 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 82) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1109.234831] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1109.237345] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1109.238701] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1109.241863] loop4: detected capacity change from 0 to 5 [ 1109.255279] FAULT_INJECTION: forcing a failure. [ 1109.255279] name failslab, interval 1, probability 0, space 0, times 0 [ 1109.258205] CPU: 0 UID: 0 PID: 9197 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1109.258237] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1109.258251] Call Trace: [ 1109.258260] [ 1109.258269] dump_stack_lvl+0xfa/0x120 [ 1109.258302] should_fail_ex+0x4d7/0x5e0 [ 1109.258346] ? security_inode_alloc+0x3e/0x130 [ 1109.258384] should_failslab+0xc2/0x120 [ 1109.258410] kmem_cache_alloc_noprof+0x80/0x760 [ 1109.258444] ? __pfx_map_id_range_down+0x10/0x10 [ 1109.258486] ? security_inode_alloc+0x3e/0x130 [ 1109.258521] security_inode_alloc+0x3e/0x130 [ 1109.258560] inode_init_always_gfp+0xc9d/0xff0 [ 1109.258591] alloc_inode+0x8d/0x250 [ 1109.258623] new_inode+0x1e/0x160 [ 1109.258657] __ext4_new_inode+0x35d/0x4cd0 [ 1109.258693] ? avc_has_perm_noaudit+0x150/0x3d0 [ 1109.258725] ? __pfx___ext4_new_inode+0x10/0x10 [ 1109.258755] ? __pfx_avc_has_perm+0x10/0x10 [ 1109.258781] ? __pfx___dquot_initialize+0x10/0x10 [ 1109.258830] ext4_mkdir+0x331/0xb30 [ 1109.258874] ? __pfx_ext4_mkdir+0x10/0x10 [ 1109.258906] ? security_inode_permission+0x72/0xe0 [ 1109.258936] vfs_mkdir+0x6d8/0xc00 [ 1109.258974] do_mkdirat+0x11a/0x440 [ 1109.259002] ? __pfx_do_mkdirat+0x10/0x10 [ 1109.259029] ? strncpy_from_user+0x21b/0x2f0 [ 1109.259078] __x64_sys_mkdir+0x65/0x80 [ 1109.259114] do_syscall_64+0xbf/0x420 [ 1109.259154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1109.259187] RIP: 0033:0x7f1fa08c3c27 [ 1109.259213] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1109.259245] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1109.259277] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1109.259299] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1109.259321] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1109.259341] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1109.259362] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1109.259407] [ 1109.273223] FAULT_INJECTION: forcing a failure. [ 1109.273223] name fail_usercopy, interval 1, probability 0, space 0, times 0 21:31:08 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 60) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1109.326583] CPU: 1 UID: 0 PID: 9201 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1109.326610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1109.326619] Call Trace: [ 1109.326625] [ 1109.326631] dump_stack_lvl+0xfa/0x120 [ 1109.326655] should_fail_ex+0x4d7/0x5e0 [ 1109.326681] ? page_copy_sane+0xce/0x2b0 [ 1109.326705] copy_folio_from_iter_atomic+0x383/0x1820 [ 1109.326737] ? fault_in_readable+0x12a/0x1d0 [ 1109.326758] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1109.326783] ? shmem_write_begin+0x1ab/0x3b0 [ 1109.326805] ? __pfx_shmem_write_begin+0x10/0x10 [ 1109.326825] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1109.326854] generic_perform_write+0x1d7/0x810 [ 1109.326877] ? __pfx_generic_perform_write+0x10/0x10 [ 1109.326898] ? file_update_time_flags+0x367/0x4f0 [ 1109.326920] shmem_file_write_iter+0x111/0x140 [ 1109.326937] vfs_write+0xbe9/0x1150 [ 1109.326952] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1109.326968] ? __fget_files+0x34/0x3b0 [ 1109.326987] ? __pfx_vfs_write+0x10/0x10 [ 1109.327015] __x64_sys_pwrite64+0x1f1/0x260 [ 1109.327030] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1109.327057] do_syscall_64+0xbf/0x420 [ 1109.327074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1109.327091] RIP: 0033:0x7f9f6fba4ab7 [ 1109.327104] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1109.327118] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1109.327133] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1109.327143] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1109.327152] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1109.327161] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1109.327169] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1109.327187] [ 1109.368687] loop4: detected capacity change from 0 to 5 [ 1109.380589] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1109.407955] loop6: detected capacity change from 0 to 32640 21:31:09 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x10, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:09 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1fffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:09 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 61) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:09 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x4000, r0, &(0x7f0000000000)="fa", 0x1}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:31:09 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffffff5, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:31:09 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3ffffe00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1109.553935] loop4: detected capacity change from 0 to 5 [ 1109.559396] FAULT_INJECTION: forcing a failure. [ 1109.559396] name failslab, interval 1, probability 0, space 0, times 0 [ 1109.562813] CPU: 1 UID: 0 PID: 9217 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1109.562833] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1109.562841] Call Trace: [ 1109.562846] [ 1109.562851] dump_stack_lvl+0xfa/0x120 [ 1109.562873] should_fail_ex+0x4d7/0x5e0 [ 1109.562898] ? jbd2__journal_start+0x193/0x820 [ 1109.562919] should_failslab+0xc2/0x120 [ 1109.562934] kmem_cache_alloc_noprof+0x80/0x760 [ 1109.562954] ? lock_is_held_type+0x9e/0x120 [ 1109.562969] ? jbd2__journal_start+0x193/0x820 [ 1109.562988] jbd2__journal_start+0x193/0x820 [ 1109.563010] __ext4_journal_start_sb+0x325/0x580 [ 1109.563030] __ext4_new_inode+0x2c81/0x4cd0 [ 1109.563059] ? __pfx___ext4_new_inode+0x10/0x10 [ 1109.563075] ? __pfx_avc_has_perm+0x10/0x10 [ 1109.563091] ? __pfx___dquot_initialize+0x10/0x10 [ 1109.563117] ext4_mkdir+0x331/0xb30 [ 1109.563141] ? __pfx_ext4_mkdir+0x10/0x10 [ 1109.563159] ? security_inode_permission+0x72/0xe0 [ 1109.563176] vfs_mkdir+0x6d8/0xc00 [ 1109.563198] do_mkdirat+0x11a/0x440 [ 1109.563213] ? __pfx_do_mkdirat+0x10/0x10 [ 1109.563227] ? strncpy_from_user+0x21b/0x2f0 [ 1109.563249] __x64_sys_mkdir+0x65/0x80 [ 1109.563263] do_syscall_64+0xbf/0x420 [ 1109.563278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1109.563292] RIP: 0033:0x7f1fa08c3c27 [ 1109.563302] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1109.563316] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1109.563328] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1109.563337] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1109.563344] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1109.563352] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1109.563359] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1109.563376] [ 1109.609035] EXT4-fs error (device sda) in __ext4_new_inode:1086: Out of memory 21:31:09 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 42) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1109.649355] FAULT_INJECTION: forcing a failure. [ 1109.649355] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1109.670293] CPU: 0 UID: 0 PID: 9226 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1109.670327] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1109.670342] Call Trace: [ 1109.670349] [ 1109.670358] dump_stack_lvl+0xfa/0x120 [ 1109.670391] should_fail_ex+0x4d7/0x5e0 [ 1109.670436] should_fail_alloc_page+0xe0/0x110 [ 1109.670465] prepare_alloc_pages+0x1eb/0x550 [ 1109.670491] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1109.670532] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1109.670567] ? pte_offset_map_lock+0x190/0x330 [ 1109.670595] ? find_held_lock+0x2b/0x80 [ 1109.670622] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1109.670663] ? lock_is_held_type+0x9e/0x120 [ 1109.670687] ? lock_is_held_type+0x9e/0x120 [ 1109.670707] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1109.670745] ? policy_nodemask+0xeb/0x4e0 [ 1109.670781] alloc_pages_mpol+0xed/0x340 [ 1109.670815] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1109.670846] ? filemap_get_entry+0x1bb/0x3b0 [ 1109.670879] ? __pfx_filemap_get_entry+0x10/0x10 [ 1109.670917] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1109.670958] shmem_alloc_folio+0x11b/0x140 [ 1109.670986] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1109.671028] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1109.671075] ? fault_in_readable+0x12a/0x1d0 [ 1109.671109] shmem_write_begin+0x194/0x3b0 [ 1109.671142] ? __pfx_shmem_write_begin+0x10/0x10 [ 1109.671175] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1109.671219] generic_perform_write+0x391/0x810 [ 1109.671256] ? __pfx_generic_perform_write+0x10/0x10 [ 1109.671289] ? file_update_time_flags+0x367/0x4f0 [ 1109.671324] shmem_file_write_iter+0x111/0x140 [ 1109.671351] vfs_write+0xbe9/0x1150 [ 1109.671374] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1109.671399] ? __fget_files+0x34/0x3b0 [ 1109.671423] ? __pfx_vfs_write+0x10/0x10 [ 1109.671464] __x64_sys_pwrite64+0x1f1/0x260 [ 1109.671488] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1109.671521] do_syscall_64+0xbf/0x420 [ 1109.671549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1109.671572] RIP: 0033:0x7f32b3526ab7 [ 1109.671592] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1109.671614] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1109.671637] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1109.671652] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1109.671666] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1109.671681] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1109.671694] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1109.671723] 21:31:09 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 62) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1109.721415] loop6: detected capacity change from 0 to 72 [ 1109.723533] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 1109.786186] loop4: detected capacity change from 0 to 5 [ 1109.790712] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:31:09 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 43) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:09 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 63) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:09 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x40000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1109.943629] FAULT_INJECTION: forcing a failure. [ 1109.943629] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1109.954410] loop4: detected capacity change from 0 to 5 [ 1109.958134] CPU: 0 UID: 0 PID: 9236 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1109.958174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1109.958193] Call Trace: [ 1109.958203] [ 1109.958215] dump_stack_lvl+0xfa/0x120 [ 1109.958253] should_fail_ex+0x4d7/0x5e0 [ 1109.958300] ? page_copy_sane+0xce/0x2b0 [ 1109.958343] copy_folio_from_iter_atomic+0x383/0x1820 [ 1109.958399] ? fault_in_readable+0x12a/0x1d0 [ 1109.958439] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1109.958483] ? shmem_write_begin+0x1ab/0x3b0 [ 1109.958521] ? __pfx_shmem_write_begin+0x10/0x10 [ 1109.958559] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1109.958613] generic_perform_write+0x1d7/0x810 [ 1109.958655] ? __pfx_generic_perform_write+0x10/0x10 [ 1109.958694] ? file_update_time_flags+0x367/0x4f0 [ 1109.958737] shmem_file_write_iter+0x111/0x140 [ 1109.958769] vfs_write+0xbe9/0x1150 [ 1109.958799] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1109.958829] ? __fget_files+0x34/0x3b0 [ 1109.958860] ? __pfx_vfs_write+0x10/0x10 [ 1109.958912] __x64_sys_pwrite64+0x1f1/0x260 [ 1109.958944] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1109.958986] do_syscall_64+0xbf/0x420 [ 1109.959014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1109.959044] RIP: 0033:0x7f32b3526ab7 [ 1109.959062] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1109.959083] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1109.959103] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1109.959118] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1109.959131] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1109.959143] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1109.959156] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1109.959182] [ 1109.990893] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1109.991009] loop7: detected capacity change from 0 to 32640 [ 1109.992110] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1109.993782] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1109.994786] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:31:19 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 44) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:19 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 83) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:19 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x2}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:31:19 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x300, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffffffb, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:31:19 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xe0ffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 64) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:19 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf4ffffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1119.579794] FAULT_INJECTION: forcing a failure. [ 1119.579794] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1119.581927] CPU: 0 UID: 0 PID: 9257 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1119.581963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1119.581979] Call Trace: [ 1119.581989] [ 1119.581999] dump_stack_lvl+0xfa/0x120 [ 1119.582044] should_fail_ex+0x4d7/0x5e0 [ 1119.582104] ? page_copy_sane+0xce/0x2b0 [ 1119.582148] copy_folio_from_iter_atomic+0x383/0x1820 [ 1119.582208] ? fault_in_readable+0x12a/0x1d0 [ 1119.582248] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1119.582296] ? shmem_write_begin+0x1ab/0x3b0 [ 1119.582335] ? __pfx_shmem_write_begin+0x10/0x10 [ 1119.582374] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1119.582428] generic_perform_write+0x1d7/0x810 [ 1119.582473] ? __pfx_generic_perform_write+0x10/0x10 [ 1119.582511] ? file_update_time_flags+0x367/0x4f0 [ 1119.582553] shmem_file_write_iter+0x111/0x140 [ 1119.582585] vfs_write+0xbe9/0x1150 [ 1119.582613] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1119.582643] ? __fget_files+0x34/0x3b0 [ 1119.582672] ? __pfx_vfs_write+0x10/0x10 [ 1119.582722] __x64_sys_pwrite64+0x1f1/0x260 [ 1119.582751] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1119.582791] do_syscall_64+0xbf/0x420 [ 1119.582824] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1119.582853] RIP: 0033:0x7f32b3526ab7 [ 1119.582875] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1119.582901] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1119.582928] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1119.582947] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1119.582964] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1119.582981] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1119.582997] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1119.583031] [ 1119.620913] FAULT_INJECTION: forcing a failure. [ 1119.620913] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1119.627439] set_capacity_and_notify: 1 callbacks suppressed [ 1119.627459] loop4: detected capacity change from 0 to 5 [ 1119.631622] CPU: 0 UID: 0 PID: 9261 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1119.631654] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1119.631668] Call Trace: [ 1119.631676] [ 1119.631685] dump_stack_lvl+0xfa/0x120 [ 1119.631713] should_fail_ex+0x4d7/0x5e0 [ 1119.631750] ? page_copy_sane+0xce/0x2b0 [ 1119.631787] copy_folio_from_iter_atomic+0x383/0x1820 [ 1119.631836] ? fault_in_readable+0x12a/0x1d0 [ 1119.631869] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1119.631909] ? shmem_write_begin+0x1ab/0x3b0 [ 1119.631942] ? __pfx_shmem_write_begin+0x10/0x10 [ 1119.631975] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1119.632020] generic_perform_write+0x1d7/0x810 [ 1119.632067] ? __pfx_generic_perform_write+0x10/0x10 [ 1119.632100] ? file_update_time_flags+0x367/0x4f0 [ 1119.632134] shmem_file_write_iter+0x111/0x140 [ 1119.632161] vfs_write+0xbe9/0x1150 [ 1119.632184] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1119.632209] ? __fget_files+0x34/0x3b0 [ 1119.632232] ? __pfx_vfs_write+0x10/0x10 [ 1119.632273] __x64_sys_pwrite64+0x1f1/0x260 [ 1119.632298] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1119.632331] do_syscall_64+0xbf/0x420 [ 1119.632358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1119.632382] RIP: 0033:0x7f9f6fba4ab7 [ 1119.632402] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1119.632425] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1119.632447] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1119.632463] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1119.632477] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1119.632491] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1119.632504] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1119.632533] [ 1119.670235] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:31:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 65) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1119.731082] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1119.731602] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1119.732531] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1119.780721] loop4: detected capacity change from 0 to 5 [ 1119.782580] FAULT_INJECTION: forcing a failure. [ 1119.782580] name failslab, interval 1, probability 0, space 0, times 0 [ 1119.786178] CPU: 0 UID: 0 PID: 9275 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1119.786214] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1119.786229] Call Trace: [ 1119.786238] [ 1119.786248] dump_stack_lvl+0xfa/0x120 [ 1119.786283] should_fail_ex+0x4d7/0x5e0 [ 1119.786325] ? __ioremap_caller.constprop.0+0xa0/0x650 [ 1119.786370] should_failslab+0xc2/0x120 [ 1119.786398] __kmalloc_node_track_caller_noprof+0xd7/0x890 [ 1119.786443] ? lock_acquire+0x15e/0x2d0 [ 1119.786475] ? sidtab_sid2str_get+0x85/0x6f0 [ 1119.786497] ? sidtab_sid2str_get+0x17e/0x6f0 [ 1119.786526] ? kmemdup_noprof+0x2b/0x60 [ 1119.786561] kmemdup_noprof+0x2b/0x60 [ 1119.786596] sidtab_sid2str_get+0x17e/0x6f0 [ 1119.786624] sidtab_entry_to_string+0x33/0x110 [ 1119.786665] security_sid_to_context_core+0x350/0x620 [ 1119.786709] selinux_inode_init_security+0x432/0x650 [ 1119.786754] ? __pfx_selinux_inode_init_security+0x10/0x10 [ 1119.786801] ? security_inode_init_security+0x113/0x370 [ 1119.786844] security_inode_init_security+0x1bc/0x370 [ 1119.786881] ? __pfx_ext4_initxattrs+0x10/0x10 [ 1119.786921] ? __pfx_security_inode_init_security+0x10/0x10 [ 1119.786955] ? _raw_spin_unlock+0x1e/0x40 [ 1119.786991] ? insert_inode_locked+0x3fb/0x890 [ 1119.787029] ? crc32c+0x1ae/0x350 [ 1119.787074] __ext4_new_inode+0x38f7/0x4cd0 [ 1119.787119] ? __pfx___ext4_new_inode+0x10/0x10 [ 1119.787154] ? __pfx___dquot_initialize+0x10/0x10 [ 1119.787206] ext4_mkdir+0x331/0xb30 [ 1119.787253] ? __pfx_ext4_mkdir+0x10/0x10 [ 1119.787288] ? security_inode_permission+0x72/0xe0 [ 1119.787320] vfs_mkdir+0x6d8/0xc00 [ 1119.787362] do_mkdirat+0x11a/0x440 [ 1119.787392] ? __pfx_do_mkdirat+0x10/0x10 [ 1119.787420] ? strncpy_from_user+0x21b/0x2f0 [ 1119.787463] __x64_sys_mkdir+0x65/0x80 [ 1119.787492] do_syscall_64+0xbf/0x420 [ 1119.787522] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1119.787547] RIP: 0033:0x7f1fa08c3c27 [ 1119.787567] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1119.787591] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1119.787615] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1119.787632] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1119.787647] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1119.787663] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1119.787678] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1119.787713] 21:31:19 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x3}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 1119.860596] loop6: detected capacity change from 0 to 32640 21:31:19 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfeff3f, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:31:19 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x810, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1119.939889] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1119.953232] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1119.954675] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1120.132396] loop7: detected capacity change from 0 to 32640 21:31:28 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 66) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:28 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 45) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:28 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf5000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:28 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:28 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x80000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:31:28 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:31:28 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 84) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:28 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x1008, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1128.944132] FAULT_INJECTION: forcing a failure. [ 1128.944132] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1128.945160] CPU: 1 UID: 0 PID: 9303 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1128.945178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1128.945187] Call Trace: [ 1128.945192] [ 1128.945197] dump_stack_lvl+0xfa/0x120 [ 1128.945218] should_fail_ex+0x4d7/0x5e0 [ 1128.945245] should_fail_alloc_page+0xe0/0x110 [ 1128.945263] prepare_alloc_pages+0x1eb/0x550 [ 1128.945279] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1128.945303] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1128.945324] ? pte_offset_map_lock+0x190/0x330 [ 1128.945340] ? find_held_lock+0x2b/0x80 [ 1128.945356] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1128.945380] ? lock_is_held_type+0x9e/0x120 [ 1128.945394] ? lock_is_held_type+0x9e/0x120 [ 1128.945405] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1128.945428] ? policy_nodemask+0xeb/0x4e0 [ 1128.945449] alloc_pages_mpol+0xed/0x340 [ 1128.945469] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1128.945487] ? filemap_get_entry+0x1bb/0x3b0 [ 1128.945507] ? __pfx_filemap_get_entry+0x10/0x10 [ 1128.945529] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1128.945552] shmem_alloc_folio+0x11b/0x140 [ 1128.945569] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1128.945593] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1128.945616] ? fault_in_readable+0x12a/0x1d0 [ 1128.945636] shmem_write_begin+0x194/0x3b0 [ 1128.945655] ? __pfx_shmem_write_begin+0x10/0x10 [ 1128.945674] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1128.945700] generic_perform_write+0x391/0x810 [ 1128.945721] ? __pfx_generic_perform_write+0x10/0x10 [ 1128.945740] ? file_update_time_flags+0x367/0x4f0 [ 1128.945761] shmem_file_write_iter+0x111/0x140 [ 1128.945777] vfs_write+0xbe9/0x1150 [ 1128.945790] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1128.945805] ? __fget_files+0x34/0x3b0 [ 1128.945819] ? __pfx_vfs_write+0x10/0x10 [ 1128.945843] __x64_sys_pwrite64+0x1f1/0x260 [ 1128.945857] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1128.945876] do_syscall_64+0xbf/0x420 [ 1128.945892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1128.945906] RIP: 0033:0x7f9f6fba4ab7 [ 1128.945916] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1128.945929] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1128.945942] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1128.945951] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1128.945959] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1128.945967] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1128.945976] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1128.945992] [ 1128.977754] loop4: detected capacity change from 0 to 5 [ 1128.985539] loop7: detected capacity change from 0 to 184 [ 1128.992510] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 1129.001535] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.001984] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1129.002709] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1129.003834] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1129.013546] FAULT_INJECTION: forcing a failure. [ 1129.013546] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1129.016639] CPU: 0 UID: 0 PID: 9314 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1129.016674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1129.016689] Call Trace: [ 1129.016698] [ 1129.016707] dump_stack_lvl+0xfa/0x120 [ 1129.016741] should_fail_ex+0x4d7/0x5e0 [ 1129.016788] should_fail_alloc_page+0xe0/0x110 [ 1129.016819] prepare_alloc_pages+0x1eb/0x550 [ 1129.016846] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1129.016890] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1129.016929] ? pte_offset_map_lock+0x190/0x330 [ 1129.016958] ? find_held_lock+0x2b/0x80 [ 1129.016986] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1129.017030] ? lock_is_held_type+0x9e/0x120 [ 1129.017064] ? lock_is_held_type+0x9e/0x120 [ 