b623b9a9", 0xcc, 0x9}, {&(0x7f0000000800)="68b67f6d31de7873acd619755d3f6a6473bf5e2783739b39bf7dafecd85c1813b1bf05609efcf86aa5d4da44f925895cb87a0a067d1916a294bfc4f5c3a3cc10194b34d53afa2990e90ebcc8a7889c9f9dc73de4bc01620de812cc77c58806f56ef37a96c4c606db7659f16f8940ff85d546aef03b6d05a2bdeea7dde77eb636021a23cbf2f68cfae1dc0f38c5dac191430e68a26ed8a863b75b91f8ecb36221c4a687603eeef55110724d04bde05d60498623490561297adc62f763fac0e1dd453ff94a63f434a19f502e2a2170ca62a60339b3da83d12b77d678b316b8e424a61ff2c4f1fdd3363c5e59db361c72", 0xef, 0xfffffffffffffffa}], 0x1000, &(0x7f00000009c0)={[{'\x00'}, {'/dev/vcs\x00'}, {'\xff\xff'}, {':,{+##)\xce*{'}], [{@uid_gt={'uid>', 0xee00}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@smackfsfloor}, {@fsmagic={'fsmagic', 0x3d, 0x8}}, {@uid_lt}]})
ioctl$BTRFS_IOC_SNAP_CREATE(r1, 0x50009401, &(0x7f0000000a80)={{r5}, "1058984b82c1d0733c1a2afa91819d3fbf706cde2f8aec4bb0e22087827e9377e475c90ba3e16f9ca60f45b8c6cffcab046d77ec51c05821e1ce580788d27aad988ba25274e16b6d81fc6a1dcba85740d5ab3b6c836207b59a9aa60691183637387e7d45b5800d9648d28efea6d1a291db9fc5487ccac555ccb73a6bf596318784f90b33c1078eebab8891b3de025609f61a876519e70dc795225f45941182d565bdab1d21e49c7bc38dc8184091f2fdbd344622b7a1901e36d5568d1e62ae2fc4d63da130e9470afc33c72e9379dc3723ba79af591ad32555f5c4012ffa3fed80553d2bb5e19c95412001ac0ee6432271b5a5f845132d6fc61131c86e0465a8ba613447229a61d2621a75ab5b70cbb82a39227f003294bfdbf299982b70fa10eb9589e13c6ef550be6f41480bf519cc376125b5e3fff9834d6615a556c3c86751d947bbe67649b4da5cd95e84a1e81d41574f971618ae7b87cd303f57c6d2e82ae36703140cffa65362d78ac3937b431f4b4af50b3e8703043c4c25c36cd87e08349034d1bdc94a2b13652ba7629bd44472a1e81a3fbec4eec6ac5ca5d48f51ebd22ac02af4a89f0aa38a02b46cb9e58cc04ea40ad447bd3f6a1528562e86440d2f824bdf97fef068bcf99f92808b280b26cea19cf1ca244f3c2d119287ae7ed773e8a3d1c9e436cc582e78dcb2cb6a6557cef1426ec6c13c6112c69e0bb97a5ecf0e812e6186925ecacd4f3a92ba6419b53d2db381c5efd09444bd7545cb1dbeefcaa078d48cbf7f90f24f5409b17190f0ea574747ac3ebe9537bea3447e4aeab46f9fe8d55a3cf1ef5c7dd7c9afa6ef16171affcf9d22d79bd893068422f975daa2d258e68bea96b1c7c2c1f505915896c2968d0057af8973ea5909570a5fb9e956edd67bda2e1249f413f5c018dcec8021e2f429deab19831aeefd210f3460e6c515ca86ad3fc158e37704fd1564fc263fae2331a94339b1aa1b1aeaa4f2630a060324176a8f90ce69bbfaf9c062e4d277ff15a5eccba8a328ee35c4070f22175a90a82adc76ade0ef0c14e991a4995ed8028bdf907a582c9ec28a5e8831271075efd6deea894e04795258910876afa4f2c523be80bc68b457ecb2e8c27e3a57576e16fb8bc22397c3d836527defd7379f23ba4cfae2b44492224993f732c7ce1ba039e3dded5ec04245a4e766efff90adb5b21545214e23b7cb813d726907245e3ab561a1ff3d4d463303d13d4d329759a304eda566dd304af232bc05f126e278fe048351161ecabbf54e232442c1de9f39edcffe289428ef4bd6bd2769b6333c07583eddb807f2e29f8fe63e518bb07edc2d7802340df2983b3ed6e54048642a53ba22d8fda6113b6eae952ec43daeff1241ac1a6fccdcf42d28d278c897740749bcdfef18df0ecfcf50d1984c82c30074cf66efcb3c593c95e1a33b7d77c31f02f6347e9b1ee32e522e434314f175b47fc41d9c29f4632dd081ded515a631f0d25d22afe9796154ea6d3d11cea509f8f35fe020dbfe50a95560e5d05462bfdb70ed9f82c73ae3bc6ed515fe5c8a95c05e0effa4194e7187e0505e62c5bf0d12dc1739a8a3eb1c73f15e3ca28c1f445112bb7b507293810abb79cfeefc3dfd38d17891ac25f6d07f9efce42d96e1113abf45b0c10fab56895f39cd6d0ef6317d870f470cef17f1a5c71486631780ce4e3bd6f661b553df86e824b2dfb42c2e82d7c2b86398e6d4b45a3044683ed70afbb85311d26270906a45c5b9f5e7ad949cd68d1bda2db8c0f0e9ed40af6448b856fc729b8a099bf9fcccf16005f83348d9cbfb7da6b0241fd04192f70838a4b6714234a077b84cc8fe493dd336a71ff879d9972fad2cf85d1e27c94140b9e81d3105774aed578ca24f8aae744d33e5ff99a01d3b56cdbbee5dbe3ef18a6ab33ac1664f7e1adbf4d9a546cc5d47256cff84963cf889f21ec8c4df7159d4116ab1d3359a98f51058430925d920badde376b2670d473e730a565a410df6bec533dc21f31e7373616a89f3c932f316f465fdb173a3239e20cfee9b2d47a0bc6c9fa4e6309d55695a12cfbc270587ef6b3bde08049c78f59f029a138aba6200124b85d287c4681f40c930c7e71636358f215008ff3ba427f02d2c86b968e9fbb6c54dce89a68b436f56a80bc6a715aa659784c0af3b4f5392fc7d998bb330b291a8b1240643feb1b3a2bc5b0f187837519cce092b650d9d1ec98837addf6b9774561e0abb85b29e7909ec8a46f9420ad82ef066ede46762cc665c71a05c47c1d0f7e67469070c079326f8833e627a6f012dd23db79ace1938bf222cd48a1072389b207f48b4d8227d564b9845be466f7b435a8431574a816f72ad2d7662ebee60e6db6911482d223cc4b4acba26de4b21850e4d0e92a13aae4427f7c8df304fa089255bbf72473ded9257ceec8ba9657c7ab180fe6946f8547786c11a64a7130faf8df0c47fedeb89200c558c5aa95e3d1084574a19718e161148cfc3cb43cc17a05b104eb0fdb4d346b68bc086d5f8f1e743d4ded1b27b5b60fc6f204c0a2d2b33e6c097a69d05a7718266bd3e93e4dec02b89e7bfa797988756168b5380b70f5b97865d3d376f0dae33cdfc66d4534508f2f597d660df573af9d67887a9a6529085edd9886f70fdc6622963016240f418d0b16fe6adbd2bb3f73a15366ab213b79f15715812866601bd6c69a7c1b8913114fa177762051bda75736286ff005898745ffb7b45a20e11c138dceab01ed45f807c874d9ffbde2a2272ebacb049fe5c47749d8dad7d2e87e96dc4262656bba00ebc98b8fb3a5bb556363f4560bbcf2e4ee71b965f57519880ab9b3b1f84f68562f5fe0cbd61f6e07a4d6383186f911a317775bd8cd3f89f041202b6e238311551ceb3714f1e84c1e2e4d36043429796ce7372333a0d8e2b1d2474a73c7668093bea5d109b3c0741850c211f3ea6306493b24d4fdfe760c84f3e2cc1890fd85f6497c10265289d3935ed35e6618b1992d77c9b221acf36ff46c07d8d320e3dd751352929dc016c7b60eedc93b3f4e9a63dd7f46