1129.017085] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1129.017131] ? policy_nodemask+0xeb/0x4e0 [ 1129.017171] alloc_pages_mpol+0xed/0x340 [ 1129.017207] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1129.017241] ? filemap_get_entry+0x1bb/0x3b0 [ 1129.017277] ? __pfx_filemap_get_entry+0x10/0x10 [ 1129.017318] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1129.017361] shmem_alloc_folio+0x11b/0x140 [ 1129.017390] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1129.017435] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1129.017476] ? fault_in_readable+0x12a/0x1d0 [ 1129.017512] shmem_write_begin+0x194/0x3b0 [ 1129.017547] ? __pfx_shmem_write_begin+0x10/0x10 [ 1129.017582] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1129.017631] generic_perform_write+0x391/0x810 [ 1129.017669] ? __pfx_generic_perform_write+0x10/0x10 [ 1129.017704] ? file_update_time_flags+0x367/0x4f0 [ 1129.017741] shmem_file_write_iter+0x111/0x140 [ 1129.017770] vfs_write+0xbe9/0x1150 [ 1129.017794] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1129.017821] ? __fget_files+0x34/0x3b0 [ 1129.017847] ? __pfx_vfs_write+0x10/0x10 [ 1129.017889] __x64_sys_pwrite64+0x1f1/0x260 [ 1129.017915] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1129.017950] do_syscall_64+0xbf/0x420 [ 1129.017980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1129.018005] RIP: 0033:0x7f32b3526ab7 [ 1129.018024] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1129.018048] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1129.018071] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1129.018088] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1129.018104] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1129.018119] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1129.018134] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1129.018176] 21:31:28 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 85) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1129.075655] FAULT_INJECTION: forcing a failure. [ 1129.075655] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1129.077103] CPU: 1 UID: 0 PID: 9320 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1129.077121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1129.077129] Call Trace: [ 1129.077134] [ 1129.077139] dump_stack_lvl+0xfa/0x120 [ 1129.077159] should_fail_ex+0x4d7/0x5e0 [ 1129.077182] ? page_copy_sane+0xce/0x2b0 [ 1129.077204] copy_folio_from_iter_atomic+0x383/0x1820 [ 1129.077231] ? fault_in_readable+0x12a/0x1d0 [ 1129.077250] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1129.077272] ? shmem_write_begin+0x1ab/0x3b0 [ 1129.077291] ? __pfx_shmem_write_begin+0x10/0x10 [ 1129.077308] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1129.077334] generic_perform_write+0x1d7/0x810 [ 1129.077355] ? __pfx_generic_perform_write+0x10/0x10 [ 1129.077369] ? __mark_inode_dirty+0x820/0x1460 [ 1129.077388] ? mnt_put_write_access_file+0xb7/0xe0 [ 1129.077402] ? file_update_time_flags+0x367/0x4f0 [ 1129.077422] shmem_file_write_iter+0x111/0x140 [ 1129.077437] vfs_write+0xbe9/0x1150 [ 1129.077450] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1129.077464] ? __fget_files+0x34/0x3b0 [ 1129.077477] ? __pfx_vfs_write+0x10/0x10 [ 1129.077500] __x64_sys_pwrite64+0x1f1/0x260 [ 1129.077513] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1129.077531] do_syscall_64+0xbf/0x420 [ 1129.077546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1129.077561] RIP: 0033:0x7f9f6fba4ab7 [ 1129.077571] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1129.077584] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1129.077596] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1129.077605] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1129.077612] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1129.077620] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1129.077627] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1129.077643] [ 1129.098489] loop6: detected capacity change from 0 to 80 [ 1129.100730] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:31:28 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 67) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1129.122782] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.123865] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1129.125335] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:31:28 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 46) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1129.141915] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.143183] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x804800 phys_seg 127 prio class 2 [ 1129.145536] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1129.148527] loop4: detected capacity change from 0 to 5 [ 1129.150019] FAULT_INJECTION: forcing a failure. [ 1129.150019] name failslab, interval 1, probability 0, space 0, times 0 [ 1129.152065] CPU: 0 UID: 0 PID: 9324 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1129.152096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1129.152110] Call Trace: [ 1129.152119] [ 1129.152128] dump_stack_lvl+0xfa/0x120 [ 1129.152161] should_fail_ex+0x4d7/0x5e0 [ 1129.152205] ? __es_insert_extent+0xed2/0x1370 [ 1129.152243] should_failslab+0xc2/0x120 [ 1129.152270] kmem_cache_alloc_noprof+0x80/0x760 [ 1129.152314] ? __es_insert_extent+0xed2/0x1370 [ 1129.152349] __es_insert_extent+0xed2/0x1370 [ 1129.152388] ? __pfx_do_raw_write_lock+0x10/0x10 [ 1129.152430] ? __es_tree_search.isra.0+0x1af/0x220 [ 1129.152471] ext4_es_cache_extent+0x387/0x6f0 [ 1129.152493] ? kasan_save_track+0x14/0x30 [ 1129.152522] ? __pfx_ext4_es_cache_extent+0x10/0x10 [ 1129.152545] ? lock_acquire+0x15e/0x2d0 [ 1129.152574] ? ext4_es_find_extent_range+0x1b3/0x4b0 [ 1129.152613] ? find_held_lock+0x2b/0x80 [ 1129.152633] ? ext4_es_find_extent_range+0x1cf/0x4b0 [ 1129.152672] ? lock_release+0xc8/0x270 [ 1129.152703] ? do_raw_read_unlock+0x44/0xe0 [ 1129.152745] ext4_ext_map_blocks+0x1714/0x6050 [ 1129.152796] ? bdev_getblk+0xd6/0x660 [ 1129.152830] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 1129.152867] ? crc32c+0x1ae/0x350 [ 1129.152902] ? look_up_lock_class+0x56/0x130 [ 1129.152926] ? register_lock_class+0x3f/0x790 [ 1129.152974] ? lock_acquire+0x15e/0x2d0 [ 1129.153002] ? ext4_map_blocks+0x4a8/0x1470 [ 1129.153030] ext4_map_query_blocks+0x110/0x900 [ 1129.153076] ? __pfx_ext4_map_query_blocks+0x10/0x10 [ 1129.153111] ? do_raw_read_unlock+0x44/0xe0 [ 1129.153146] ? __pfx_down_read+0x10/0x10 [ 1129.153171] ? ext4_es_lookup_extent+0xcd/0xb50 [ 1129.153202] ext4_map_blocks+0x4bc/0x1470 [ 1129.153232] ? __pfx_ext4_map_blocks+0x10/0x10 [ 1129.153255] ? __pfx_ext4_initxattrs+0x10/0x10 [ 1129.153291] ? __pfx_security_inode_init_security+0x10/0x10 [ 1129.153325] ? _raw_spin_unlock+0x1e/0x40 [ 1129.153357] ? insert_inode_locked+0x3fb/0x890 [ 1129.153393] ? crc32c+0x1ae/0x350 [ 1129.153423] ? __brelse+0x86/0xa0 [ 1129.153445] ? __ext4_new_inode+0x116/0x4cd0 [ 1129.153477] ext4_append+0x1af/0x530 [ 1129.153508] ? __pfx_ext4_append+0x10/0x10 [ 1129.153538] ? __pfx___ext4_new_inode+0x10/0x10 [ 1129.153574] ext4_init_new_dir+0x13c/0x240 [ 1129.153608] ? __pfx_ext4_init_new_dir+0x10/0x10 [ 1129.153652] ext4_mkdir+0x3c5/0xb30 [ 1129.153691] ? __pfx_ext4_mkdir+0x10/0x10 [ 1129.153724] ? security_inode_permission+0x72/0xe0 [ 1129.153754] vfs_mkdir+0x6d8/0xc00 [ 1129.153795] do_mkdirat+0x11a/0x440 [ 1129.153824] ? __pfx_do_mkdirat+0x10/0x10 [ 1129.153851] ? strncpy_from_user+0x21b/0x2f0 [ 1129.153892] __x64_sys_mkdir+0x65/0x80 [ 1129.153918] do_syscall_64+0xbf/0x420 [ 1129.153946] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1129.153970] RIP: 0033:0x7f1fa08c3c27 [ 1129.153989] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1129.154011] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1129.154034] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1129.154049] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1129.154063] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1129.154078] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1129.154092] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1129.154122] [ 1129.212263] FAULT_INJECTION: forcing a failure. [ 1129.212263] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1129.213907] CPU: 0 UID: 0 PID: 9327 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1129.213938] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1129.213951] Call Trace: [ 1129.213960] [ 1129.213969] dump_stack_lvl+0xfa/0x120 [ 1129.213997] should_fail_ex+0x4d7/0x5e0 [ 1129.214034] ? page_copy_sane+0xce/0x2b0 [ 1129.214079] copy_folio_from_iter_atomic+0x383/0x1820 [ 1129.214129] ? fault_in_readable+0x12a/0x1d0 [ 1129.214159] Buffer I/O error on dev sr0, logical block 1, lost async page write [ 1129.214163] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1129.214214] ? shmem_write_begin+0x1ab/0x3b0 [ 1129.214247] ? __pfx_shmem_write_begin+0x10/0x10 [ 1129.214280] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1129.214328] generic_perform_write+0x1d7/0x810 [ 1129.214366] ? __pfx_generic_perform_write+0x10/0x10 [ 1129.214399] ? file_update_time_flags+0x367/0x4f0 [ 1129.214435] shmem_file_write_iter+0x111/0x140 [ 1129.214462] vfs_write+0xbe9/0x1150 [ 1129.214485] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1129.214511] ? __fget_files+0x34/0x3b0 [ 1129.214535] ? __pfx_vfs_write+0x10/0x10 [ 1129.214576] __x64_sys_pwrite64+0x1f1/0x260 [ 1129.214601] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1129.214635] do_syscall_64+0xbf/0x420 [ 1129.214663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1129.214686] RIP: 0033:0x7f32b3526ab7 [ 1129.214704] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1129.214726] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1129.214748] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1129.214763] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1129.214778] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1129.214793] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1129.214806] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1129.214836] [ 1129.219100] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1129.221096] Buffer I/O error on dev sr0, logical block 2, lost async page write [ 1129.235132] Buffer I/O error on dev sr0, logical block 3, lost async page write [ 1129.236230] Buffer I/O error on dev sr0, logical block 4, lost async page write [ 1129.237312] Buffer I/O error on dev sr0, logical block 5, lost async page write [ 1129.238424] Buffer I/O error on dev sr0, logical block 6, lost async page write [ 1129.243110] Buffer I/O error on dev sr0, logical block 7, lost async page write [ 1129.306384] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.306881] I/O error, dev sr0, sector 127 op 0x1:(WRITE) flags 0x804800 phys_seg 127 prio class 2 21:31:28 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 68) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1129.321377] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.322379] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 21:31:28 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x6000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1129.376767] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.377982] I/O error, dev sr0, sector 254 op 0x1:(WRITE) flags 0x804800 phys_seg 127 prio class 2 [ 1129.401185] loop7: detected capacity change from 0 to 32640 [ 1129.411445] loop4: detected capacity change from 0 to 5 [ 1129.414784] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:31:28 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1129.447318] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.458432] I/O error, dev sr0, sector 381 op 0x1:(WRITE) flags 0x804800 phys_seg 127 prio class 2 [ 1129.529996] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.530576] I/O error, dev sr0, sector 508 op 0x1:(WRITE) flags 0x804800 phys_seg 127 prio class 2 [ 1129.533570] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.534020] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1129.548400] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.548899] I/O error, dev sr0, sector 635 op 0x1:(WRITE) flags 0x804800 phys_seg 127 prio class 2 [ 1129.565342] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.586714] loop6: detected capacity change from 0 to 32640 [ 1129.625080] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.626424] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.661518] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1129.663311] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1129.663923] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1129.665675] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 00 fe 00 00 02 00 [ 1129.696025] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.697768] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.723473] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.724764] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.730351] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.731599] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.737340] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.738600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1129.749214] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 1129.750012] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1129.751719] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1129.752348] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 00 fe 00 00 02 00 21:31:38 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 69) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:38 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 47) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:38 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x2}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:31:38 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 86) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:38 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x4000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:38 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf5ffffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:38 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:31:38 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1138.710262] FAULT_INJECTION: forcing a failure. [ 1138.710262] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1138.713979] CPU: 1 UID: 0 PID: 9356 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1138.713998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1138.714006] Call Trace: [ 1138.714011] [ 1138.714016] dump_stack_lvl+0xfa/0x120 [ 1138.714043] should_fail_ex+0x4d7/0x5e0 [ 1138.714068] ? page_copy_sane+0xce/0x2b0 [ 1138.714091] copy_folio_from_iter_atomic+0x383/0x1820 [ 1138.714119] ? fault_in_readable+0x12a/0x1d0 [ 1138.714139] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1138.714162] ? shmem_write_begin+0x1ab/0x3b0 [ 1138.714181] ? __pfx_shmem_write_begin+0x10/0x10 [ 1138.714200] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1138.714227] generic_perform_write+0x1d7/0x810 [ 1138.714248] ? __pfx_generic_perform_write+0x10/0x10 [ 1138.714276] ? file_update_time_flags+0x367/0x4f0 [ 1138.714296] shmem_file_write_iter+0x111/0x140 [ 1138.714312] vfs_write+0xbe9/0x1150 [ 1138.714325] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1138.714340] ? __fget_files+0x34/0x3b0 [ 1138.714355] ? __pfx_vfs_write+0x10/0x10 [ 1138.714377] __x64_sys_pwrite64+0x1f1/0x260 [ 1138.714392] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1138.714410] do_syscall_64+0xbf/0x420 [ 1138.714427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1138.714441] RIP: 0033:0x7f9f6fba4ab7 [ 1138.714452] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1138.714466] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1138.714479] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1138.714488] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1138.714496] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1138.714504] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1138.714512] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1138.714528] [ 1138.718881] loop4: detected capacity change from 0 to 5 [ 1138.719757] FAULT_INJECTION: forcing a failure. [ 1138.719757] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1138.735653] FAULT_INJECTION: forcing a failure. [ 1138.735653] name failslab, interval 1, probability 0, space 0, times 0 [ 1138.737699] CPU: 0 UID: 0 PID: 9358 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1138.737735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1138.737751] Call Trace: [ 1138.737761] [ 1138.737772] dump_stack_lvl+0xfa/0x120 [ 1138.737810] should_fail_ex+0x4d7/0x5e0 [ 1138.737864] ? __es_insert_extent+0xed2/0x1370 [ 1138.737909] should_failslab+0xc2/0x120 [ 1138.737941] kmem_cache_alloc_noprof+0x80/0x760 [ 1138.737993] ? __es_insert_extent+0xed2/0x1370 [ 1138.738044] __es_insert_extent+0xed2/0x1370 [ 1138.738092] ? __pfx_do_raw_write_lock+0x10/0x10 [ 1138.738141] ? __es_tree_search.isra.0+0x1af/0x220 [ 1138.738191] ext4_es_cache_extent+0x387/0x6f0 [ 1138.738218] ? kasan_save_track+0x14/0x30 [ 1138.738252] ? __pfx_ext4_es_cache_extent+0x10/0x10 [ 1138.738294] ? lock_acquire+0x15e/0x2d0 [ 1138.738327] ? ext4_es_find_extent_range+0x1b3/0x4b0 [ 1138.738371] ? find_held_lock+0x2b/0x80 [ 1138.738395] ? ext4_es_find_extent_range+0x1cf/0x4b0 [ 1138.738440] ? lock_release+0xc8/0x270 [ 1138.738475] ? do_raw_read_unlock+0x44/0xe0 [ 1138.738524] ext4_ext_map_blocks+0x1714/0x6050 [ 1138.738584] ? bdev_getblk+0xd6/0x660 [ 1138.738624] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 1138.738667] ? crc32c+0x1ae/0x350 [ 1138.738706] ? look_up_lock_class+0x56/0x130 [ 1138.738735] ? register_lock_class+0x3f/0x790 [ 1138.738791] ? lock_acquire+0x15e/0x2d0 [ 1138.738824] ? ext4_map_blocks+0x4a8/0x1470 [ 1138.738858] ext4_map_query_blocks+0x110/0x900 [ 1138.738904] ? __pfx_ext4_map_query_blocks+0x10/0x10 [ 1138.738943] ? do_raw_read_unlock+0x44/0xe0 [ 1138.738983] ? __pfx_down_read+0x10/0x10 [ 1138.739012] ? ext4_es_lookup_extent+0xcd/0xb50 [ 1138.739049] ext4_map_blocks+0x4bc/0x1470 [ 1138.739086] ? __pfx_ext4_map_blocks+0x10/0x10 [ 1138.739114] ? __pfx_ext4_initxattrs+0x10/0x10 [ 1138.739155] ? __pfx_security_inode_init_security+0x10/0x10 [ 1138.739193] ? _raw_spin_unlock+0x1e/0x40 [ 1138.739229] ? insert_inode_locked+0x3fb/0x890 [ 1138.739270] ? crc32c+0x1ae/0x350 [ 1138.739305] ? __brelse+0x86/0xa0 [ 1138.739331] ? __ext4_new_inode+0x116/0x4cd0 [ 1138.739368] ext4_append+0x1af/0x530 [ 1138.739404] ? __pfx_ext4_append+0x10/0x10 [ 1138.739439] ? __pfx___ext4_new_inode+0x10/0x10 [ 1138.739481] ext4_init_new_dir+0x13c/0x240 [ 1138.739520] ? __pfx_ext4_init_new_dir+0x10/0x10 [ 1138.739570] ext4_mkdir+0x3c5/0xb30 [ 1138.739615] ? __pfx_ext4_mkdir+0x10/0x10 [ 1138.739652] ? security_inode_permission+0x72/0xe0 [ 1138.739689] vfs_mkdir+0x6d8/0xc00 [ 1138.739734] do_mkdirat+0x11a/0x440 [ 1138.739768] ? __pfx_do_mkdirat+0x10/0x10 [ 1138.739799] ? strncpy_from_user+0x21b/0x2f0 [ 1138.739847] __x64_sys_mkdir+0x65/0x80 [ 1138.739877] do_syscall_64+0xbf/0x420 [ 1138.739910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1138.739939] RIP: 0033:0x7f1fa08c3c27 [ 1138.739961] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1138.739988] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1138.740014] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1138.740033] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1138.740049] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1138.740067] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1138.740084] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1138.740121] [ 1138.747081] CPU: 1 UID: 0 PID: 9359 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1138.747103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1138.747112] Call Trace: [ 1138.747121] [ 1138.747127] dump_stack_lvl+0xfa/0x120 [ 1138.747149] should_fail_ex+0x4d7/0x5e0 [ 1138.747173] ? page_copy_sane+0xce/0x2b0 [ 1138.747196] copy_folio_from_iter_atomic+0x383/0x1820 [ 1138.747225] ? fault_in_readable+0x12a/0x1d0 [ 1138.747245] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1138.747269] ? shmem_write_begin+0x1ab/0x3b0 [ 1138.747289] ? __pfx_shmem_write_begin+0x10/0x10 [ 1138.747308] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1138.747335] generic_perform_write+0x1d7/0x810 [ 1138.747356] ? __pfx_generic_perform_write+0x10/0x10 [ 1138.747374] ? file_update_time_flags+0x367/0x4f0 [ 1138.747396] shmem_file_write_iter+0x111/0x140 [ 1138.747411] vfs_write+0xbe9/0x1150 [ 1138.747425] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1138.747439] ? __fget_files+0x34/0x3b0 [ 1138.747454] ? __pfx_vfs_write+0x10/0x10 [ 1138.747477] __x64_sys_pwrite64+0x1f1/0x260 [ 1138.747491] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1138.747510] do_syscall_64+0xbf/0x420 [ 1138.747526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1138.747541] RIP: 0033:0x7f32b3526ab7 [ 1138.747552] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1138.747565] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1138.747578] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1138.747587] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1138.747596] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1138.747604] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1138.747612] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1138.747628] [ 1138.862324] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1138.862836] blk_print_req_error: 13 callbacks suppressed [ 1138.862846] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1138.864122] buffer_io_error: 2043 callbacks suppressed [ 1138.864132] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1138.917475] loop7: detected capacity change from 0 to 32640 [ 1138.928582] loop6: detected capacity change from 0 to 32640 21:31:38 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 48) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:38 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x3}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:31:38 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 70) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1139.020600] loop4: detected capacity change from 0 to 5 [ 1139.023332] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:31:38 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 87) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1139.061155] FAULT_INJECTION: forcing a failure. [ 1139.061155] name fail_page_alloc, interval 1, probability 0, space 0, times 0 21:31:38 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 71) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1139.077780] CPU: 0 UID: 0 PID: 9384 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1139.077816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1139.077832] Call Trace: [ 1139.077840] [ 1139.077850] dump_stack_lvl+0xfa/0x120 [ 1139.077886] should_fail_ex+0x4d7/0x5e0 [ 1139.077934] should_fail_alloc_page+0xe0/0x110 [ 1139.077965] prepare_alloc_pages+0x1eb/0x550 [ 1139.077992] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1139.078045] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1139.078084] ? pte_offset_map_lock+0x190/0x330 [ 1139.078113] ? find_held_lock+0x2b/0x80 [ 1139.078142] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1139.078187] ? lock_is_held_type+0x9e/0x120 [ 1139.078213] ? lock_is_held_type+0x9e/0x120 [ 1139.078234] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1139.078287] ? policy_nodemask+0xeb/0x4e0 [ 1139.078326] alloc_pages_mpol+0xed/0x340 [ 1139.078361] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1139.078395] ? filemap_get_entry+0x1bb/0x3b0 [ 1139.078430] ? __pfx_filemap_get_entry+0x10/0x10 [ 1139.078472] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1139.078515] shmem_alloc_folio+0x11b/0x140 [ 1139.078545] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1139.078591] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1139.078632] ? fault_in_readable+0x12a/0x1d0 [ 1139.078669] shmem_write_begin+0x194/0x3b0 [ 1139.078704] ? __pfx_shmem_write_begin+0x10/0x10 [ 1139.078739] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1139.078787] generic_perform_write+0x391/0x810 [ 1139.078827] ? __pfx_generic_perform_write+0x10/0x10 [ 1139.078862] ? file_update_time_flags+0x367/0x4f0 [ 1139.078900] shmem_file_write_iter+0x111/0x140 [ 1139.078929] vfs_write+0xbe9/0x1150 [ 1139.078953] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1139.078980] ? __fget_files+0x34/0x3b0 [ 1139.079006] ? __pfx_vfs_write+0x10/0x10 [ 1139.079051] __x64_sys_pwrite64+0x1f1/0x260 [ 1139.079077] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1139.079113] do_syscall_64+0xbf/0x420 [ 1139.079143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1139.079168] RIP: 0033:0x7f32b3526ab7 [ 1139.079188] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1139.079211] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1139.079236] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1139.079252] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1139.079268] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1139.079283] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1139.079298] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1139.079329] [ 1139.102119] FAULT_INJECTION: forcing a failure. [ 1139.102119] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1139.110913] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1139.113573] loop4: detected capacity change from 0 to 5 [ 1139.114088] FAULT_INJECTION: forcing a failure. [ 1139.114088] name failslab, interval 1, probability 0, space 0, times 0 21:31:38 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1139.115908] CPU: 1 UID: 0 PID: 9387 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1139.115925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1139.115933] Call Trace: [ 1139.115938] [ 1139.115943] dump_stack_lvl+0xfa/0x120 [ 1139.115963] should_fail_ex+0x4d7/0x5e0 [ 1139.115988] ? ext4_mb_new_blocks+0x23a0/0x44b0 [ 1139.116003] should_failslab+0xc2/0x120 [ 1139.116018] kmem_cache_alloc_noprof+0x80/0x760 [ 1139.116047] ? ext4_mb_new_blocks+0x23a0/0x44b0 [ 1139.116060] ext4_mb_new_blocks+0x23a0/0x44b0 [ 1139.116078] ? __kasan_kmalloc+0x7f/0x90 [ 1139.116094] ? __kmalloc_noprof+0x4b0/0x880 [ 1139.116110] ? mark_held_locks+0x49/0x80 [ 1139.116128] ? ext4_find_extent+0x7f5/0xa00 [ 1139.116147] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 1139.116161] ? ext4_ext_search_right+0x2e8/0xbd0 [ 1139.116177] ? ext4_inode_to_goal_block+0x323/0x430 [ 1139.116195] ext4_ext_map_blocks+0x1bd2/0x6050 [ 1139.116224] ? bdev_getblk+0xd6/0x660 [ 1139.116242] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 1139.116260] ? __lock_acquire+0x451/0x2250 [ 1139.116278] ? crc32c+0x1ae/0x350 [ 1139.116298] ? lock_acquire+0x15e/0x2d0 [ 1139.116313] ? ext4_map_blocks+0x564/0x1470 [ 1139.116332] ? __pfx_down_write+0x10/0x10 [ 1139.116351] ext4_map_blocks+0x62d/0x1470 [ 1139.116366] ? __up_read+0x26f/0x710 [ 1139.116385] ? __pfx_ext4_map_blocks+0x10/0x10 [ 1139.116396] ? __pfx___up_read+0x10/0x10 [ 1139.116415] ? lock_release+0xc8/0x270 [ 1139.116433] ? ext4_map_blocks+0x1e9/0x1470 [ 1139.116450] ext4_getblk+0x67d/0x8e0 [ 1139.116463] ? __pfx_ext4_getblk+0x10/0x10 [ 1139.116474] ? __pfx_security_inode_init_security+0x10/0x10 [ 1139.116496] ? crc32c+0x1ae/0x350 [ 1139.116519] ext4_bread+0x2e/0x1a0 [ 1139.116532] ext4_append+0x21d/0x530 [ 1139.116548] ? __pfx_ext4_append+0x10/0x10 [ 1139.116564] ? __pfx___ext4_new_inode+0x10/0x10 [ 1139.116583] ext4_init_new_dir+0x13c/0x240 [ 1139.116601] ? __pfx_ext4_init_new_dir+0x10/0x10 [ 1139.116625] ext4_mkdir+0x3c5/0xb30 [ 1139.116646] ? __pfx_ext4_mkdir+0x10/0x10 [ 1139.116663] ? security_inode_permission+0x72/0xe0 [ 1139.116680] vfs_mkdir+0x6d8/0xc00 [ 1139.116702] do_mkdirat+0x11a/0x440 [ 1139.116717] ? __pfx_do_mkdirat+0x10/0x10 [ 1139.116731] ? strncpy_from_user+0x21b/0x2f0 [ 1139.116753] __x64_sys_mkdir+0x65/0x80 [ 1139.116767] do_syscall_64+0xbf/0x420 [ 1139.116782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1139.116796] RIP: 0033:0x7f1fa08c3c27 [ 1139.116806] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1139.116819] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1139.116832] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1139.116840] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1139.116848] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1139.116856] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1139.116863] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1139.116880] [ 1139.139311] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1139.144379] loop6: detected capacity change from 0 to 88 [ 1139.145353] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1139.146337] CPU: 1 UID: 0 PID: 9388 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1139.146355] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1139.146362] Call Trace: [ 1139.146367] [ 1139.146372] dump_stack_lvl+0xfa/0x120 [ 1139.146390] should_fail_ex+0x4d7/0x5e0 [ 1139.146414] should_fail_alloc_page+0xe0/0x110 [ 1139.146430] prepare_alloc_pages+0x1eb/0x550 [ 1139.146445] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1139.146467] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1139.146486] ? pte_offset_map_lock+0x190/0x330 [ 1139.146501] ? find_held_lock+0x2b/0x80 [ 1139.146516] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1139.146538] ? lock_is_held_type+0x9e/0x120 [ 1139.146552] ? lock_is_held_type+0x9e/0x120 [ 1139.146567] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1139.146588] ? policy_nodemask+0xeb/0x4e0 [ 1139.146608] alloc_pages_mpol+0xed/0x340 [ 1139.146626] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1139.146643] ? filemap_get_entry+0x1bb/0x3b0 [ 1139.146661] ? __pfx_filemap_get_entry+0x10/0x10 [ 1139.146682] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1139.146704] shmem_alloc_folio+0x11b/0x140 [ 1139.146719] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1139.146743] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1139.146763] ? fault_in_readable+0x12a/0x1d0 [ 1139.146782] shmem_write_begin+0x194/0x3b0 [ 1139.146800] ? __pfx_shmem_write_begin+0x10/0x10 [ 1139.146817] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1139.146841] generic_perform_write+0x391/0x810 [ 1139.146861] ? __pfx_generic_perform_write+0x10/0x10 [ 1139.146879] ? file_update_time_flags+0x367/0x4f0 [ 1139.146899] shmem_file_write_iter+0x111/0x140 [ 1139.146913] vfs_write+0xbe9/0x1150 [ 1139.146926] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1139.146940] ? __fget_files+0x34/0x3b0 [ 1139.146953] ? __pfx_vfs_write+0x10/0x10 [ 1139.146976] __x64_sys_pwrite64+0x1f1/0x260 [ 1139.146989] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1139.147007] do_syscall_64+0xbf/0x420 [ 1139.147022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1139.147039] RIP: 0033:0x7f9f6fba4ab7 [ 1139.147050] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1139.147062] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1139.147074] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1139.147083] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1139.147091] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1139.147098] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1139.147106] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1139.147121] 21:31:38 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 88) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1139.222899] FAULT_INJECTION: forcing a failure. [ 1139.222899] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1139.226952] loop4: detected capacity change from 0 to 5 [ 1139.228395] FAULT_INJECTION: forcing a failure. [ 1139.228395] name failslab, interval 1, probability 0, space 0, times 0 21:31:38 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 72) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1139.233126] CPU: 0 UID: 0 PID: 9396 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1139.233164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1139.233179] Call Trace: [ 1139.233187] [ 1139.233197] dump_stack_lvl+0xfa/0x120 [ 1139.233232] should_fail_ex+0x4d7/0x5e0 [ 1139.233274] ? page_copy_sane+0xce/0x2b0 [ 1139.233315] copy_folio_from_iter_atomic+0x383/0x1820 [ 1139.233369] ? fault_in_readable+0x12a/0x1d0 [ 1139.233406] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1139.233449] ? shmem_write_begin+0x1ab/0x3b0 [ 1139.233485] ? __pfx_shmem_write_begin+0x10/0x10 [ 1139.233520] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1139.233570] generic_perform_write+0x1d7/0x810 [ 1139.233611] ? __pfx_generic_perform_write+0x10/0x10 [ 1139.233638] ? __mark_inode_dirty+0x820/0x1460 [ 1139.233676] ? mnt_put_write_access_file+0xb7/0xe0 [ 1139.233702] ? file_update_time_flags+0x367/0x4f0 [ 1139.233739] shmem_file_write_iter+0x111/0x140 [ 1139.233768] vfs_write+0xbe9/0x1150 [ 1139.233793] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1139.233820] ? __fget_files+0x34/0x3b0 [ 1139.233845] ? __pfx_vfs_write+0x10/0x10 [ 1139.233889] __x64_sys_pwrite64+0x1f1/0x260 [ 1139.233916] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1139.233952] do_syscall_64+0xbf/0x420 [ 1139.233982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1139.234008] RIP: 0033:0x7f9f6fba4ab7 [ 1139.234028] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1139.234060] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1139.234084] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1139.234101] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1139.234116] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1139.234132] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1139.234147] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1139.234178] [ 1139.237153] CPU: 1 UID: 0 PID: 9398 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1139.237172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1139.237180] Call Trace: [ 1139.237185] [ 1139.237190] dump_stack_lvl+0xfa/0x120 [ 1139.237211] should_fail_ex+0x4d7/0x5e0 [ 1139.237236] ? ext4_mb_new_blocks+0x23a0/0x44b0 [ 1139.237251] should_failslab+0xc2/0x120 [ 1139.237267] kmem_cache_alloc_noprof+0x80/0x760 [ 1139.237291] ? ext4_mb_new_blocks+0x23a0/0x44b0 [ 1139.237304] ext4_mb_new_blocks+0x23a0/0x44b0 [ 1139.237324] ? __kasan_kmalloc+0x7f/0x90 [ 1139.237341] ? __kmalloc_noprof+0x4b0/0x880 [ 1139.237360] ? mark_held_locks+0x49/0x80 [ 1139.237378] ? ext4_find_extent+0x7f5/0xa00 [ 1139.237397] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 1139.237411] ? ext4_ext_search_right+0x2e8/0xbd0 [ 1139.237429] ? ext4_inode_to_goal_block+0x323/0x430 [ 1139.237446] ext4_ext_map_blocks+0x1bd2/0x6050 [ 1139.237475] ? bdev_getblk+0xd6/0x660 [ 1139.237493] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 1139.237511] ? __lock_acquire+0x451/0x2250 [ 1139.237529] ? crc32c+0x1ae/0x350 21:31:38 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 73) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1139.237548] ? lock_acquire+0x15e/0x2d0 [ 1139.237563] ? ext4_map_blocks+0x564/0x1470 [ 1139.237583] ? __pfx_down_write+0x10/0x10 [ 1139.237602] ext4_map_blocks+0x62d/0x1470 [ 1139.237618] ? __up_read+0x26f/0x710 [ 1139.237636] ? __pfx_ext4_map_blocks+0x10/0x10 [ 1139.237648] ? __pfx___up_read+0x10/0x10 [ 1139.237667] ? lock_release+0xc8/0x270 [ 1139.237685] ? ext4_map_blocks+0x1e9/0x1470 [ 1139.237702] ext4_getblk+0x67d/0x8e0 [ 1139.237715] ? __pfx_ext4_getblk+0x10/0x10 [ 1139.237727] ? __pfx_security_inode_init_security+0x10/0x10 [ 1139.237748] ? crc32c+0x1ae/0x350 [ 1139.237768] ext4_bread+0x2e/0x1a0 [ 1139.237781] ext4_append+0x21d/0x530 [ 1139.237797] ? __pfx_ext4_append+0x10/0x10 [ 1139.237813] ? __pfx___ext4_new_inode+0x10/0x10 [ 1139.237833] ext4_init_new_dir+0x13c/0x240 [ 1139.237851] ? __pfx_ext4_init_new_dir+0x10/0x10 [ 1139.237875] ext4_mkdir+0x3c5/0xb30 [ 1139.237896] ? __pfx_ext4_mkdir+0x10/0x10 [ 1139.237914] ? security_inode_permission+0x72/0xe0 [ 1139.237930] vfs_mkdir+0x6d8/0xc00 [ 1139.237952] do_mkdirat+0x11a/0x440 [ 1139.237967] ? __pfx_do_mkdirat+0x10/0x10 [ 1139.237981] ? strncpy_from_user+0x21b/0x2f0 [ 1139.238004] __x64_sys_mkdir+0x65/0x80 [ 1139.238018] do_syscall_64+0xbf/0x420 [ 1139.238038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1139.238052] RIP: 0033:0x7f1fa08c3c27 [ 1139.238062] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1139.238074] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1139.238087] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1139.238095] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1139.238103] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1139.238110] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1139.238118] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1139.238134] [ 1139.268661] loop4: detected capacity change from 0 to 5 21:31:38 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x80000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1139.328577] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:31:38 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xa000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:31:38 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfbffffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:38 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 74) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1139.406867] loop4: detected capacity change from 0 to 5 [ 1139.408703] FAULT_INJECTION: forcing a failure. [ 1139.408703] name failslab, interval 1, probability 0, space 0, times 0 [ 1139.409759] CPU: 1 UID: 0 PID: 9409 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1139.409775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1139.409783] Call Trace: [ 1139.409789] [ 1139.409795] dump_stack_lvl+0xfa/0x120 [ 1139.409816] should_fail_ex+0x4d7/0x5e0 [ 1139.409841] ? __es_insert_extent+0xed2/0x1370 [ 1139.409861] should_failslab+0xc2/0x120 [ 1139.409877] kmem_cache_alloc_noprof+0x80/0x760 [ 1139.409900] ? __es_insert_extent+0xed2/0x1370 [ 1139.409920] __es_insert_extent+0xed2/0x1370 [ 1139.409947] ext4_es_insert_extent+0x43d/0x1060 [ 1139.409962] ? crc32c+0x1ae/0x350 [ 1139.409980] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 1139.409992] ? lock_acquire+0x15e/0x2d0 [ 1139.410009] ? ext4_map_blocks+0x564/0x1470 [ 1139.410029] ? __pfx_down_write+0x10/0x10 [ 1139.410052] ext4_map_blocks+0x808/0x1470 [ 1139.410067] ? __up_read+0x26f/0x710 [ 1139.410085] ? __pfx_ext4_map_blocks+0x10/0x10 [ 1139.410097] ? __pfx___up_read+0x10/0x10 [ 1139.410115] ? lock_release+0xc8/0x270 [ 1139.410134] ? ext4_map_blocks+0x1e9/0x1470 [ 1139.410150] ext4_getblk+0x67d/0x8e0 [ 1139.410164] ? __pfx_ext4_getblk+0x10/0x10 [ 1139.410175] ? __pfx_security_inode_init_security+0x10/0x10 [ 1139.410197] ? crc32c+0x1ae/0x350 [ 1139.410216] ext4_bread+0x2e/0x1a0 [ 1139.410229] ext4_append+0x21d/0x530 [ 1139.410246] ? __pfx_ext4_append+0x10/0x10 [ 1139.410262] ? __pfx___ext4_new_inode+0x10/0x10 [ 1139.410291] ext4_init_new_dir+0x13c/0x240 [ 1139.410309] ? __pfx_ext4_init_new_dir+0x10/0x10 [ 1139.410332] ext4_mkdir+0x3c5/0xb30 [ 1139.410353] ? __pfx_ext4_mkdir+0x10/0x10 [ 1139.410371] ? security_inode_permission+0x72/0xe0 [ 1139.410387] vfs_mkdir+0x6d8/0xc00 [ 1139.410409] do_mkdirat+0x11a/0x440 [ 1139.410424] ? __pfx_do_mkdirat+0x10/0x10 [ 1139.410439] ? strncpy_from_user+0x21b/0x2f0 [ 1139.410460] __x64_sys_mkdir+0x65/0x80 [ 1139.410475] do_syscall_64+0xbf/0x420 [ 1139.410490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1139.410503] RIP: 0033:0x7f1fa08c3c27 [ 1139.410514] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1139.410527] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1139.410539] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1139.410548] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1139.410555] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1139.410563] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1139.410570] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1139.410587] 21:31:39 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 49) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1139.451241] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:31:39 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 75) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1139.481824] FAULT_INJECTION: forcing a failure. [ 1139.481824] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1139.494356] CPU: 0 UID: 0 PID: 9414 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1139.494396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1139.494412] Call Trace: [ 1139.494421] [ 1139.494431] dump_stack_lvl+0xfa/0x120 [ 1139.494467] should_fail_ex+0x4d7/0x5e0 [ 1139.494512] ? page_copy_sane+0xce/0x2b0 [ 1139.494556] copy_folio_from_iter_atomic+0x383/0x1820 [ 1139.494613] ? fault_in_readable+0x12a/0x1d0 [ 1139.494651] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1139.494697] ? shmem_write_begin+0x1ab/0x3b0 [ 1139.494734] ? __pfx_shmem_write_begin+0x10/0x10 [ 1139.494772] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1139.494825] generic_perform_write+0x1d7/0x810 [ 1139.494867] ? __pfx_generic_perform_write+0x10/0x10 [ 1139.494904] ? file_update_time_flags+0x367/0x4f0 [ 1139.494944] shmem_file_write_iter+0x111/0x140 [ 1139.494975] vfs_write+0xbe9/0x1150 [ 1139.495001] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1139.495031] ? __fget_files+0x34/0x3b0 [ 1139.495066] ? __pfx_vfs_write+0x10/0x10 [ 1139.495112] __x64_sys_pwrite64+0x1f1/0x260 [ 1139.495141] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1139.495178] do_syscall_64+0xbf/0x420 [ 1139.495210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1139.495238] RIP: 0033:0x7f32b3526ab7 [ 1139.495258] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1139.495284] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1139.495310] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1139.495328] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1139.495345] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1139.495361] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1139.495377] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1139.495409] [ 1139.573981] loop4: detected capacity change from 0 to 5 [ 1139.584132] FAULT_INJECTION: forcing a failure. [ 1139.584132] name failslab, interval 1, probability 0, space 0, times 0 [ 1139.608703] CPU: 0 UID: 0 PID: 9416 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1139.608740] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1139.608755] Call Trace: [ 1139.608764] [ 1139.608774] dump_stack_lvl+0xfa/0x120 [ 1139.608810] should_fail_ex+0x4d7/0x5e0 [ 1139.608858] ? jbd2_journal_add_journal_head+0x367/0x5d0 [ 1139.608895] should_failslab+0xc2/0x120 [ 1139.608923] kmem_cache_alloc_noprof+0x80/0x760 [ 1139.608961] ? fs_reclaim_acquire+0xae/0x150 [ 1139.608995] ? jbd2_journal_add_journal_head+0x367/0x5d0 [ 1139.609031] jbd2_journal_add_journal_head+0x367/0x5d0 [ 1139.609080] jbd2_journal_get_create_access+0x44/0x560 [ 1139.609106] ? lock_is_held_type+0x9e/0x120 [ 1139.609134] __ext4_journal_get_create_access+0x54/0x1b0 [ 1139.609173] ext4_getblk+0x3c5/0x8e0 [ 1139.609200] ? __pfx_ext4_getblk+0x10/0x10 [ 1139.609223] ? __pfx_security_inode_init_security+0x10/0x10 [ 1139.609265] ? crc32c+0x1ae/0x350 [ 1139.609304] ext4_bread+0x2e/0x1a0 [ 1139.609331] ext4_append+0x21d/0x530 [ 1139.609364] ? __pfx_ext4_append+0x10/0x10 [ 1139.609396] ? __pfx___ext4_new_inode+0x10/0x10 [ 1139.609436] ext4_init_new_dir+0x13c/0x240 [ 1139.609472] ? __pfx_ext4_init_new_dir+0x10/0x10 [ 1139.609519] ext4_mkdir+0x3c5/0xb30 [ 1139.609561] ? __pfx_ext4_mkdir+0x10/0x10 [ 1139.609596] ? security_inode_permission+0x72/0xe0 [ 1139.609628] vfs_mkdir+0x6d8/0xc00 [ 1139.609672] do_mkdirat+0x11a/0x440 [ 1139.609702] ? __pfx_do_mkdirat+0x10/0x10 [ 1139.609730] ? strncpy_from_user+0x21b/0x2f0 [ 1139.609773] __x64_sys_mkdir+0x65/0x80 [ 1139.609802] do_syscall_64+0xbf/0x420 [ 1139.609832] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1139.609858] RIP: 0033:0x7f1fa08c3c27 [ 1139.609877] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1139.609902] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1139.609927] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1139.609944] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1139.609959] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1139.609975] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1139.609990] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1139.610022] [ 1139.684324] ENOMEM in journal_alloc_journal_head, retrying. 21:31:49 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 50) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:49 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x5000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:49 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x1000000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:49 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x4}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:31:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 76) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:49 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:31:49 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 89) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:49 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfeff1f00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1150.338991] FAULT_INJECTION: forcing a failure. [ 1150.338991] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1150.340188] CPU: 0 UID: 0 PID: 9440 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1150.340207] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1150.340215] Call Trace: [ 1150.340220] [ 1150.340225] dump_stack_lvl+0xfa/0x120 [ 1150.340246] should_fail_ex+0x4d7/0x5e0 [ 1150.340269] ? page_copy_sane+0xce/0x2b0 [ 1150.340296] copy_folio_from_iter_atomic+0x383/0x1820 [ 1150.340326] ? fault_in_readable+0x12a/0x1d0 [ 1150.340346] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1150.340369] ? shmem_write_begin+0x1ab/0x3b0 [ 1150.340393] ? __pfx_shmem_write_begin+0x10/0x10 [ 1150.340412] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1150.340440] generic_perform_write+0x1d7/0x810 [ 1150.340461] ? __pfx_generic_perform_write+0x10/0x10 [ 1150.340479] ? file_update_time_flags+0x367/0x4f0 [ 1150.340501] shmem_file_write_iter+0x111/0x140 [ 1150.340516] vfs_write+0xbe9/0x1150 [ 1150.340530] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1150.340545] ? __fget_files+0x34/0x3b0 [ 1150.340559] ? __pfx_vfs_write+0x10/0x10 [ 1150.340582] __x64_sys_pwrite64+0x1f1/0x260 [ 1150.340596] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1150.340615] do_syscall_64+0xbf/0x420 [ 1150.340632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1150.340647] RIP: 0033:0x7f9f6fba4ab7 [ 1150.340657] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1150.340671] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1150.340684] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1150.340693] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1150.340702] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1150.340710] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1150.340718] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1150.340734] [ 1150.351696] set_capacity_and_notify: 2 callbacks suppressed [ 1150.351720] loop4: detected capacity change from 0 to 5 [ 1150.352861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1150.359357] FAULT_INJECTION: forcing a failure. [ 1150.359357] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1150.360241] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1150.363566] CPU: 1 UID: 0 PID: 9444 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1150.363604] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1150.363619] Call Trace: [ 1150.363629] [ 1150.363638] dump_stack_lvl+0xfa/0x120 [ 1150.363674] should_fail_ex+0x4d7/0x5e0 [ 1150.363721] ? page_copy_sane+0xce/0x2b0 [ 1150.363764] copy_folio_from_iter_atomic+0x383/0x1820 [ 1150.363820] ? fault_in_readable+0x12a/0x1d0 [ 1150.363859] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1150.363905] ? shmem_write_begin+0x1ab/0x3b0 [ 1150.363943] ? __pfx_shmem_write_begin+0x10/0x10 [ 1150.363980] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1150.364033] generic_perform_write+0x1d7/0x810 [ 1150.364084] ? __pfx_generic_perform_write+0x10/0x10 [ 1150.364121] ? file_update_time_flags+0x367/0x4f0 [ 1150.364162] shmem_file_write_iter+0x111/0x140 [ 1150.364193] vfs_write+0xbe9/0x1150 [ 1150.364219] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1150.364249] ? __fget_files+0x34/0x3b0 [ 1150.364276] ? __pfx_vfs_write+0x10/0x10 [ 1150.364323] __x64_sys_pwrite64+0x1f1/0x260 [ 1150.364351] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1150.364389] do_syscall_64+0xbf/0x420 [ 1150.364421] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1150.364448] RIP: 0033:0x7f32b3526ab7 [ 1150.364469] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1150.364494] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1150.364519] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1150.364537] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1150.364554] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1150.364570] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1150.364585] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1150.364618] [ 1150.366201] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1150.372351] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:31:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 77) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1150.481972] loop4: detected capacity change from 0 to 5 [ 1150.491700] FAULT_INJECTION: forcing a failure. [ 1150.491700] name failslab, interval 1, probability 0, space 0, times 0 [ 1150.492841] CPU: 0 UID: 0 PID: 9454 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1150.492859] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1150.492867] Call Trace: [ 1150.492873] [ 1150.492878] dump_stack_lvl+0xfa/0x120 [ 1150.492899] should_fail_ex+0x4d7/0x5e0 [ 1150.492929] ? jbd2_journal_add_journal_head+0x367/0x5d0 [ 1150.492950] should_failslab+0xc2/0x120 [ 1150.492966] kmem_cache_alloc_noprof+0x80/0x760 [ 1150.492986] ? fs_reclaim_acquire+0xae/0x150 [ 1150.493005] ? jbd2_journal_add_journal_head+0x367/0x5d0 [ 1150.493024] jbd2_journal_add_journal_head+0x367/0x5d0 [ 1150.493050] jbd2_journal_get_create_access+0x44/0x560 [ 1150.493064] ? lock_is_held_type+0x9e/0x120 [ 1150.493079] __ext4_journal_get_create_access+0x54/0x1b0 [ 1150.493099] ext4_getblk+0x3c5/0x8e0 [ 1150.493114] ? __pfx_ext4_getblk+0x10/0x10 [ 1150.493126] ? __pfx_security_inode_init_security+0x10/0x10 [ 1150.493148] ? crc32c+0x1ae/0x350 [ 1150.493170] ext4_bread+0x2e/0x1a0 [ 1150.493183] ext4_append+0x21d/0x530 [ 1150.493202] ? __pfx_ext4_append+0x10/0x10 [ 1150.493218] ? __pfx___ext4_new_inode+0x10/0x10 [ 1150.493238] ext4_init_new_dir+0x13c/0x240 [ 1150.493257] ? __pfx_ext4_init_new_dir+0x10/0x10 [ 1150.493280] ext4_mkdir+0x3c5/0xb30 [ 1150.493301] ? __pfx_ext4_mkdir+0x10/0x10 [ 1150.493318] ? security_inode_permission+0x72/0xe0 [ 1150.493335] vfs_mkdir+0x6d8/0xc00 [ 1150.493359] do_mkdirat+0x11a/0x440 [ 1150.493374] ? __pfx_do_mkdirat+0x10/0x10 [ 1150.493388] ? strncpy_from_user+0x21b/0x2f0 [ 1150.493411] __x64_sys_mkdir+0x65/0x80 [ 1150.493425] do_syscall_64+0xbf/0x420 [ 1150.493441] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1150.493455] RIP: 0033:0x7f1fa08c3c27 [ 1150.493465] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1150.493477] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1150.493489] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1150.493498] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1150.493506] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1150.493514] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1150.493521] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1150.493538] [ 1150.526980] ENOMEM in journal_alloc_journal_head, retrying. [ 1150.531179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1150.531633] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1150.532393] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1150.556209] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1150.570417] loop7: detected capacity change from 0 to 32640 21:31:50 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffdffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:50 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x2000000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:50 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xe000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:31:50 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x6000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 78) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:50 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x8}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 1150.743389] loop4: detected capacity change from 0 to 5 [ 1150.749756] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1150.769825] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1150.770760] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1150.772131] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1150.785828] loop6: detected capacity change from 0 to 32640 [ 1150.787770] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1150.789177] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1150.790621] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1150.852486] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1150.854018] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1150.855439] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1150.857215] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1150.857729] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1150.858630] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:31:59 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 51) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:59 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x3000000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:59 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x10}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:31:59 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 90) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:59 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x10000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:31:59 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 79) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:59 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xffff1f00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:31:59 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x7000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1159.919695] loop4: detected capacity change from 0 to 5 [ 1159.920827] FAULT_INJECTION: forcing a failure. [ 1159.920827] name failslab, interval 1, probability 0, space 0, times 0 [ 1159.922355] CPU: 1 UID: 0 PID: 9489 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1159.922374] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1159.922382] Call Trace: [ 1159.922392] [ 1159.922397] dump_stack_lvl+0xfa/0x120 [ 1159.922417] should_fail_ex+0x4d7/0x5e0 [ 1159.922443] ? jbd2_journal_add_journal_head+0x367/0x5d0 [ 1159.922462] should_failslab+0xc2/0x120 [ 1159.922478] kmem_cache_alloc_noprof+0x80/0x760 [ 1159.922504] ? fs_reclaim_acquire+0xae/0x150 [ 1159.922521] ? jbd2_journal_add_journal_head+0x367/0x5d0 [ 1159.922539] jbd2_journal_add_journal_head+0x367/0x5d0 [ 1159.922559] jbd2_journal_get_create_access+0x44/0x560 [ 1159.922573] ? lock_is_held_type+0x9e/0x120 [ 1159.922587] __ext4_journal_get_create_access+0x54/0x1b0 [ 1159.922607] ext4_getblk+0x3c5/0x8e0 [ 1159.922621] ? __pfx_ext4_getblk+0x10/0x10 [ 1159.922632] ? __pfx_security_inode_init_security+0x10/0x10 [ 1159.922654] ? crc32c+0x1ae/0x350 [ 1159.922674] ext4_bread+0x2e/0x1a0 [ 1159.922687] ext4_append+0x21d/0x530 [ 1159.922704] ? __pfx_ext4_append+0x10/0x10 [ 1159.922720] ? __pfx___ext4_new_inode+0x10/0x10 [ 1159.922739] ext4_init_new_dir+0x13c/0x240 [ 1159.922758] ? __pfx_ext4_init_new_dir+0x10/0x10 [ 1159.922781] ext4_mkdir+0x3c5/0xb30 [ 1159.922802] ? __pfx_ext4_mkdir+0x10/0x10 [ 1159.922819] ? security_inode_permission+0x72/0xe0 [ 1159.922835] vfs_mkdir+0x6d8/0xc00 [ 1159.922857] do_mkdirat+0x11a/0x440 [ 1159.922872] ? __pfx_do_mkdirat+0x10/0x10 [ 1159.922886] ? strncpy_from_user+0x21b/0x2f0 [ 1159.922908] __x64_sys_mkdir+0x65/0x80 [ 1159.922922] do_syscall_64+0xbf/0x420 [ 1159.922937] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1159.922950] RIP: 0033:0x7f1fa08c3c27 [ 1159.922961] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1159.922973] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 1159.922985] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c3c27 [ 1159.922994] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 1159.923001] RBP: 00007f1f9de3a040 R08: 0000000000000000 R09: ffffffffffffffff [ 1159.923009] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 1159.923017] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1159.923032] [ 1159.947180] ENOMEM in journal_alloc_journal_head, retrying. [ 1159.948181] FAULT_INJECTION: forcing a failure. [ 1159.948181] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1159.952312] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1159.961359] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1159.961802] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1159.962511] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1159.988265] FAULT_INJECTION: forcing a failure. [ 1159.988265] name fail_page_alloc, interval 1, probability 0, space 0, times 0 21:31:59 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 80) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1159.992328] CPU: 0 UID: 0 PID: 9490 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1159.992372] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1159.992388] Call Trace: [ 1159.992397] [ 1159.992407] dump_stack_lvl+0xfa/0x120 [ 1159.992444] should_fail_ex+0x4d7/0x5e0 [ 1159.992496] should_fail_alloc_page+0xe0/0x110 [ 1159.992528] prepare_alloc_pages+0x1eb/0x550 [ 1159.992556] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1159.992600] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1159.992639] ? pte_offset_map_lock+0x190/0x330 [ 1159.992669] ? find_held_lock+0x2b/0x80 [ 1159.992698] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1159.992743] ? lock_is_held_type+0x9e/0x120 [ 1159.992770] ? lock_is_held_type+0x9e/0x120 [ 1159.992791] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1159.992832] ? policy_nodemask+0xeb/0x4e0 [ 1159.992872] alloc_pages_mpol+0xed/0x340 [ 1159.992908] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1159.992942] ? filemap_get_entry+0x1bb/0x3b0 [ 1159.992978] ? __pfx_filemap_get_entry+0x10/0x10 [ 1159.993020] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1159.993071] shmem_alloc_folio+0x11b/0x140 [ 1159.993101] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1159.993148] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1159.993189] ? fault_in_readable+0x12a/0x1d0 [ 1159.993226] shmem_write_begin+0x194/0x3b0 [ 1159.993261] ? __pfx_shmem_write_begin+0x10/0x10 [ 1159.993297] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1159.993345] generic_perform_write+0x391/0x810 [ 1159.993385] ? __pfx_generic_perform_write+0x10/0x10 [ 1159.993419] ? file_update_time_flags+0x367/0x4f0 [ 1159.993458] shmem_file_write_iter+0x111/0x140 [ 1159.993487] vfs_write+0xbe9/0x1150 [ 1159.993511] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1159.993538] ? __fget_files+0x34/0x3b0 [ 1159.993564] ? __pfx_vfs_write+0x10/0x10 [ 1159.993609] __x64_sys_pwrite64+0x1f1/0x260 [ 1159.993636] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1159.993672] do_syscall_64+0xbf/0x420 [ 1159.993702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1159.993728] RIP: 0033:0x7f9f6fba4ab7 [ 1159.993749] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1159.993774] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1159.993798] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1159.993815] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1159.993832] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1159.993847] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1159.993862] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1159.993893] [ 1160.015698] loop4: detected capacity change from 0 to 5 [ 1160.018173] CPU: 0 UID: 0 PID: 9497 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1160.018208] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1160.018222] Call Trace: [ 1160.018230] [ 1160.018239] dump_stack_lvl+0xfa/0x120 [ 1160.018270] should_fail_ex+0x4d7/0x5e0 [ 1160.018314] should_fail_alloc_page+0xe0/0x110 [ 1160.018344] prepare_alloc_pages+0x1eb/0x550 [ 1160.018370] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1160.018414] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1160.018452] ? pte_offset_map_lock+0x190/0x330 [ 1160.018482] ? find_held_lock+0x2b/0x80 [ 1160.018525] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1160.018570] ? lock_is_held_type+0x9e/0x120 [ 1160.018595] ? lock_is_held_type+0x9e/0x120 [ 1160.018615] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1160.018655] ? policy_nodemask+0xeb/0x4e0 [ 1160.018694] alloc_pages_mpol+0xed/0x340 [ 1160.018729] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1160.018763] ? filemap_get_entry+0x1bb/0x3b0 [ 1160.018797] ? __pfx_filemap_get_entry+0x10/0x10 [ 1160.018838] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1160.018881] shmem_alloc_folio+0x11b/0x140 [ 1160.018911] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1160.018956] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1160.018997] ? fault_in_readable+0x12a/0x1d0 [ 1160.019034] shmem_write_begin+0x194/0x3b0 [ 1160.019077] ? __pfx_shmem_write_begin+0x10/0x10 [ 1160.019112] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1160.019160] generic_perform_write+0x391/0x810 [ 1160.019199] ? __pfx_generic_perform_write+0x10/0x10 [ 1160.019234] ? file_update_time_flags+0x367/0x4f0 [ 1160.019271] shmem_file_write_iter+0x111/0x140 [ 1160.019300] vfs_write+0xbe9/0x1150 [ 1160.019324] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1160.019351] ? __fget_files+0x34/0x3b0 [ 1160.019375] ? __pfx_vfs_write+0x10/0x10 [ 1160.019420] __x64_sys_pwrite64+0x1f1/0x260 [ 1160.019446] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1160.019482] do_syscall_64+0xbf/0x420 [ 1160.019511] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1160.019535] RIP: 0033:0x7f32b3526ab7 [ 1160.019554] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1160.019579] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1160.019603] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1160.019619] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1160.019635] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1160.019650] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1160.019665] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1160.019696] [ 1160.020775] loop6: detected capacity change from 0 to 96 [ 1160.047087] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1160.050655] loop7: detected capacity change from 0 to 200 21:31:59 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 81) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:31:59 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 91) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1160.146595] FAULT_INJECTION: forcing a failure. [ 1160.146595] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1160.147715] CPU: 1 UID: 0 PID: 9515 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1160.147733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1160.147740] Call Trace: [ 1160.147747] [ 1160.147752] dump_stack_lvl+0xfa/0x120 [ 1160.147772] should_fail_ex+0x4d7/0x5e0 [ 1160.147799] ? page_copy_sane+0xce/0x2b0 [ 1160.147821] copy_folio_from_iter_atomic+0x383/0x1820 [ 1160.147848] ? fault_in_readable+0x12a/0x1d0 [ 1160.147867] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1160.147889] ? shmem_write_begin+0x1ab/0x3b0 [ 1160.147907] ? __pfx_shmem_write_begin+0x10/0x10 [ 1160.147924] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1160.147949] generic_perform_write+0x1d7/0x810 [ 1160.147970] ? __pfx_generic_perform_write+0x10/0x10 [ 1160.147987] ? file_update_time_flags+0x367/0x4f0 [ 1160.148007] shmem_file_write_iter+0x111/0x140 [ 1160.148022] vfs_write+0xbe9/0x1150 [ 1160.148040] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1160.148053] ? __fget_files+0x34/0x3b0 [ 1160.148067] ? __pfx_vfs_write+0x10/0x10 [ 1160.148089] __x64_sys_pwrite64+0x1f1/0x260 [ 1160.148102] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1160.148120] do_syscall_64+0xbf/0x420 [ 1160.148135] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1160.148149] RIP: 0033:0x7f9f6fba4ab7 [ 1160.148159] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1160.148172] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1160.148184] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1160.148193] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1160.148201] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1160.148209] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1160.148217] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1160.148232] [ 1160.239525] loop4: detected capacity change from 0 to 5 [ 1160.240347] loop7: detected capacity change from 0 to 32640 [ 1160.242917] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 1160.252766] FAULT_INJECTION: forcing a failure. [ 1160.252766] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1160.254681] CPU: 0 UID: 0 PID: 9518 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1160.254713] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1160.254728] Call Trace: [ 1160.254736] [ 1160.254746] dump_stack_lvl+0xfa/0x120 [ 1160.254780] should_fail_ex+0x4d7/0x5e0 [ 1160.254827] _copy_from_user+0x30/0xd0 [ 1160.254870] memdup_user+0x7e/0xe0 [ 1160.254907] strndup_user+0x78/0xe0 [ 1160.254943] __x64_sys_mount+0x136/0x310 [ 1160.254979] ? __pfx___x64_sys_mount+0x10/0x10 [ 1160.255008] ? irqentry_exit+0xee/0x650 [ 1160.255031] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 1160.255071] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1160.255112] do_syscall_64+0xbf/0x420 [ 1160.255142] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1160.255168] RIP: 0033:0x7f1fa08c604a [ 1160.255187] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1160.255211] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1160.255235] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c604a [ 1160.255252] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f1f9de3a000 [ 1160.255268] RBP: 00007f1f9de3a040 R08: 00007f1f9de3a040 R09: 0000000020000000 [ 1160.255284] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 1160.255299] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1160.255331] 21:32:10 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 52) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:10 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:10 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfeff3f00000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:32:10 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x4000000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:10 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 82) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:10 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffffdff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:10 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x300}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:32:10 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 92) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1170.575732] FAULT_INJECTION: forcing a failure. [ 1170.575732] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1170.577251] CPU: 1 UID: 0 PID: 9532 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1170.577270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1170.577278] Call Trace: [ 1170.577283] [ 1170.577289] dump_stack_lvl+0xfa/0x120 [ 1170.577310] should_fail_ex+0x4d7/0x5e0 [ 1170.577333] ? page_copy_sane+0xce/0x2b0 [ 1170.577355] copy_folio_from_iter_atomic+0x383/0x1820 [ 1170.577384] ? fault_in_readable+0x12a/0x1d0 [ 1170.577404] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1170.577427] ? shmem_write_begin+0x1ab/0x3b0 [ 1170.577446] ? __pfx_shmem_write_begin+0x10/0x10 [ 1170.577465] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1170.577491] generic_perform_write+0x1d7/0x810 [ 1170.577512] ? __pfx_generic_perform_write+0x10/0x10 [ 1170.577531] ? file_update_time_flags+0x367/0x4f0 [ 1170.577552] shmem_file_write_iter+0x111/0x140 [ 1170.577567] vfs_write+0xbe9/0x1150 [ 1170.577581] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1170.577595] ? __fget_files+0x34/0x3b0 [ 1170.577609] ? __pfx_vfs_write+0x10/0x10 [ 1170.577633] __x64_sys_pwrite64+0x1f1/0x260 [ 1170.577647] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1170.577666] do_syscall_64+0xbf/0x420 [ 1170.577682] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1170.577697] RIP: 0033:0x7f9f6fba4ab7 [ 1170.577707] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1170.577720] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1170.577733] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1170.577742] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1170.577751] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1170.577759] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1170.577767] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1170.577783] [ 1170.610783] FAULT_INJECTION: forcing a failure. [ 1170.610783] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1170.615575] CPU: 1 UID: 0 PID: 9540 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1170.615594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1170.615602] Call Trace: [ 1170.615606] [ 1170.615611] dump_stack_lvl+0xfa/0x120 [ 1170.615626] should_fail_ex+0x4d7/0x5e0 [ 1170.615647] ? page_copy_sane+0xce/0x2b0 [ 1170.615668] copy_folio_from_iter_atomic+0x383/0x1820 [ 1170.615695] ? fault_in_readable+0x12a/0x1d0 [ 1170.615714] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1170.615736] ? shmem_write_begin+0x1ab/0x3b0 [ 1170.615754] ? __pfx_shmem_write_begin+0x10/0x10 [ 1170.615772] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1170.615797] generic_perform_write+0x1d7/0x810 [ 1170.615817] ? __pfx_generic_perform_write+0x10/0x10 [ 1170.615835] ? file_update_time_flags+0x367/0x4f0 [ 1170.615855] shmem_file_write_iter+0x111/0x140 [ 1170.615870] vfs_write+0xbe9/0x1150 [ 1170.615882] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1170.615896] ? __fget_files+0x34/0x3b0 [ 1170.615909] ? __pfx_vfs_write+0x10/0x10 [ 1170.615932] __x64_sys_pwrite64+0x1f1/0x260 [ 1170.615946] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1170.615965] do_syscall_64+0xbf/0x420 [ 1170.615980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1170.615993] RIP: 0033:0x7f32b3526ab7 [ 1170.616002] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1170.616015] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1170.616028] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1170.616041] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1170.616049] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1170.616057] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1170.616065] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1170.616084] [ 1170.622106] loop4: detected capacity change from 0 to 5 [ 1170.653219] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1170.653739] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1170.654866] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:32:10 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 83) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1170.728864] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1170.729687] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1170.730802] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1170.758758] loop7: detected capacity change from 0 to 32640 [ 1170.773323] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1170.778157] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1170.779470] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1170.788487] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1170.788998] I/O error, dev sr0, sector 1 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1170.792188] Buffer I/O error on dev sr0, logical block 1, lost async page write 21:32:10 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x8100000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:10 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8100000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:10 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffffff4, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:10 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x100000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1170.866081] loop4: detected capacity change from 0 to 5 [ 1170.869086] FAULT_INJECTION: forcing a failure. [ 1170.869086] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1170.873457] CPU: 1 UID: 0 PID: 9556 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1170.873474] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1170.873482] Call Trace: [ 1170.873487] [ 1170.873491] dump_stack_lvl+0xfa/0x120 [ 1170.873512] should_fail_ex+0x4d7/0x5e0 [ 1170.873537] _copy_from_user+0x30/0xd0 [ 1170.873559] memdup_user+0x7e/0xe0 [ 1170.873578] strndup_user+0x78/0xe0 [ 1170.873596] __x64_sys_mount+0x136/0x310 [ 1170.873613] ? __pfx___x64_sys_mount+0x10/0x10 [ 1170.873628] ? irqentry_exit+0xee/0x650 [ 1170.873639] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 1170.873657] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1170.873678] do_syscall_64+0xbf/0x420 [ 1170.873693] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1170.873707] RIP: 0033:0x7f1fa08c604a [ 1170.873717] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1170.873729] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1170.873742] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c604a [ 1170.873750] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f1f9de3a000 [ 1170.873758] RBP: 00007f1f9de3a040 R08: 00007f1f9de3a040 R09: 0000000020000000 [ 1170.873766] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 1170.873773] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1170.873789] 21:32:10 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 93) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:10 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x810}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 1170.971428] FAULT_INJECTION: forcing a failure. [ 1170.971428] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1170.976197] CPU: 1 UID: 0 PID: 9567 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1170.976222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1170.976232] Call Trace: [ 1170.976237] [ 1170.976242] dump_stack_lvl+0xfa/0x120 [ 1170.976270] should_fail_ex+0x4d7/0x5e0 [ 1170.976306] should_fail_alloc_page+0xe0/0x110 [ 1170.976333] prepare_alloc_pages+0x1eb/0x550 [ 1170.976352] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1170.976382] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1170.976410] ? pte_offset_map_lock+0x190/0x330 [ 1170.976432] ? find_held_lock+0x2b/0x80 [ 1170.976455] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1170.976489] ? lock_is_held_type+0x9e/0x120 [ 1170.976508] ? lock_is_held_type+0x9e/0x120 [ 1170.976526] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1170.976560] ? policy_nodemask+0xeb/0x4e0 [ 1170.976587] alloc_pages_mpol+0xed/0x340 [ 1170.976615] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1170.976636] ? filemap_get_entry+0x1bb/0x3b0 [ 1170.976660] ? __pfx_filemap_get_entry+0x10/0x10 [ 1170.976692] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1170.976726] shmem_alloc_folio+0x11b/0x140 [ 1170.976746] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1170.976777] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1170.976806] ? fault_in_readable+0x12a/0x1d0 [ 1170.976831] shmem_write_begin+0x194/0x3b0 [ 1170.976859] ? __pfx_shmem_write_begin+0x10/0x10 [ 1170.976879] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1170.976911] generic_perform_write+0x391/0x810 [ 1170.976942] ? __pfx_generic_perform_write+0x10/0x10 [ 1170.976968] ? file_update_time_flags+0x367/0x4f0 [ 1170.976997] shmem_file_write_iter+0x111/0x140 [ 1170.977020] vfs_write+0xbe9/0x1150 [ 1170.977049] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1170.977074] ? __fget_files+0x34/0x3b0 [ 1170.977096] ? __pfx_vfs_write+0x10/0x10 [ 1170.977126] __x64_sys_pwrite64+0x1f1/0x260 [ 1170.977144] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1170.977170] do_syscall_64+0xbf/0x420 [ 1170.977198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1170.977219] RIP: 0033:0x7f9f6fba4ab7 [ 1170.977235] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1170.977251] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1170.977265] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1170.977276] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1170.977288] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1170.977301] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1170.977311] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1170.977336] [ 1171.003696] loop6: detected capacity change from 0 to 32640 21:32:10 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 84) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1171.020729] loop7: detected capacity change from 0 to 208 [ 1171.026913] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 1171.076681] loop4: detected capacity change from 0 to 5 [ 1171.082718] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1171.089830] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1171.090521] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1171.091384] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1171.109422] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1171.110297] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1171.111699] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1171.180183] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1171.181095] I/O