d98615fe70e06528e6ebb4ee1c1cb7a7ef5304fee386b4bd53e350eb03bd07fc916dc0e0864bc6da491d72f49ff624462dd12086a83619424ac8015bad3e98394543321d6ae61d5651bb176d199ff0f6ba6e53c51b3bef8d4985ff1dc1f577071db7890a74e9cf586b5dbff29b27f3e6517cec9fec5f60d86297f6bd1ef743e2c2efa25aa8c357342ce3af49f67400a16f83a172097ccf2330682c157711041faaf3cb0db90ce707dc5c0bd4916ccddb82b8f8414ed37881cbb4c26f6fa006a4bfc245d13971166ca7d7cb6b4bbdecbbfdef5f8a9981309708ea1af336fb348bfb6396f53c5f5730bde53725c66b54d4d9d7630326f660d88bb5d422498e8dbc62e8473eee21d2c707892b5152f24979b0530e9b6fe9a59d3457d17e6681e09b1ee02de83bc34d12028833d01a5d2a7e0a96d1607dedd43164ae367b536d9ebb4d2dbd86a93e662f665a099e66b43d031517fe61811c39740172e6916e60b5721f20ce6fabd1d65b98d2a9006d736ced376f653051bb023f4870d747489adfa840726df8a36a2e1bea5fddeeb4e76c2dd270d25481d78e1248bcc963c1405ceb79327c2018d5bf21989c223d0130ac93d340af20712cf14d03995ee0b3031633c0f7d2704bf8872a7a0b1d188ebf80c28acf204d761fa947f390f97e82c309c5892d794fcbc9acaeca8c0b60102222597dd3afb51389955b74d76e941d0d9e8885a2ba24d56e40e4aff23677e0ef6f9770235c5f8fb033d6b16a8f648c87d74768365f938f42b5ce3e31ddd7c7d29206fd98b3c1371f21b32ab4116157d40f4c1afdf6c5dc85c6b762588bbb9eb5f02c8b53e573958707a16eb4e47d6bd60b16893b067f41e635205fc66102ae1618a4c5142fb1e6509f2a4ee9bdaccd757ffe4af84feb8c28855b4cbb65674d7ce10d896109062eccbc68d3ebbb7b2d5d10a161049e4d3a9f2defcd6029d2f3b2370749ccf7875bf86308b797b9f4227847ba4b6c5b240a30755c9ac39bfa08a6e967a0bd97bedfacd0f9c260b83c0fd29253b22d29c910cd53d62b92eafff2936479493aaf72bc9aecdd06f6a172811441dd4d48d168b1fa8161b770bbfff0ead921317de408f84de00c9962519617e7841f59c5f495d0a62cdbbe8cc5db126943d526b7c0e914bfe9bea8493514c2fc5e9d7a848df0208e4fefa861e9e7dcaca8e9238e011dcc3d5e526d367ac54a1c725304c292d395685e0f2a8a06477fa54fcb6997c66668e78379782134c7849ea12784f30c6b753372a1b282c9c809e7e37a952c68cdd95069f9f98336c8d4dc382e3b46f7a24494fc22b2ed7a123f6a5035b96f761f5974032f52b3f18843b9345638182ca36922540bdb60a827679f557f19b09cbcdf1c7fbddd720ad494e84f39ea1ea63b290dc8bb49905f7d137bf074d48471aba0aeef9c82f506ac404f7eddbbb55ab8587bcc85793923a2b32db8152dfc695285b34794fb16516ef3071eaa1903fe3ff17f786a17b68ae055a8aa0eee7a137aa579ee106cb7fb589e2c2eccf2a0079ca2c15ea44ab3b94546f545dc612a49a189b5e9c4c706f5f6e56b253e8beda2d68c0d21fe44a3be5bb4a9b3e28661122283c94f1f69b9ee82cf46eca7f1b92b55b91ea5b1ab55f8fcaa26a5aec048b4437aa6e6ad55d3e411ac1933fe788be24543a007cc42854ec58ec4f8b38220ba8d394c366ad7a75ae5e83a70e960cfeec8058e9452e5c3c6afae5c5df96a57ca12f4085ca2e5890d659cd79da07759ac18d56467bc7942d9585185e5d89ae314d507d5669ca6f51b8cca341d618962c1bc3ace8ebcfcacd80a6e8756c