error, dev sr0, sector 4 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1171.182469] Buffer I/O error on dev sr0, logical block 4, lost async page write 21:32:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 94) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:20 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x10000000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 85) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:20 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xa000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:20 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x1008}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:32:20 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x200000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:32:20 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffffff5, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 53) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1180.488152] FAULT_INJECTION: forcing a failure. [ 1180.488152] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1180.489115] CPU: 1 UID: 0 PID: 9592 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1180.489137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1180.489151] Call Trace: [ 1180.489157] [ 1180.489163] dump_stack_lvl+0xfa/0x120 [ 1180.489182] should_fail_ex+0x4d7/0x5e0 [ 1180.489204] ? page_copy_sane+0xce/0x2b0 [ 1180.489225] copy_folio_from_iter_atomic+0x383/0x1820 [ 1180.489252] ? fault_in_readable+0x12a/0x1d0 [ 1180.489270] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1180.489291] ? shmem_write_begin+0x1ab/0x3b0 [ 1180.489310] ? __pfx_shmem_write_begin+0x10/0x10 [ 1180.489327] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1180.489353] generic_perform_write+0x1d7/0x810 [ 1180.489374] ? __pfx_generic_perform_write+0x10/0x10 [ 1180.489391] ? file_update_time_flags+0x367/0x4f0 [ 1180.489411] shmem_file_write_iter+0x111/0x140 [ 1180.489426] vfs_write+0xbe9/0x1150 [ 1180.489439] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1180.489452] ? __fget_files+0x34/0x3b0 [ 1180.489466] ? __pfx_vfs_write+0x10/0x10 [ 1180.489488] __x64_sys_pwrite64+0x1f1/0x260 [ 1180.489502] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1180.489519] do_syscall_64+0xbf/0x420 [ 1180.489535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1180.489548] RIP: 0033:0x7f9f6fba4ab7 [ 1180.489559] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1180.489572] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1180.489584] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1180.489593] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1180.489600] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1180.489608] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1180.489616] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1180.489631] [ 1180.510283] loop4: detected capacity change from 0 to 5 [ 1180.521885] FAULT_INJECTION: forcing a failure. [ 1180.521885] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1180.522842] CPU: 1 UID: 0 PID: 9600 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1180.522860] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1180.522868] Call Trace: [ 1180.522872] [ 1180.522877] dump_stack_lvl+0xfa/0x120 [ 1180.522893] should_fail_ex+0x4d7/0x5e0 [ 1180.522915] ? page_copy_sane+0xce/0x2b0 [ 1180.522936] copy_folio_from_iter_atomic+0x383/0x1820 [ 1180.522965] ? fault_in_readable+0x12a/0x1d0 [ 1180.522983] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1180.523006] ? shmem_write_begin+0x1ab/0x3b0 [ 1180.523025] ? __pfx_shmem_write_begin+0x10/0x10 [ 1180.523048] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1180.523075] generic_perform_write+0x1d7/0x810 [ 1180.523095] ? __pfx_generic_perform_write+0x10/0x10 [ 1180.523114] ? file_update_time_flags+0x367/0x4f0 [ 1180.523134] shmem_file_write_iter+0x111/0x140 [ 1180.523150] vfs_write+0xbe9/0x1150 [ 1180.523163] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1180.523177] ? __fget_files+0x34/0x3b0 [ 1180.523190] ? __pfx_vfs_write+0x10/0x10 [ 1180.523213] __x64_sys_pwrite64+0x1f1/0x260 [ 1180.523227] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1180.523246] do_syscall_64+0xbf/0x420 [ 1180.523262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1180.523275] RIP: 0033:0x7f32b3526ab7 [ 1180.523285] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1180.523298] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1180.523310] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1180.523319] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1180.523327] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1180.523336] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1180.523344] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1180.523364] [ 1180.524640] FAULT_INJECTION: forcing a failure. [ 1180.524640] name failslab, interval 1, probability 0, space 0, times 0 [ 1180.579522] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1180.580002] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1180.583146] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1180.612525] CPU: 0 UID: 0 PID: 9596 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1180.612583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1180.612604] Call Trace: [ 1180.612617] [ 1180.612631] dump_stack_lvl+0xfa/0x120 [ 1180.612680] should_fail_ex+0x4d7/0x5e0 [ 1180.612748] ? copy_mount_options+0x55/0x180 [ 1180.612800] should_failslab+0xc2/0x120 [ 1180.612841] __kmalloc_cache_noprof+0x80/0x780 [ 1180.612892] ? __might_fault+0xe0/0x190 [ 1180.612944] ? copy_mount_options+0x55/0x180 [ 1180.613004] ? memdup_user+0x95/0xe0 [ 1180.613056] copy_mount_options+0x55/0x180 [ 1180.613113] __x64_sys_mount+0x1ab/0x310 [ 1180.613160] ? __pfx___x64_sys_mount+0x10/0x10 [ 1180.613199] ? irqentry_exit+0xee/0x650 [ 1180.613230] ? trace_hardirqs_on_prepare+0xe3/0x110 [ 1180.613275] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1180.613338] do_syscall_64+0xbf/0x420 [ 1180.613382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1180.613420] RIP: 0033:0x7f1fa08c604a [ 1180.613448] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1180.613484] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1180.613520] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c604a [ 1180.613545] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f1f9de3a000 [ 1180.613568] RBP: 00007f1f9de3a040 R08: 00007f1f9de3a040 R09: 0000000020000000 [ 1180.613593] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 1180.613615] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1180.613666] [ 1180.617197] loop6: detected capacity change from 0 to 32640 21:32:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 86) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1180.675286] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1180.676211] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1180.677867] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1180.679221] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1180.680026] I/O error, dev sr0, sector 8 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1180.681568] Buffer I/O error on dev sr0, logical block 8, lost async page write 21:32:20 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:20 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x40000000, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1180.781014] loop7: detected capacity change from 0 to 32640 [ 1180.797932] loop4: detected capacity change from 0 to 5 21:32:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 54) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:20 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x4000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:32:20 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffffffb, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1180.832602] FAULT_INJECTION: forcing a failure. [ 1180.832602] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1180.833600] CPU: 1 UID: 0 PID: 9617 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1180.833618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1180.833626] Call Trace: [ 1180.833631] [ 1180.833637] dump_stack_lvl+0xfa/0x120 [ 1180.833658] should_fail_ex+0x4d7/0x5e0 [ 1180.833683] strncpy_from_user+0x3b/0x2f0 [ 1180.833703] do_getname+0x70/0x3d0 [ 1180.833722] user_path_at+0x29/0x90 [ 1180.833735] __x64_sys_mount+0x1fb/0x310 [ 1180.833753] ? __pfx___x64_sys_mount+0x10/0x10 [ 1180.833767] ? irqentry_exit+0xee/0x650 [ 1180.833780] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1180.833802] do_syscall_64+0xbf/0x420 [ 1180.833817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1180.833831] RIP: 0033:0x7f1fa08c604a [ 1180.833841] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1180.833854] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1180.833867] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c604a [ 1180.833876] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f1f9de3a000 [ 1180.833884] RBP: 00007f1f9de3a040 R08: 00007f1f9de3a040 R09: 0000000020000000 [ 1180.833892] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 1180.833900] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1180.833916] 21:32:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 87) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1180.907006] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1180.909895] FAULT_INJECTION: forcing a failure. [ 1180.909895] name fail_page_alloc, interval 1, probability 0, space 0, times 0 21:32:20 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x300000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1180.910904] CPU: 1 UID: 0 PID: 9626 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1180.910925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1180.910935] Call Trace: [ 1180.910940] [ 1180.910946] dump_stack_lvl+0xfa/0x120 [ 1180.910966] should_fail_ex+0x4d7/0x5e0 [ 1180.910979] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1180.910993] should_fail_alloc_page+0xe0/0x110 [ 1180.911013] prepare_alloc_pages+0x1eb/0x550 [ 1180.911031] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1180.911058] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1180.911079] ? pte_offset_map_lock+0x190/0x330 [ 1180.911095] ? find_held_lock+0x2b/0x80 [ 1180.911111] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1180.911134] ? lock_is_held_type+0x9e/0x120 [ 1180.911148] ? lock_is_held_type+0x9e/0x120 [ 1180.911160] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1180.911182] ? policy_nodemask+0xeb/0x4e0 [ 1180.911204] alloc_pages_mpol+0xed/0x340 [ 1180.911222] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1180.911240] ? filemap_get_entry+0x1bb/0x3b0 [ 1180.911259] ? __pfx_filemap_get_entry+0x10/0x10 [ 1180.911281] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1180.911303] shmem_alloc_folio+0x11b/0x140 [ 1180.911320] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1180.911344] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1180.911366] ? fault_in_readable+0x12a/0x1d0 [ 1180.911385] shmem_write_begin+0x194/0x3b0 [ 1180.911404] ? __pfx_shmem_write_begin+0x10/0x10 [ 1180.911422] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1180.911447] generic_perform_write+0x391/0x810 [ 1180.911468] ? __pfx_generic_perform_write+0x10/0x10 [ 1180.911486] ? file_update_time_flags+0x367/0x4f0 [ 1180.911507] shmem_file_write_iter+0x111/0x140 [ 1180.911522] vfs_write+0xbe9/0x1150 [ 1180.911535] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1180.911550] ? __fget_files+0x34/0x3b0 [ 1180.911564] ? __pfx_vfs_write+0x10/0x10 [ 1180.911587] __x64_sys_pwrite64+0x1f1/0x260 [ 1180.911601] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1180.911619] do_syscall_64+0xbf/0x420 [ 1180.911636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1180.911650] RIP: 0033:0x7f32b3526ab7 [ 1180.911661] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1180.911674] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1180.911687] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1180.911696] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1180.911705] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1180.911713] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1180.911721] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1180.911738] [ 1180.944067] loop6: detected capacity change from 0 to 104 [ 1180.952525] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1180.971300] loop4: detected capacity change from 0 to 5 [ 1180.984108] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:32:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 95) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1180.991673] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:32:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 88) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 55) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1181.033017] FAULT_INJECTION: forcing a failure. [ 1181.033017] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1181.034930] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1181.037513] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1181.038937] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1181.042337] CPU: 1 UID: 0 PID: 9637 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1181.042357] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1181.042366] Call Trace: [ 1181.042371] [ 1181.042376] dump_stack_lvl+0xfa/0x120 [ 1181.042396] should_fail_ex+0x4d7/0x5e0 [ 1181.042418] ? page_copy_sane+0xce/0x2b0 [ 1181.042439] copy_folio_from_iter_atomic+0x383/0x1820 [ 1181.042467] ? fault_in_readable+0x12a/0x1d0 [ 1181.042485] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1181.042507] ? shmem_write_begin+0x1ab/0x3b0 [ 1181.042525] ? __pfx_shmem_write_begin+0x10/0x10 [ 1181.042543] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1181.042569] generic_perform_write+0x1d7/0x810 [ 1181.042590] ? __pfx_generic_perform_write+0x10/0x10 [ 1181.042607] ? file_update_time_flags+0x367/0x4f0 [ 1181.042629] shmem_file_write_iter+0x111/0x140 [ 1181.042648] vfs_write+0xbe9/0x1150 [ 1181.042661] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1181.042674] ? __fget_files+0x34/0x3b0 [ 1181.042687] ? __pfx_vfs_write+0x10/0x10 [ 1181.042709] __x64_sys_pwrite64+0x1f1/0x260 [ 1181.042733] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1181.042751] do_syscall_64+0xbf/0x420 [ 1181.042767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1181.042781] RIP: 0033:0x7f9f6fba4ab7 [ 1181.042791] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1181.042804] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1181.042816] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1181.042825] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1181.042833] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1181.042840] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1181.042848] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1181.042864] [ 1181.070625] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1181.071658] I/O error, dev sr0, sector 32 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1181.072982] Buffer I/O error on dev sr0, logical block 32, lost async page write [ 1181.073480] loop4: detected capacity change from 0 to 5 [ 1181.087762] FAULT_INJECTION: forcing a failure. [ 1181.087762] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1181.089509] CPU: 0 UID: 0 PID: 9644 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1181.089542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1181.089557] Call Trace: [ 1181.089565] [ 1181.089575] dump_stack_lvl+0xfa/0x120 [ 1181.089608] should_fail_ex+0x4d7/0x5e0 [ 1181.089648] ? page_copy_sane+0xce/0x2b0 [ 1181.089686] copy_folio_from_iter_atomic+0x383/0x1820 [ 1181.089735] ? fault_in_readable+0x12a/0x1d0 [ 1181.089769] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1181.089809] ? shmem_write_begin+0x1ab/0x3b0 [ 1181.089842] ? __pfx_shmem_write_begin+0x10/0x10 [ 1181.089875] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1181.089920] generic_perform_write+0x1d7/0x810 [ 1181.089957] ? __pfx_generic_perform_write+0x10/0x10 [ 1181.089989] ? file_update_time_flags+0x367/0x4f0 [ 1181.090024] shmem_file_write_iter+0x111/0x140 [ 1181.090061] vfs_write+0xbe9/0x1150 [ 1181.090084] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1181.090109] ? __fget_files+0x34/0x3b0 [ 1181.090133] ? __pfx_vfs_write+0x10/0x10 [ 1181.090186] __x64_sys_pwrite64+0x1f1/0x260 [ 1181.090224] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1181.090259] do_syscall_64+0xbf/0x420 [ 1181.090288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1181.090312] RIP: 0033:0x7f32b3526ab7 [ 1181.090330] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1181.090351] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1181.090373] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1181.090389] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1181.090404] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1181.090418] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1181.090432] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1181.090460] [ 1181.090787] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:32:20 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1181.241180] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1181.241724] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1181.245078] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1181.304271] loop6: detected capacity change from 0 to 32640 [ 1181.339692] loop7: detected capacity change from 0 to 32640 21:32:29 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 96) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:29 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x80000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:32:29 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 56) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:29 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x400000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:32:29 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x2, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:29 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 89) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:29 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:29 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x10000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1190.423920] FAULT_INJECTION: forcing a failure. [ 1190.423920] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1190.430159] CPU: 0 UID: 0 PID: 9667 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1190.430193] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1190.430206] Call Trace: [ 1190.430214] [ 1190.430223] dump_stack_lvl+0xfa/0x120 [ 1190.430255] should_fail_ex+0x4d7/0x5e0 [ 1190.430294] ? page_copy_sane+0xce/0x2b0 [ 1190.430331] copy_folio_from_iter_atomic+0x383/0x1820 [ 1190.430388] ? fault_in_readable+0x12a/0x1d0 [ 1190.430421] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1190.430461] ? shmem_write_begin+0x1ab/0x3b0 [ 1190.430493] ? __pfx_shmem_write_begin+0x10/0x10 [ 1190.430525] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1190.430571] generic_perform_write+0x1d7/0x810 [ 1190.430608] ? __pfx_generic_perform_write+0x10/0x10 [ 1190.430640] ? file_update_time_flags+0x367/0x4f0 [ 1190.430675] shmem_file_write_iter+0x111/0x140 [ 1190.430703] vfs_write+0xbe9/0x1150 [ 1190.430725] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1190.430750] ? __fget_files+0x34/0x3b0 [ 1190.430774] ? __pfx_vfs_write+0x10/0x10 [ 1190.430814] __x64_sys_pwrite64+0x1f1/0x260 [ 1190.430859] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1190.430892] do_syscall_64+0xbf/0x420 [ 1190.430919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1190.430943] RIP: 0033:0x7f32b3526ab7 [ 1190.430962] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1190.430984] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1190.431006] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1190.431022] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1190.431036] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1190.431050] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1190.431064] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1190.431092] [ 1190.447015] FAULT_INJECTION: forcing a failure. [ 1190.447015] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1190.458576] loop4: detected capacity change from 0 to 5 [ 1190.460684] CPU: 1 UID: 0 PID: 9670 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1190.460725] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1190.460738] Call Trace: [ 1190.460746] [ 1190.460754] dump_stack_lvl+0xfa/0x120 [ 1190.460782] should_fail_ex+0x4d7/0x5e0 [ 1190.460824] should_fail_alloc_page+0xe0/0x110 [ 1190.460852] prepare_alloc_pages+0x1eb/0x550 [ 1190.460877] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1190.460921] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1190.460956] ? pte_offset_map_lock+0x190/0x330 [ 1190.460984] ? find_held_lock+0x2b/0x80 [ 1190.461010] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1190.461052] ? lock_is_held_type+0x9e/0x120 [ 1190.461076] ? lock_is_held_type+0x9e/0x120 [ 1190.461095] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1190.461133] ? policy_nodemask+0xeb/0x4e0 [ 1190.461170] alloc_pages_mpol+0xed/0x340 [ 1190.461202] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1190.461233] ? filemap_get_entry+0x1bb/0x3b0 [ 1190.461266] ? __pfx_filemap_get_entry+0x10/0x10 [ 1190.461305] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1190.461344] shmem_alloc_folio+0x11b/0x140 [ 1190.461371] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1190.461413] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1190.461452] ? fault_in_readable+0x12a/0x1d0 [ 1190.461485] shmem_write_begin+0x194/0x3b0 [ 1190.461518] ? __pfx_shmem_write_begin+0x10/0x10 [ 1190.461550] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1190.461595] generic_perform_write+0x391/0x810 [ 1190.461631] ? __pfx_generic_perform_write+0x10/0x10 [ 1190.461663] ? file_update_time_flags+0x367/0x4f0 [ 1190.461698] shmem_file_write_iter+0x111/0x140 [ 1190.461724] vfs_write+0xbe9/0x1150 [ 1190.461747] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1190.461772] ? __fget_files+0x34/0x3b0 [ 1190.461795] ? __pfx_vfs_write+0x10/0x10 [ 1190.461836] __x64_sys_pwrite64+0x1f1/0x260 [ 1190.461861] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1190.461894] do_syscall_64+0xbf/0x420 [ 1190.461924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1190.461948] RIP: 0033:0x7f9f6fba4ab7 [ 1190.461966] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1190.461988] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1190.462010] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1190.462026] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1190.462040] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1190.462054] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1190.462068] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1190.462097] [ 1190.507947] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1190.515506] loop7: detected capacity change from 0 to 216 [ 1190.533158] EXT4-fs (loop7): VFS: Can't find ext4 filesystem 21:32:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 90) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:30 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 97) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1190.623291] loop4: detected capacity change from 0 to 5 [ 1190.627994] FAULT_INJECTION: forcing a failure. [ 1190.627994] name failslab, interval 1, probability 0, space 0, times 0 [ 1190.629769] CPU: 1 UID: 0 PID: 9686 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1190.629802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1190.629817] Call Trace: [ 1190.629826] [ 1190.629835] dump_stack_lvl+0xfa/0x120 [ 1190.629869] should_fail_ex+0x4d7/0x5e0 [ 1190.629916] ? do_getname+0x2b/0x3d0 [ 1190.629947] should_failslab+0xc2/0x120 [ 1190.629975] kmem_cache_alloc_noprof+0x80/0x760 [ 1190.630021] ? do_getname+0x2b/0x3d0 [ 1190.630059] do_getname+0x2b/0x3d0 [ 1190.630093] user_path_at+0x29/0x90 [ 1190.630117] __x64_sys_mount+0x1fb/0x310 [ 1190.630149] ? __pfx___x64_sys_mount+0x10/0x10 [ 1190.630178] ? irqentry_exit+0xee/0x650 [ 1190.630201] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1190.630242] do_syscall_64+0xbf/0x420 [ 1190.630271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1190.630297] RIP: 0033:0x7f1fa08c604a [ 1190.630316] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1190.630340] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1190.630364] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c604a [ 1190.630380] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f1f9de3a000 [ 1190.630396] RBP: 00007f1f9de3a040 R08: 00007f1f9de3a040 R09: 0000000020000000 [ 1190.630411] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 1190.630426] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1190.630456] [ 1190.650012] FAULT_INJECTION: forcing a failure. [ 1190.650012] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1190.652834] CPU: 0 UID: 0 PID: 9688 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1190.652871] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1190.652884] Call Trace: [ 1190.652892] [ 1190.652900] dump_stack_lvl+0xfa/0x120 [ 1190.652927] should_fail_ex+0x4d7/0x5e0 [ 1190.652964] ? page_copy_sane+0xce/0x2b0 [ 1190.653002] copy_folio_from_iter_atomic+0x383/0x1820 [ 1190.653057] ? fault_in_readable+0x12a/0x1d0 [ 1190.653092] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1190.653131] ? shmem_write_begin+0x1ab/0x3b0 [ 1190.653165] ? __pfx_shmem_write_begin+0x10/0x10 [ 1190.653197] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1190.653243] generic_perform_write+0x1d7/0x810 [ 1190.653281] ? __pfx_generic_perform_write+0x10/0x10 [ 1190.653314] ? file_update_time_flags+0x367/0x4f0 [ 1190.653349] shmem_file_write_iter+0x111/0x140 [ 1190.653376] vfs_write+0xbe9/0x1150 [ 1190.653398] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1190.653424] ? __fget_files+0x34/0x3b0 [ 