8aab34cb6b0cb74841d332d561afad80381891073930b1fd26887006a05ec7ecf67a0c2dddcc2693adacfe28ab2e7fc6c3c08332448094019b347a7edebf29578079212c4279fae659aec363a6998d2931542830bac1b1791357306f6e1ce8c66bc7ff69b247c19bb60a649c63338c90db88af6e2c8b0a50dac3f9500fc031c136fc2a2401592dd5dfad06acbf908b410235e48d4d1ca868f0f4fbbb0be54f2678c79a9ae72a2027502bd4a88e1f1280d7624f44ff5974b60e4ddeeca8b27f5ea71373647af89080c842a9b4b3e5f83e2ec76b34f4666aa1f25bf51175d704222cce01785793f5e514fa00bae2489a4111f9295597a03f8298a21075ae71a79d6c0ff722b204dfde160fe251bb392dd8ed0d756a5e904c74fe4c55a84e57079e1b41e35ff8002c8ed44736ba542551668de0debfbdba58db2db2a3d05f6a35cc0e0adb3d3d32795d30ec9f3f82d6ad0512d625a7b3ff415179ece8ee96811bdf08f8e9518bee3a012a796d209fdf068a57aaaafe81a9cd62161eb869f7eed47a777cbf5ac6ca6c101c59788232d1ac01eb3675f451174371811a425b1c14ed5253a7cffc28abb8f4d95f546a12be3838e553f4025bba4a05718b1190f2295e3be6e9847881944a6a52ad360ae1177dff7a39c8cef56554aa3527d273571d3fe542ba0ba3df63d040fe319d0fd20817ebabebf256b35810ba0e68e659a732d3d3631ca1fde95a06ecfd0e506ef856803ea96bfb787b9b490d3a5279dc378019c47e6aaea4abe45b7acd8f23af76c8320f14b60371b63e7cf32202dcbbd2b283db15be2e2f3c1423224a7f6a7073a1404e633b259fea251d4927fe6c4527f74237b047a190b36b478324abc14a9e440253f79aff22"})
syz_emit_vhci(&(0x7f0000001c80)=ANY=[@ANYBLOB="040d14012ffeff2c650007090000000200000003000000", @ANYRES16=r1, @ANYRESOCT, @ANYRESOCT=r1, @ANYRESHEX, @ANYRES32, @ANYBLOB="680c5abdb5a877fbb596b6d93245ee5ee227dadf50d41ade357198a547382e2725eb65450ba1993dd6b155be44530c7a64229b36adb299cf7525b629c57c48baf8a7c4513de9d713c638bbc33b40804a94e4a5f4b07dd690d09c5a546a5c41623b6d72fc8ea2808b57b6f49901b4a558720171449b23773d143b77fc4300f2c61d23c2585f495f63ce088f8101db840b3437a760036d1257a2b8658582baeb32d211d24cf2c49d8fe35b90400079bb641eeb1febdb2d91c7d90c0387538c68ddeb69760b7065ab2efad886de1a611d51", @ANYRESOCT, @ANYRES32, @ANYRES16], 0x17)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xe1}, "19cbf87ccdcdb5f6b92f06318cb4a3228c50cb038190ba1773872507850216366260eaccf6cbf4acb9e6b1ca55d6a32cfff90477397fef02d459755cf3b6d0d8dddd36615fdac8e415ff7fb8d38d2370e80e8eaa289b84f9e9443c739cd8cc3cc1a66742ff495e6c76a84c97c21b01f5bf7f62271064dc32cfd5c8a14a2becae159dcc2ea89d0ce5a68c55dc7d1299e7015fa0aa69cba56c4522dc74648989fee9ca30b49a87189b3b06632db18ecd7d50fb8395590427af88de91a1630d63bb68ba4a20570ca5b070e6517302d233ad1a4ffe3a9219aa712cff8efd60ce271fb9"}, 0xe5)
setxattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=@known='security.apparmor\x00', &(0x7f0000000440)='\x00', 0x1, 0x2)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