1190.653447] ? __pfx_vfs_write+0x10/0x10 [ 1190.653489] __x64_sys_pwrite64+0x1f1/0x260 [ 1190.653513] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1190.653547] do_syscall_64+0xbf/0x420 [ 1190.653574] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1190.653596] RIP: 0033:0x7f9f6fba4ab7 [ 1190.653614] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1190.653636] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1190.653659] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1190.653674] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1190.653688] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1190.653703] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1190.653716] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1190.653745] [ 1190.681218] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1190.683477] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1190.684873] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1190.885401] loop6: detected capacity change from 0 to 32640 [ 1190.982262] loop7: detected capacity change from 0 to 32640 21:32:40 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 98) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:40 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 57) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:40 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x20000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:40 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x3, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:40 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x1000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:32:40 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:40 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x500000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:32:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 91) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1200.719678] FAULT_INJECTION: forcing a failure. [ 1200.719678] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1200.720704] CPU: 0 UID: 0 PID: 9706 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1200.720721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1200.720730] Call Trace: [ 1200.720735] [ 1200.720740] dump_stack_lvl+0xfa/0x120 [ 1200.720762] should_fail_ex+0x4d7/0x5e0 [ 1200.720787] ? page_copy_sane+0xce/0x2b0 [ 1200.720810] copy_folio_from_iter_atomic+0x383/0x1820 [ 1200.720839] ? fault_in_readable+0x12a/0x1d0 [ 1200.720859] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1200.720883] ? shmem_write_begin+0x1ab/0x3b0 [ 1200.720903] ? __pfx_shmem_write_begin+0x10/0x10 [ 1200.720922] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1200.720949] generic_perform_write+0x1d7/0x810 [ 1200.720971] ? __pfx_generic_perform_write+0x10/0x10 [ 1200.720990] ? file_update_time_flags+0x367/0x4f0 [ 1200.721012] shmem_file_write_iter+0x111/0x140 [ 1200.721033] vfs_write+0xbe9/0x1150 [ 1200.721046] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1200.721061] ? __fget_files+0x34/0x3b0 [ 1200.721075] ? __pfx_vfs_write+0x10/0x10 [ 1200.721099] __x64_sys_pwrite64+0x1f1/0x260 [ 1200.721113] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1200.721132] do_syscall_64+0xbf/0x420 [ 1200.721150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1200.721165] RIP: 0033:0x7f9f6fba4ab7 [ 1200.721175] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1200.721189] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1200.721202] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1200.721211] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1200.721220] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1200.721228] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1200.721236] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1200.721252] [ 1200.750945] loop4: detected capacity change from 0 to 5 [ 1200.761717] FAULT_INJECTION: forcing a failure. [ 1200.761717] name failslab, interval 1, probability 0, space 0, times 0 [ 1200.762618] CPU: 0 UID: 0 PID: 9711 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1200.762635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1200.762643] Call Trace: [ 1200.762648] [ 1200.762653] dump_stack_lvl+0xfa/0x120 [ 1200.762673] should_fail_ex+0x4d7/0x5e0 [ 1200.762699] ? alloc_fs_context+0x57/0xb10 [ 1200.762713] should_failslab+0xc2/0x120 [ 1200.762729] __kmalloc_cache_noprof+0x80/0x780 [ 1200.762749] ? __get_fs_type+0xe6/0x160 [ 1200.762770] ? alloc_fs_context+0x57/0xb10 [ 1200.762784] alloc_fs_context+0x57/0xb10 [ 1200.762801] path_mount+0xd8d/0x2140 [ 1200.762818] ? kasan_quarantine_put+0x84/0x1e0 [ 1200.762837] ? __pfx_path_mount+0x10/0x10 [ 1200.762853] ? kmem_cache_free+0x2cd/0x660 [ 1200.762873] ? putname.part.0+0x85/0xe0 [ 1200.762891] ? strncpy_from_user+0x1b0/0x2f0 [ 1200.762912] ? putname.part.0+0x85/0xe0 [ 1200.762927] ? putname.part.0+0x85/0xe0 [ 1200.762952] __x64_sys_mount+0x293/0x310 [ 1200.762969] ? __pfx___x64_sys_mount+0x10/0x10 [ 1200.762984] ? irqentry_exit+0xee/0x650 [ 1200.762997] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1200.763020] do_syscall_64+0xbf/0x420 [ 1200.763036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1200.763050] RIP: 0033:0x7f1fa08c604a [ 1200.763060] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1200.763074] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1200.763087] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c604a [ 1200.763096] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f1f9de3a000 [ 1200.763105] RBP: 00007f1f9de3a040 R08: 00007f1f9de3a040 R09: 0000000020000000 [ 1200.763113] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 1200.763122] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1200.763138] [ 1200.782619] FAULT_INJECTION: forcing a failure. [ 1200.782619] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1200.790379] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1200.791407] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1200.794181] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1200.797287] CPU: 1 UID: 0 PID: 9716 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1200.797324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1200.797338] Call Trace: [ 1200.797346] [ 1200.797356] dump_stack_lvl+0xfa/0x120 [ 1200.797387] should_fail_ex+0x4d7/0x5e0 [ 1200.797433] should_fail_alloc_page+0xe0/0x110 [ 1200.797463] prepare_alloc_pages+0x1eb/0x550 [ 1200.797490] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1200.797533] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1200.797571] ? pte_offset_map_lock+0x190/0x330 [ 1200.797601] ? find_held_lock+0x2b/0x80 [ 1200.797629] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1200.797674] ? lock_is_held_type+0x9e/0x120 [ 1200.797700] ? lock_is_held_type+0x9e/0x120 [ 1200.797721] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1200.797762] ? policy_nodemask+0xeb/0x4e0 [ 1200.797809] alloc_pages_mpol+0xed/0x340 [ 1200.797845] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1200.797879] ? filemap_get_entry+0x1bb/0x3b0 [ 1200.797915] ? __pfx_filemap_get_entry+0x10/0x10 [ 1200.797956] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1200.797999] shmem_alloc_folio+0x11b/0x140 [ 1200.798029] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1200.798075] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1200.798116] ? fault_in_readable+0x12a/0x1d0 [ 1200.798152] shmem_write_begin+0x194/0x3b0 [ 1200.798188] ? __pfx_shmem_write_begin+0x10/0x10 [ 1200.798222] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1200.798270] generic_perform_write+0x391/0x810 [ 1200.798309] ? __pfx_generic_perform_write+0x10/0x10 [ 1200.798344] ? file_update_time_flags+0x367/0x4f0 [ 1200.798382] shmem_file_write_iter+0x111/0x140 [ 1200.798410] vfs_write+0xbe9/0x1150 [ 1200.798434] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1200.798461] ? __fget_files+0x34/0x3b0 [ 1200.798486] ? __pfx_vfs_write+0x10/0x10 21:32:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 92) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1200.798530] __x64_sys_pwrite64+0x1f1/0x260 [ 1200.798556] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1200.798591] do_syscall_64+0xbf/0x420 [ 1200.798621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1200.798646] RIP: 0033:0x7f32b3526ab7 [ 1200.798665] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1200.798689] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1200.798713] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1200.798730] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1200.798745] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1200.798761] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1200.798775] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1200.798806] [ 1200.844152] loop6: detected capacity change from 0 to 112 [ 1200.848844] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 1200.887716] loop4: detected capacity change from 0 to 5 [ 1200.891504] FAULT_INJECTION: forcing a failure. [ 1200.891504] name fail_usercopy, interval 1, probability 0, space 0, times 0 21:32:40 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 58) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1200.893451] CPU: 1 UID: 0 PID: 9722 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1200.893484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1200.893498] Call Trace: [ 1200.893506] [ 1200.893516] dump_stack_lvl+0xfa/0x120 [ 1200.893550] should_fail_ex+0x4d7/0x5e0 [ 1200.893600] strncpy_from_user+0x3b/0x2f0 [ 1200.893640] do_getname+0x70/0x3d0 [ 1200.893677] user_path_at+0x29/0x90 [ 1200.893701] __x64_sys_mount+0x1fb/0x310 [ 1200.893735] ? __pfx___x64_sys_mount+0x10/0x10 [ 1200.893764] ? irqentry_exit+0xee/0x650 [ 1200.893788] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1200.893830] do_syscall_64+0xbf/0x420 [ 1200.893860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1200.893886] RIP: 0033:0x7f1fa08c604a [ 1200.893906] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1200.893931] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1200.893955] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c604a [ 1200.893972] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f1f9de3a000 [ 1200.893988] RBP: 00007f1f9de3a040 R08: 00007f1f9de3a040 R09: 0000000020000000 [ 1200.894005] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 1200.894021] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1200.894061] 21:32:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 93) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1200.978709] FAULT_INJECTION: forcing a failure. [ 1200.978709] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1200.980695] CPU: 0 UID: 0 PID: 9724 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1200.980731] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1200.980747] Call Trace: [ 1200.980756] [ 1200.980767] dump_stack_lvl+0xfa/0x120 [ 1200.980804] should_fail_ex+0x4d7/0x5e0 [ 1200.980848] ? page_copy_sane+0xce/0x2b0 [ 1200.980888] copy_folio_from_iter_atomic+0x383/0x1820 [ 1200.980941] ? fault_in_readable+0x12a/0x1d0 [ 1200.980976] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1200.981019] ? shmem_write_begin+0x1ab/0x3b0 [ 1200.981062] ? __pfx_shmem_write_begin+0x10/0x10 [ 1200.981097] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1200.981146] generic_perform_write+0x1d7/0x810 [ 1200.981185] ? __pfx_generic_perform_write+0x10/0x10 [ 1200.981219] ? file_update_time_flags+0x367/0x4f0 [ 1200.981256] shmem_file_write_iter+0x111/0x140 [ 1200.981284] vfs_write+0xbe9/0x1150 [ 1200.981309] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1200.981335] ? __fget_files+0x34/0x3b0 [ 1200.981361] ? __pfx_vfs_write+0x10/0x10 [ 1200.981403] __x64_sys_pwrite64+0x1f1/0x260 [ 1200.981430] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1200.981464] do_syscall_64+0xbf/0x420 [ 1200.981494] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1200.981519] RIP: 0033:0x7f32b3526ab7 [ 1200.981538] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1200.981562] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1200.981586] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1200.981603] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1200.981618] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1200.981633] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1200.981647] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1200.981677] 21:32:40 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x600000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1201.058808] loop4: detected capacity change from 0 to 5 [ 1201.082238] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1201.083435] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1201.083919] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1201.086127] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:32:40 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:40 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x2000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:32:40 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3f000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:40 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x6000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1201.187454] loop7: detected capacity change from 0 to 32640 [ 1201.221936] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1201.222817] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1201.224224] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1201.322200] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1201.323099] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1201.324572] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1201.356879] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1201.357946] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1201.359294] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:32:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 94) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:40 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 99) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:40 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x800000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1201.408303] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1201.409222] I/O error, dev sr0, sector 65536 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1201.459913] loop4: detected capacity change from 0 to 5 [ 1201.478581] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1201.496298] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1201.496663] loop6: detected capacity change from 0 to 32640 [ 1201.501182] FAULT_INJECTION: forcing a failure. [ 1201.501182] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1201.510290] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1201.513100] CPU: 1 UID: 0 PID: 9753 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1201.513143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1201.513158] Call Trace: [ 1201.513167] [ 1201.513177] dump_stack_lvl+0xfa/0x120 [ 1201.513212] should_fail_ex+0x4d7/0x5e0 [ 1201.513261] should_fail_alloc_page+0xe0/0x110 [ 1201.513293] prepare_alloc_pages+0x1eb/0x550 [ 1201.513322] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1201.513365] __alloc_frozen_pages_noprof+0x185/0x2070 [ 1201.513404] ? pte_offset_map_lock+0x190/0x330 [ 1201.513434] ? find_held_lock+0x2b/0x80 [ 1201.513464] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1201.513509] ? lock_is_held_type+0x9e/0x120 [ 1201.513536] ? lock_is_held_type+0x9e/0x120 [ 1201.513557] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1201.513600] ? policy_nodemask+0xeb/0x4e0 [ 1201.513641] alloc_pages_mpol+0xed/0x340 [ 1201.513677] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1201.513712] ? filemap_get_entry+0x1bb/0x3b0 [ 1201.513749] ? __pfx_filemap_get_entry+0x10/0x10 [ 1201.513792] folio_alloc_mpol_noprof+0x38/0x2a0 [ 1201.513836] shmem_alloc_folio+0x11b/0x140 [ 1201.513866] shmem_get_folio_gfp.constprop.0+0x4ea/0x13b0 [ 1201.513912] ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10 [ 1201.513955] ? fault_in_readable+0x12a/0x1d0 [ 1201.513994] shmem_write_begin+0x194/0x3b0 [ 1201.514030] ? __pfx_shmem_write_begin+0x10/0x10 [ 1201.514065] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1201.514114] generic_perform_write+0x391/0x810 [ 1201.514153] ? __pfx_generic_perform_write+0x10/0x10 [ 1201.514189] ? file_update_time_flags+0x367/0x4f0 [ 1201.514227] shmem_file_write_iter+0x111/0x140 [ 1201.514256] vfs_write+0xbe9/0x1150 [ 1201.514283] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1201.514310] ? __fget_files+0x34/0x3b0 [ 1201.514337] ? __pfx_vfs_write+0x10/0x10 [ 1201.514381] __x64_sys_pwrite64+0x1f1/0x260 [ 1201.514408] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1201.514446] do_syscall_64+0xbf/0x420 [ 1201.514476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1201.514503] RIP: 0033:0x7f9f6fba4ab7 [ 1201.514523] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1201.514549] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1201.514574] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1201.514590] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1201.514606] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1201.514622] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1201.514637] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1201.514667] [ 1201.515334] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1201.525604] loop7: detected capacity change from 0 to 224 [ 1201.532482] EXT4-fs (loop7): VFS: Can't find ext4 filesystem 21:32:50 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x810000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:32:50 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 59) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:50 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x2, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:50 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x3000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:32:50 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3ffffe00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:50 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 95) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:50 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 100) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1211.147603] FAULT_INJECTION: forcing a failure. [ 1211.147603] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1211.151362] FAULT_INJECTION: forcing a failure. [ 1211.151362] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1211.153140] CPU: 1 UID: 0 PID: 9769 Comm: syz-executor.6 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1211.153172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1211.153187] Call Trace: [ 1211.153196] [ 1211.153205] dump_stack_lvl+0xfa/0x120 [ 1211.153238] should_fail_ex+0x4d7/0x5e0 [ 1211.153280] ? page_copy_sane+0xce/0x2b0 [ 1211.153319] copy_folio_from_iter_atomic+0x383/0x1820 [ 1211.153372] ? fault_in_readable+0x12a/0x1d0 [ 1211.153407] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1211.153450] ? shmem_write_begin+0x1ab/0x3b0 [ 1211.153485] ? __pfx_shmem_write_begin+0x10/0x10 [ 1211.153520] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1211.153568] generic_perform_write+0x1d7/0x810 [ 1211.153607] ? __pfx_generic_perform_write+0x10/0x10 [ 1211.153641] ? file_update_time_flags+0x367/0x4f0 [ 1211.153679] shmem_file_write_iter+0x111/0x140 [ 1211.153708] vfs_write+0xbe9/0x1150 [ 1211.153732] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1211.153759] ? __fget_files+0x34/0x3b0 [ 1211.153784] ? __pfx_vfs_write+0x10/0x10 [ 1211.153827] __x64_sys_pwrite64+0x1f1/0x260 [ 1211.153854] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1211.153889] do_syscall_64+0xbf/0x420 [ 1211.153918] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1211.153944] RIP: 0033:0x7f32b3526ab7 [ 1211.153963] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1211.153989] RSP: 002b:00007f32b0ae8f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1211.154017] RAX: ffffffffffffffda RBX: 00007f32b35bd970 RCX: 00007f32b3526ab7 [ 1211.154042] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1211.154058] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1211.154073] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1211.154088] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1211.154118] [ 1211.185113] CPU: 1 UID: 0 PID: 9770 Comm: syz-executor.7 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1211.185151] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1211.185165] Call Trace: [ 1211.185173] [ 1211.185182] dump_stack_lvl+0xfa/0x120 [ 1211.185211] should_fail_ex+0x4d7/0x5e0 [ 1211.185251] ? page_copy_sane+0xce/0x2b0 [ 1211.185290] copy_folio_from_iter_atomic+0x383/0x1820 [ 1211.185342] ? fault_in_readable+0x12a/0x1d0 [ 1211.185377] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1211.185420] ? shmem_write_begin+0x1ab/0x3b0 [ 1211.185454] ? __pfx_shmem_write_begin+0x10/0x10 [ 1211.185489] ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190 [ 1211.185543] generic_perform_write+0x1d7/0x810 [ 1211.185582] ? __pfx_generic_perform_write+0x10/0x10 [ 1211.185617] ? file_update_time_flags+0x367/0x4f0 [ 1211.185654] shmem_file_write_iter+0x111/0x140 [ 1211.185682] vfs_write+0xbe9/0x1150 [ 1211.185706] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1211.185733] ? __fget_files+0x34/0x3b0 [ 1211.185757] ? __pfx_vfs_write+0x10/0x10 [ 1211.185801] __x64_sys_pwrite64+0x1f1/0x260 [ 1211.185827] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1211.185862] do_syscall_64+0xbf/0x420 [ 1211.185891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1211.185915] RIP: 0033:0x7f9f6fba4ab7 [ 1211.185934] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1211.185958] RSP: 002b:00007f9f6d166f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1211.185981] RAX: ffffffffffffffda RBX: 00007f9f6fc3b970 RCX: 00007f9f6fba4ab7 [ 1211.185997] RDX: 0000000008100000 RSI: 0000000020010000 RDI: 0000000000000004 [ 1211.186013] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1211.186028] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 1211.186049] R13: 0000000000000004 R14: 0000000020000040 R15: 0000000000000000 [ 1211.186079] [ 1211.203743] loop4: detected capacity change from 0 to 5 [ 1211.223127] FAULT_INJECTION: forcing a failure. [ 1211.223127] name failslab, interval 1, probability 0, space 0, times 0 [ 1211.226417] CPU: 0 UID: 0 PID: 9775 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1211.226450] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1211.226465] Call Trace: [ 1211.226473] [ 1211.226482] dump_stack_lvl+0xfa/0x120 [ 1211.226516] should_fail_ex+0x4d7/0x5e0 [ 1211.226562] should_failslab+0xc2/0x120 [ 1211.226589] __kmalloc_node_track_caller_noprof+0xd7/0x890 [ 1211.226630] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1211.226662] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 1211.226699] ? vfs_parse_fs_qstr+0x112/0x1c0 [ 1211.226723] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 1211.226763] ? kmemdup_nul+0x3b/0xa0 [ 1211.226794] kmemdup_nul+0x3b/0xa0 [ 1211.226828] vfs_parse_fs_qstr+0x112/0x1c0 [ 1211.226853] ? __pfx_vfs_parse_fs_qstr+0x10/0x10 [ 1211.226875] ? kasan_save_track+0x14/0x30 [ 1211.226902] ? __kasan_kmalloc+0x7f/0x90 [ 1211.226932] ? alloc_fs_context+0x5bd/0xb10 [ 1211.226961] path_mount+0x6b1/0x2140 [ 1211.226991] ? kasan_quarantine_put+0x84/0x1e0 [ 1211.227018] ? __pfx_path_mount+0x10/0x10 [ 1211.227067] ? kmem_cache_free+0x2cd/0x660 [ 1211.227110] ? putname.part.0+0x85/0xe0 [ 1211.227151] ? putname.part.0+0x85/0xe0 [ 1211.227206] __x64_sys_mount+0x293/0x310 [ 1211.227256] ? __pfx___x64_sys_mount+0x10/0x10 [ 1211.227305] ? irqentry_exit+0xee/0x650 [ 1211.227344] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1211.227408] do_syscall_64+0xbf/0x420 [ 1211.227456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1211.227501] RIP: 0033:0x7f1fa08c604a [ 1211.227530] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1211.227572] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1211.227608] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c604a [ 1211.227634] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f1f9de3a000 [ 1211.227660] RBP: 00007f1f9de3a040 R08: 00007f1f9de3a040 R09: 0000000020000000 [ 1211.227686] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 1211.227712] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1211.227759] [ 1211.343837] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1211.344846] I/O error, dev sr0, sector 98304 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 21:32:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 96) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1211.435907] loop4: detected capacity change from 0 to 5 [ 1211.463189] loop7: detected capacity change from 0 to 32640 21:32:51 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc00000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1211.471721] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:32:51 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x4000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:32:51 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x3, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:51 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x40000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:51 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xa000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:32:51 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 97) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:32:51 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1211.678916] loop4: detected capacity change from 0 to 5 [ 1211.679208] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1211.681106] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1211.682949] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1211.684815] FAULT_INJECTION: forcing a failure. [ 1211.684815] name failslab, interval 1, probability 0, space 0, times 0 [ 1211.686465] CPU: 0 UID: 0 PID: 9808 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1211.686497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1211.686513] Call Trace: [ 1211.686522] [ 1211.686531] dump_stack_lvl+0xfa/0x120 [ 1211.686565] should_fail_ex+0x4d7/0x5e0 [ 1211.686612] ? alloc_super+0x53/0xba0 [ 1211.686650] should_failslab+0xc2/0x120 [ 1211.686685] __kmalloc_cache_noprof+0x80/0x780 [ 1211.686719] ? mntput_no_expire+0x21/0x220 [ 1211.686768] ? alloc_super+0x53/0xba0 [ 1211.686805] ? __pfx_super_s_dev_test+0x10/0x10 [ 1211.686838] alloc_super+0x53/0xba0 [ 1211.686875] ? lock_release+0xc8/0x270 [ 1211.686911] ? __pfx_super_s_dev_test+0x10/0x10 [ 1211.686944] sget_fc+0xfe/0xb80 [ 1211.686982] ? __pfx_super_s_dev_set+0x10/0x10 [ 1211.687019] get_tree_bdev_flags+0x1b8/0x620 [ 1211.687081] ? __pfx_ext4_fill_super+0x10/0x10 [ 1211.687124] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 1211.687165] ? cap_capable+0xdb/0x380 [ 1211.687208] ? security_capable+0x2f/0x90 [ 1211.687247] vfs_get_tree+0x93/0x340 [ 1211.687282] path_mount+0x726/0x2140 [ 1211.687313] ? kasan_quarantine_put+0x84/0x1e0 [ 1211.687341] ? __pfx_path_mount+0x10/0x10 [ 1211.687380] ? putname.part.0+0x85/0xe0 [ 1211.687409] ? putname.part.0+0x85/0xe0 [ 1211.687443] __x64_sys_mount+0x293/0x310 [ 1211.687474] ? __pfx___x64_sys_mount+0x10/0x10 [ 1211.687503] ? irqentry_exit+0xee/0x650 [ 1211.687526] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1211.687565] do_syscall_64+0xbf/0x420 [ 1211.687595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1211.687621] RIP: 0033:0x7f1fa08c604a [ 1211.687640] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1211.687663] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1211.687687] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c604a [ 1211.687703] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f1f9de3a000 [ 1211.687719] RBP: 00007f1f9de3a040 R08: 00007f1f9de3a040 R09: 0000000020000000 [ 1211.687734] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 1211.687756] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1211.687804] 21:32:51 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 98) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1211.832727] loop6: detected capacity change from 0 to 32640 [ 1211.872973] loop4: detected capacity change from 0 to 5 [ 1211.875399] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1211.876296] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1211.882371] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1211.887110] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1212.123174] loop7: detected capacity change from 0 to 32640 21:33:01 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1000000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:33:01 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x4, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:01 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 99) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:01 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x2, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:01 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:01 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8c070000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:01 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x8100000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:33:01 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1221.785676] loop4: detected capacity change from 0 to 5 [ 1221.804862] FAULT_INJECTION: forcing a failure. [ 1221.804862] name failslab, interval 1, probability 0, space 0, times 0 [ 1221.823129] CPU: 1 UID: 0 PID: 9836 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1221.823181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1221.823197] Call Trace: [ 1221.823206] [ 1221.823221] dump_stack_lvl+0xfa/0x120 [ 1221.823257] should_fail_ex+0x4d7/0x5e0 [ 1221.823306] should_failslab+0xc2/0x120 [ 1221.823335] __kmalloc_node_track_caller_noprof+0xd7/0x890 [ 1221.823384] ? vfs_parse_fs_qstr+0x112/0x1c0 [ 1221.823417] ? kmemdup_nul+0x3b/0xa0 [ 1221.823452] kmemdup_nul+0x3b/0xa0 [ 1221.823488] vfs_parse_fs_qstr+0x112/0x1c0 [ 1221.823513] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1221.823549] ? __pfx_vfs_parse_fs_qstr+0x10/0x10 [ 1221.823589] ? __pfx_vfs_parse_comma_sep+0x10/0x10 [ 1221.823615] vfs_parse_monolithic_sep+0x198/0x220 [ 1221.823646] ? __pfx_vfs_parse_monolithic_sep+0x10/0x10 [ 1221.823676] ? alloc_fs_context+0x5bd/0xb10 [ 1221.823708] path_mount+0x6d6/0x2140 [ 1221.823734] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1221.823741] ? kasan_quarantine_put+0x84/0x1e0 [ 1221.823772] ? __pfx_path_mount+0x10/0x10 [ 1221.823803] ? kmem_cache_free+0x2cd/0x660 [ 1221.823851] ? putname.part.0+0x85/0xe0 [ 1221.823882] ? putname.part.0+0x85/0xe0 [ 1221.823918] __x64_sys_mount+0x293/0x310 [ 1221.823950] ? __pfx___x64_sys_mount+0x10/0x10 [ 1221.823980] ? irqentry_exit+0xee/0x650 [ 1221.824004] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1221.824052] do_syscall_64+0xbf/0x420 [ 1221.824083] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1221.824110] RIP: 0033:0x7f1fa08c604a [ 1221.824130] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1221.824156] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1221.824181] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c604a [ 1221.824197] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f1f9de3a000 [ 1221.824213] RBP: 00007f1f9de3a040 R08: 00007f1f9de3a040 R09: 0000000020000000 [ 1221.824230] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 1221.824245] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1221.824277] [ 1221.845669] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1221.846495] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1221.876235] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1221.877292] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1221.878990] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1221.880567] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1221.881625] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1221.882444] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:33:01 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) (fail_nth: 100) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1221.953986] loop4: detected capacity change from 0 to 5 [ 1221.955369] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1221.956422] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1221.958254] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1221.974244] FAULT_INJECTION: forcing a failure. [ 1221.974244] name failslab, interval 1, probability 0, space 0, times 0 [ 1221.979094] CPU: 0 UID: 0 PID: 9856 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1221.979114] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1221.979122] Call Trace: [ 1221.979128] [ 1221.979133] dump_stack_lvl+0xfa/0x120 [ 1221.979155] should_fail_ex+0x4d7/0x5e0 [ 1221.979188] ? do_getname_kernel+0x54/0x250 [ 1221.979204] should_failslab+0xc2/0x120 [ 1221.979220] kmem_cache_alloc_noprof+0x80/0x760 [ 1221.979240] ? avc_has_perm_noaudit+0x59/0x3d0 [ 1221.979256] ? find_held_lock+0x2b/0x80 [ 1221.979271] ? do_getname_kernel+0x54/0x250 [ 1221.979284] do_getname_kernel+0x54/0x250 [ 1221.979301] kern_path+0x21/0x80 [ 1221.979312] lookup_bdev+0xc6/0x270 [ 1221.979329] ? __pfx_lookup_bdev+0x10/0x10 [ 1221.979345] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 1221.979370] get_tree_bdev_flags+0xb8/0x620 [ 1221.979391] ? __pfx_ext4_fill_super+0x10/0x10 [ 1221.979413] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 1221.979433] ? cap_capable+0xdb/0x380 [ 1221.979455] ? security_capable+0x2f/0x90 [ 1221.979476] vfs_get_tree+0x93/0x340 [ 1221.979494] path_mount+0x726/0x2140 [ 1221.979511] ? kasan_quarantine_put+0x84/0x1e0 [ 1221.979525] ? __pfx_path_mount+0x10/0x10 [ 1221.979546] ? putname.part.0+0x85/0xe0 [ 1221.979560] ? putname.part.0+0x85/0xe0 [ 1221.979577] __x64_sys_mount+0x293/0x310 [ 1221.979593] ? __pfx___x64_sys_mount+0x10/0x10 [ 1221.979608] ? irqentry_exit+0xee/0x650 [ 1221.979620] ? lockdep_hardirqs_on_prepare+0xdb/0x190 [ 1221.979640] do_syscall_64+0xbf/0x420 [ 1221.979656] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1221.979669] RIP: 0033:0x7f1fa08c604a [ 1221.979680] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1221.979693] RSP: 002b:00007f1f9de39fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1221.979706] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007f1fa08c604a [ 1221.979715] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f1f9de3a000 [ 1221.979723] RBP: 00007f1f9de3a040 R08: 00007f1f9de3a040 R09: 0000000020000000 [ 1221.979731] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 1221.979739] R13: 0000000020000100 R14: 00007f1f9de3a000 R15: 0000000020013c00 [ 1221.979754] [ 1221.979760] /dev/loop4: Can't lookup blockdev [ 1222.046783] loop7: detected capacity change from 0 to 32640 21:33:01 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x8, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:01 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2000000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:33:01 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:01 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8d070000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1222.147737] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1222.148662] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1222.150088] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1222.150292] loop4: detected capacity change from 0 to 5 [ 1222.151898] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1222.152431] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1222.155091] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:33:01 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xe000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:01 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x10000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 1222.176681] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1222.211090] loop6: detected capacity change from 0 to 32640 21:33:01 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x2, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1222.302217] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1222.302785] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1222.308703] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:33:01 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x10, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1222.328506] loop4: detected capacity change from 0 to 5 [ 1222.347629] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1222.361230] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1222.362659] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1222.364257] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1222.365685] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1222.366715] I/O error, dev sr0, sector 524288 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1222.368251] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1222.369138] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1222.370529] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1222.388205] loop4: detected capacity change from 0 to 5 [ 1222.389922] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1222.406123] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1222.406632] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:33:11 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x40000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:33:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3f00000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:33:11 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x300, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:11 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:11 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x2, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1232.082483] loop4: detected capacity change from 0 to 5 21:33:11 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x10000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:11 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x8e070000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:11 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1232.118274] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1232.143848] loop4: detected capacity change from 0 to 5 [ 1232.153095] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1232.177922] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.178830] blk_print_req_error: 1 callbacks suppressed [ 1232.178846] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1232.180975] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:33:11 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1232.214541] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.216405] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1232.217848] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1232.262319] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.263437] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1232.264883] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1232.300119] loop4: detected capacity change from 0 to 5 [ 1232.304275] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:33:11 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf4ffffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:11 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1232.455105] loop4: detected capacity change from 0 to 5 21:33:12 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x810, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1232.494514] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:33:12 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x4000000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:33:12 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfeff3f00000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1232.521167] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1232.521996] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1232.524306] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1232.547657] loop4: detected capacity change from 0 to 5 21:33:12 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x8000000000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 1232.563001] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:33:12 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x6, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:12 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x7, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1232.712895] loop7: detected capacity change from 0 to 32640 [ 1232.729472] loop6: detected capacity change from 0 to 32640 [ 1232.856974] loop4: detected capacity change from 0 to 5 [ 1232.886882] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:33:20 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x1008, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:20 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x100000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:20 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x100000000000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:33:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:20 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf4ffffff00000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:33:20 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf5000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1241.176949] loop4: detected capacity change from 0 to 5 [ 1241.191069] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1241.201647] loop4: detected capacity change from 0 to 5 [ 1241.208162] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1241.214249] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1241.215114] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1241.216442] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1241.217735] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1241.218595] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1241.221004] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1241.222359] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1241.223236] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1241.224632] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:33:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x9, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1241.305952] loop4: detected capacity change from 0 to 5 [ 1241.321824] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:33:20 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf5ffffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:20 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x200000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:20 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf500000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1241.369621] loop4: detected capacity change from 0 to 5 [ 1241.387184] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:33:21 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x200000000000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:33:21 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x4000, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1241.511889] loop6: detected capacity change from 0 to 32640 [ 1241.559610] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1241.560110] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1241.560818] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1241.589447] loop7: detected capacity change from 0 to 32640 [ 1241.694613] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1241.703569] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1241.705140] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1241.812799] loop6: detected capacity change from 0 to 32640 [ 1241.815656] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:33:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:30 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:30 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:30 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x300000000000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:33:30 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x300000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:30 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfbffffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:30 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf5ffffff00000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:33:30 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x2}]) [ 1250.551641] loop4: detected capacity change from 0 to 5 [ 1250.560260] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1250.567524] loop4: detected capacity change from 0 to 5 [ 1250.573154] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1250.592278] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1250.593350] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1250.594733] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:33:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xb, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1250.630846] loop4: detected capacity change from 0 to 5 [ 1250.636521] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:33:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1250.705087] loop4: detected capacity change from 0 to 5 [ 1250.718551] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1250.720201] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1250.721229] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1250.722714] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1250.724256] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1250.724712] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1250.725488] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:33:30 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x400000000000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:33:30 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfeff1f00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xd, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1250.842342] loop6: detected capacity change from 0 to 32640 [ 1250.848128] loop4: detected capacity change from 0 to 5 [ 1250.874079] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1250.906590] loop7: detected capacity change from 0 to 32640 21:33:30 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfbffffff00000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:33:30 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x400000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:30 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x3}]) [ 1250.971927] loop6: detected capacity change from 0 to 32640 [ 1250.976634] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 1251.026804] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1251.028154] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1251.029554] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1251.061197] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1251.062271] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1251.064165] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1251.082408] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1251.082908] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1251.083702] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1251.137137] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1251.137628] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1251.138734] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1251.148152] loop7: detected capacity change from 0 to 32640 [ 1251.149759] EXT4-fs (loop7): VFS: Can't find ext4 filesystem 21:33:39 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x2}]) 21:33:39 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x810000000000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:33:39 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x6, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:39 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:39 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x500000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:39 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfeff1f0000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:33:39 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xf, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:39 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffdffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1260.136465] loop4: detected capacity change from 0 to 5 [ 1260.144784] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1260.149633] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1260.150716] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1260.152191] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1260.161026] loop4: detected capacity change from 0 to 5 [ 1260.166658] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1260.167731] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1260.170633] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1260.172864] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1260.223853] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1260.225509] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1260.226851] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:33:39 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x10, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1260.293362] loop4: detected capacity change from 0 to 5 [ 1260.302221] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:33:39 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x3}]) 21:33:39 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x24, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:39 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xffff1f00, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:40 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x1000000000000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:33:40 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffdffff00000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1260.525149] loop4: detected capacity change from 0 to 5 [ 1260.535213] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1260.564496] loop7: detected capacity change from 0 to 32640 21:33:40 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x600000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1260.631398] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1260.632275] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1260.634740] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1260.672262] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1260.673528] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1260.675342] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1260.734919] loop6: detected capacity change from 0 to 32640 [ 1260.781944] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1260.783010] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1260.785744] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1260.787313] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1260.788286] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1260.795677] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1261.000371] loop6: detected capacity change from 0 to 32640 [ 1261.003432] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:33:49 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x4}]) 21:33:49 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x6, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:49 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x7, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:49 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xffff1f0000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:33:49 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xffffe000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:49 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x800000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:49 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x4000000000000000}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:33:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x27, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1269.817211] loop4: detected capacity change from 0 to 5 [ 1269.822242] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1269.832397] loop4: detected capacity change from 0 to 5 [ 1269.842701] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1269.845157] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1269.845697] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1269.846493] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1269.848686] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1269.851118] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1269.851886] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1269.888232] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1269.889865] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1269.891445] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:33:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x43, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1269.980439] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1269.980925] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1269.981729] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1269.990699] loop4: detected capacity change from 0 to 5 21:33:49 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x810000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1269.995173] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:33:49 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x0, 0x2}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:33:49 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x8}]) 21:33:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x60, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1270.056611] loop7: detected capacity change from 0 to 32640 [ 1270.103601] loop4: detected capacity change from 0 to 5 21:33:49 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffffdff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1270.116445] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1270.118682] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1270.120541] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1270.121861] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:33:49 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xffffffff00000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1270.138733] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1270.139278] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1270.140006] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1270.146085] loop4: detected capacity change from 0 to 5 [ 1270.148948] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1270.166373] loop6: detected capacity change from 0 to 32640 21:33:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xf0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:49 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x0, 0x3}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) [ 1270.269364] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1270.270676] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1270.272199] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1270.310644] loop4: detected capacity change from 0 to 5 [ 1270.318100] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1270.326899] loop4: detected capacity change from 0 to 5 [ 1270.336108] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1270.354320] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1270.356981] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1270.358278] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:33:59 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x0, 0x4}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:33:59 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x7, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:59 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xc00000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:59 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xf5, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:59 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:33:59 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:33:59 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xffffff7f, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:33:59 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x10}]) [ 1280.211481] loop4: detected capacity change from 0 to 5 [ 1280.219894] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1280.224865] loop4: detected capacity change from 0 to 5 [ 1280.227965] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:33:59 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xfe, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1280.254749] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1280.257210] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1280.258021] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1280.306578] loop4: detected capacity change from 0 to 5 [ 1280.315759] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1280.317399] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1280.318848] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1280.336102] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1280.351241] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1280.351736] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1280.352737] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:33:59 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x300}]) 21:34:00 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xf00000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:34:00 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x225, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:34:00 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:34:00 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x0, 0x8}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:34:00 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffffff4, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1280.492211] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1280.492745] I/O error, dev sr0, sector 1 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1280.493582] Buffer I/O error on dev sr0, logical block 1, lost async page write [ 1280.532213] loop4: detected capacity change from 0 to 5 [ 1280.559371] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1280.585306] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1280.585753] I/O error, dev sr0, sector 1 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1280.586436] Buffer I/O error on dev sr0, logical block 1, lost async page write 21:34:00 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x264, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1280.644366] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1280.644823] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1280.651396] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:34:00 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x810}]) [ 1280.669352] loop4: detected capacity change from 0 to 5 [ 1280.673470] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1280.704987] loop6: detected capacity change from 0 to 32640 [ 1280.730304] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1280.731464] I/O error, dev sr0, sector 4 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1280.733494] Buffer I/O error on dev sr0, logical block 4, lost async page write [ 1280.739466] loop7: detected capacity change from 0 to 32640 [ 1280.896579] loop7: detected capacity change from 0 to 32640 [ 1280.900785] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 1280.927461] loop6: detected capacity change from 0 to 32640 [ 1280.929349] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:34:10 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x265, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:34:10 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x2, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:34:10 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1000000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:34:10 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:34:10 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xe, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:34:10 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x0, 0x10}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:34:10 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x1008}]) 21:34:10 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffffff5, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1291.275246] loop4: detected capacity change from 0 to 5 [ 1291.282524] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1291.291745] loop4: detected capacity change from 0 to 5 [ 1291.296266] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1291.308579] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1291.309899] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1291.312176] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1291.343189] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1291.343766] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1291.344716] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:34:10 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x300, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1291.377193] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1291.377789] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1291.378769] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1291.472739] [ 1291.473070] ===================================== [ 1291.473806] WARNING: bad unlock balance detected! [ 1291.474546] 6.19.0-rc5-next-20260113 #1 Not tainted [ 1291.475308] ------------------------------------- [ 1291.476051] syz-executor.4/10273 is trying to release lock (rcu_read_lock) at: [ 1291.477175] [] __wait_on_freeing_inode+0x105/0x350 [ 1291.478176] but there are no more locks to release! [ 1291.478929] [ 1291.478929] other info that might help us debug this: [ 1291.479925] 4 locks held by syz-executor.4/10273: [ 1291.480662] #0: ffff88800f8fe3f8 (sb_writers#3){.+.+}-{0:0}, at: filename_create+0xf7/0x400 [ 1291.482007] #1: ffff88801b3dbd10 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: filename_create+0x1b1/0x400 [ 1291.483545] #2: ffff88800f8b2950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xe32/0x12d0 [ 1291.484929] #3: ffffffff85c16898 (inode_hash_lock){+.+.}-{3:3}, at: insert_inode_locked+0xf9/0x890 [ 1291.490373] [ 1291.490373] stack backtrace: [ 1291.492445] CPU: 0 UID: 0 PID: 10273 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) [ 1291.492475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1291.492489] Call Trace: [ 1291.492498] [ 1291.492506] dump_stack_lvl+0xca/0x120 [ 1291.492534] ? __wait_on_freeing_inode+0x105/0x350 [ 1291.492564] print_unlock_imbalance_bug+0x118/0x130 [ 1291.492593] ? __wait_on_freeing_inode+0x105/0x350 [ 1291.492623] lock_release+0x1ee/0x270 [ 1291.492653] __wait_on_freeing_inode+0x10a/0x350 [ 1291.492684] ? __pfx___wait_on_freeing_inode+0x10/0x10 [ 1291.492716] ? __pfx_var_wake_function+0x10/0x10 [ 1291.492752] ? lock_is_held_type+0x9e/0x120 [ 1291.492775] insert_inode_locked+0x25f/0x890 [ 1291.492810] __ext4_new_inode+0x223d/0x4cd0 [ 1291.492843] ? __pfx___ext4_new_inode+0x10/0x10 [ 1291.492873] ? __pfx___dquot_initialize+0x10/0x10 [ 1291.492909] ? __pfx_avc_has_perm+0x10/0x10 [ 1291.492941] ext4_symlink+0x406/0xb40 [ 1291.492978] ? __pfx_ext4_symlink+0x10/0x10 [ 1291.493011] ? security_inode_permission+0x72/0xe0 [ 1291.493037] vfs_symlink+0x44b/0x840 [ 1291.493071] do_symlinkat+0x153/0x440 [ 1291.493098] ? __pfx_do_symlinkat+0x10/0x10 [ 1291.493126] ? strncpy_from_user+0x21b/0x2f0 [ 1291.493161] __x64_sys_symlink+0x79/0xa0 [ 1291.493189] do_syscall_64+0xbf/0x420 [ 1291.493216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1291.493240] RIP: 0033:0x7f1fa08c4427 [ 1291.493257] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 58 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1291.493280] RSP: 002b:00007ffd0a273418 EFLAGS: 00000206 ORIG_RAX: 0000000000000058 [ 1291.493302] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1fa08c4427 [ 1291.493317] RDX: 00007ffd0a2734f3 RSI: 00007f1fa091f022 RDI: 00007ffd0a2734e0 [ 1291.493332] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffd0a2732b0 [ 1291.493346] R10: 00007ffd0a273167 R11: 0000000000000206 R12: 0000000000000001 [ 1291.493360] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffd0a2734e0 [ 1291.493381] [ 1291.519469] loop6: detected capacity change from 0 to 32640 [ 1291.520686] ------------[ cut here ]------------ [ 1291.524598] WARNING: kernel/rcu/tree_plugin.h:443 at __rcu_read_unlock+0x25f/0x5c0, CPU#0: syz-executor.4/10273 [ 1291.526413] Modules linked in: [ 1291.526985] CPU: 0 UID: 0 PID: 10273 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260113 #1 PREEMPT(lazy) 21:34:11 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2000000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) [ 1291.528671] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1291.542182] RIP: 0010:__rcu_read_unlock+0x25f/0x5c0 [ 1291.572782] Code: f2 02 00 00 c7 43 58 01 00 00 00 bf 09 00 00 00 e8 a6 bb de ff 4d 85 f6 0f 84 73 fe ff ff e8 38 89 20 00 fb e9 68 fe ff ff 90 <0f> 0b 90 5b 5d 41 5c 41 5d 41 5e e9 61 f9 73 03 e8 0c 88 56 00 e9 [ 1291.608575] RSP: 0018:ffff888049e879a0 EFLAGS: 00010286 [ 1291.652470] RAX: 00000000ffffffff RBX: ffff88801aa5b700 RCX: ffffffff815664c7 [ 1291.711861] RDX: 0000000000000000 RSI: ffffffff815664d0 RDI: ffff88801aa5bafc [ 1291.762714] RBP: ffff88801aa5b700 R08: 0000000000000000 R09: fffffbfff0ba6ff4 [ 1291.795328] R10: 0000000000000000 R11: ffffffffffff98c0 R12: ffff88801aa5b700 [ 1291.842318] R13: 0000000000000001 R14: ffffffff85c0f860 R15: ffff88804ac0a938 [ 1291.880598] FS: 000055557c7be400(0000) GS:ffff8880e5342000(0000) knlGS:0000000000000000 [ 1291.912286] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1291.943565] CR2: 000055558fa8ac58 CR3: 000000000be4b000 CR4: 0000000000350ef0 [ 1291.972557] Call Trace: [ 1292.005773] [ 1292.070312] __wait_on_freeing_inode+0x10f/0x350 [ 1292.110204] ? __pfx___wait_on_freeing_inode+0x10/0x10 [ 1292.112283] ? __pfx_var_wake_function+0x10/0x10 [ 1292.114608] ? lock_is_held_type+0x9e/0x120 [ 1292.116685] insert_inode_locked+0x25f/0x890 [ 1292.119754] __ext4_new_inode+0x223d/0x4cd0 [ 1292.124479] ? __pfx___ext4_new_inode+0x10/0x10 [ 1292.126769] ? __pfx___dquot_initialize+0x10/0x10 [ 1292.128264] ? __pfx_avc_has_perm+0x10/0x10 [ 1292.131606] ext4_symlink+0x406/0xb40 [ 1292.135941] ? __pfx_ext4_symlink+0x10/0x10 [ 1292.137855] ? security_inode_permission+0x72/0xe0 [ 1292.140939] vfs_symlink+0x44b/0x840 [ 1292.143414] do_symlinkat+0x153/0x440 [ 1292.145488] ? __pfx_do_symlinkat+0x10/0x10 [ 1292.146826] ? strncpy_from_user+0x21b/0x2f0 [ 1292.150424] __x64_sys_symlink+0x79/0xa0 [ 1292.151783] do_syscall_64+0xbf/0x420 [ 1292.153362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1292.154354] RIP: 0033:0x7f1fa08c4427 [ 1292.155019] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 58 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1292.157773] RSP: 002b:00007ffd0a273418 EFLAGS: 00000206 ORIG_RAX: 0000000000000058 [ 1292.158946] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1fa08c4427 [ 1292.160117] RDX: 00007ffd0a2734f3 RSI: 00007f1fa091f022 RDI: 00007ffd0a2734e0 [ 1292.161219] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffd0a2732b0 [ 1292.162313] R10: 00007ffd0a273167 R11: 0000000000000206 R12: 0000000000000001 [ 1292.163401] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffd0a2734e0 [ 1292.168141] [ 1292.168497] irq event stamp: 651 [ 1292.168985] hardirqs last enabled at (651): [] _raw_spin_unlock_irqrestore+0x2c/0x50 [ 1292.170596] hardirqs last disabled at (650): [] _raw_spin_lock_irqsave+0x53/0x60 [ 1292.172145] softirqs last enabled at (646): [] kernel_fpu_end+0x59/0x70 [ 1292.173517] softirqs last disabled at (644): [] kernel_fpu_begin_mask+0x1bb/0x300 [ 1292.175006] ---[ end trace 0000000000000000 ]--- [ 1292.194319] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 1292.253599] loop7: detected capacity change from 0 to 32640 [ 1292.254832] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 1292.287744] loop4: detected capacity change from 0 to 5 21:34:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x3, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1292.305671] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1292.312738] loop4: detected capacity change from 0 to 5 [ 1292.315985] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:34:11 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x10, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:34:11 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0xfffffffb, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:34:11 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x4000}]) 21:34:11 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x410, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1292.352137] loop4: detected capacity change from 0 to 5 [ 1292.356866] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1292.361492] loop4: detected capacity change from 0 to 5 [ 1292.366740] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:34:11 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x0, 0x300}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:34:11 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x500, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:34:12 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xe, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1292.440680] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1292.441165] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1292.441831] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1292.454436] loop4: detected capacity change from 0 to 5 [ 1292.456493] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1292.457519] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1292.457959] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1292.459197] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1292.468419] loop4: detected capacity change from 0 to 5 [ 1292.472721] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1292.511516] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1292.512009] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1292.512715] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1292.597120] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 1292.710460] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 21:34:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) 21:34:19 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x3f00000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:34:19 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x10, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:34:19 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xf0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:34:19 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x0, 0x810}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:34:19 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x80000}]) 21:34:19 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x1000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:34:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x600, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1300.230459] set_capacity_and_notify: 4 callbacks suppressed [ 1300.230488] loop4: detected capacity change from 0 to 5 [ 1300.242131] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1300.246354] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1300.246784] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1300.247427] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1300.257456] loop4: detected capacity change from 0 to 5 [ 1300.257693] loop6: detected capacity change from 0 to 32640 [ 1300.260266] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 1300.276935] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1300.282074] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1300.282478] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1300.283131] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1300.283697] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1300.284122] I/O error, dev sr0, sector 1024 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1300.320945] loop6: detected capacity change from 0 to 32640 [ 1300.323250] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 1300.330608] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1300.332318] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1300.333813] Buffer I/O error on dev sr0, logical block 0, lost async page write 21:34:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x62c, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:34:19 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xf0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0xffffffffffffffc7, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb31262", 0xa1, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) [ 1300.402730] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1300.403175] I/O error, dev sr0, sector 1024 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 21:34:19 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x0, 0x1008}]) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 21:34:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x5, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) signalfd(0xffffffffffffffff, 0x0, 0x0) [ 1300.422472] loop4: detected capacity change from 0 to 5 [ 1300.424525] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1300.428930] loop4: detected capacity change from 0 to 5 [ 1300.430304] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) 21:34:20 executing program 3: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) inotify_init() io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x2000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1}]) 21:34:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x700, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000000280)="6c37077fa0348e7920a53c8c7618c8355b41056832d4253b51937cbbe810f9c56e7e5eef320044d0a8001cf4ed1abf957e34991034b1f9419e2ec448db4335e31ac614bbb1efcf8032fb65625b34c229798c1da34517a6e5b93658217f13fe39472255df6b280ddccd2bf03b800322a02fdd705d3e8832cc2b13ca55baad55e95a980ec99e10cb801fbf56b829e4243ed973fae87e4c83ddb2835d39435eb312", 0xa0, 0x560}], 0x0, &(0x7f0000013c00)=ANY=[]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 21:34:20 executing program 0: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x141802, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="fa", 0x1, 0x1000000}]) [ 1300.475819] loop4: detected capacity change from 0 to 5 [ 1300.479299] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1300.481758] loop4: detected capacity change from 0 to 5 [ 1300.482954] EXT4-fs (loop4): bad geometry: block count 128 exceeds size of device (1 blocks) [ 1300.530477] loop7: detected capacity change from 0 to 32640 [ 1300.534514] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1300.535453] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1300.538203] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1300.561422] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1300.561876] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1300.562873] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1300.574127] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1300.579410] I/O error, dev sr0, sector 32768 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1300.627625] loop7: detected capacity change from 0 to 32640 [ 1300.631272] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 1300.648740] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1300.649431] I/O error, dev sr0, sector 32768 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1300.653079] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1300.653511] I/O error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 1300.654204] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 1300.732846] EXT4-fs (loop6): VFS: Can't find ext4 filesystem VM DIAGNOSIS: 21:34:11 Registers: info registers vcpu 0 RAX=000000000000006e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff82977f45 RDI=ffffffff889c1a00 RBP=ffffffff889c19c0 RSP=ffff888049e87488 R8 =0000000000000000 R9 =ffffed10016e4046 R10=000000000000006e R11=666666203a332320 R12=000000000000006e R13=0000000000000010 R14=ffffffff889c19c0 R15=ffffffff82977f30 RIP=ffffffff82977f9d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055557c7be400 00000000 00000000 GS =0000 ffff8880e5342000 00000000 00000000 LDT=0000 fffffe6d00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055558fa8ac58 CR3=000000000be4b000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000a60ce07b00000000cec3662e XMM01=000000000000000003515b82db34ca11 XMM02=0000000000000000333bebdfd0a6a21d XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffed1009a6f825 RBX=ffff88804d37c2f8 RCX=dffffc0000000000 RDX=0000000000040000 RSI=ffffffff8197a221 RDI=0000000000000007 RBP=0000000000000000 RSP=ffff88801abc7a00 R8 =0000000000100cca R9 =0000000000000000 R10=0000000000000950 R11=0000000000000000 R12=ffff88804d37c0d8 R13=ffff88804d37c0d8 R14=0000000000000950 R15=0000000000000003 RIP=ffffffff817581c8 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f32b0ae9700 00000000 00000000 GS =0000 ffff8880e5442000 00000000 00000000 LDT=0000 fffffe3b00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002095f000 CR3=000000004d362000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f9f6fcd87c000007f9f6fcd87c8 XMM02=00007f9f6fcd87e000007f9f6fcd87c0 XMM03=00007f9f6fcd87c800007f9f6fcd87c0 XMM04=35c818768c3ca520798e34a07f07376c XMM05=6212b35e43395d83b2dd834c7ee8fa73 XMM06=d93e24e429b856bf1f80cb109ec90e98 XMM07=5ae955adba55ca132bcc32883e5d70dd XMM08=2fa02203803bf02bcddc0d286bdf5522 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000