[  381.712423] loop7: detected capacity change from 0 to 16383
[  381.736469] loop7: detected capacity change from 0 to 16383
[  381.756460] loop6: detected capacity change from 0 to 512
[  381.771184] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  381.772868] EXT4-fs (loop6): group descriptors corrupted!
03:39:58 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x58)

03:39:58 executing program 7:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz1\x00', 0x1ff)
r0 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
r1 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="00faa65f3b00"/16])
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601", 0x200)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r2, 0x0, 0xfdef)

03:39:58 executing program 4:
perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:39:58 executing program 0:
perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

03:39:59 executing program 3:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

03:39:59 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  381.901282] Process accounting resumed
[  381.966665] loop6: detected capacity change from 0 to 512
[  381.981373] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  381.982948] EXT4-fs (loop6): group descriptors corrupted!
03:40:07 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 4)

03:40:07 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:40:07 executing program 5:
clone3(&(0x7f0000005880)={0x0, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x58)

03:40:07 executing program 0:
perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

03:40:07 executing program 3:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

03:40:07 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x58)

03:40:07 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:07 executing program 7:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz1\x00', 0x1ff)
r0 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
r1 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="00faa65f3b00"/16])
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601", 0x200)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r2, 0x0, 0xfdef)

03:40:07 executing program 0:
perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

03:40:07 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[  390.717389] loop6: detected capacity change from 0 to 512
[  390.726999] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  390.727767] EXT4-fs (loop6): group descriptors corrupted!
[  390.733565] FAULT_INJECTION: forcing a failure.
[  390.733565] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  390.734553] CPU: 1 UID: 0 PID: 5547 Comm: syz-executor.1 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  390.734570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  390.734578] Call Trace:
[  390.734583]  <TASK>
[  390.734587]  dump_stack_lvl+0xfa/0x120
[  390.734614]  should_fail_ex+0x4d7/0x5e0
[  390.734632]  should_fail_alloc_page+0xe0/0x110
[  390.734651]  prepare_alloc_pages+0x1eb/0x550
[  390.734671]  __alloc_frozen_pages_noprof+0x17f/0x2000
[  390.734694]  ? lock_acquire+0x15e/0x2d0
[  390.734711]  ? __memcg_slab_post_alloc_hook+0x446/0x970
[  390.734726]  ? find_held_lock+0x2b/0x80
[  390.734739]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  390.734756]  ? lock_release+0xc8/0x270
[  390.734776]  ? __create_object+0x59/0x80
[  390.734789]  ? kmem_cache_alloc_node_noprof+0x475/0x730
[  390.734802]  ? __asan_memset+0x24/0x50
[  390.734819]  __alloc_pages_noprof+0xb/0x30
[  390.734837]  copy_process+0x4f4/0x7230
[  390.734853]  ? __pfx__kstrtoull+0x10/0x10
[  390.734874]  ? lock_acquire+0x15e/0x2d0
[  390.734888]  ? __might_fault+0xe0/0x190
[  390.734904]  ? __pfx_copy_process+0x10/0x10
[  390.734919]  ? __might_fault+0xe0/0x190
[  390.734934]  ? _copy_from_user+0x5b/0xd0
[  390.734949]  kernel_clone+0xea/0x7c0
[  390.734963]  ? get_pid_task+0xfd/0x250
[  390.734978]  ? __pfx_kernel_clone+0x10/0x10
[  390.734996]  ? find_held_lock+0x2b/0x80
[  390.735007]  ? ksys_write+0x121/0x240
[  390.735026]  ? lock_is_held_type+0x9e/0x120
[  390.735049]  __do_sys_clone3+0x1f5/0x280
[  390.735063]  ? __pfx___do_sys_clone3+0x10/0x10
[  390.735085]  ? __fget_files+0x20d/0x3b0
[  390.735105]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  390.735124]  ? ksys_write+0x1a3/0x240
[  390.735138]  ? __pfx_ksys_write+0x10/0x10
[  390.735152]  ? irqentry_exit+0xee/0x650
[  390.735168]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  390.735183]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  390.735202]  do_syscall_64+0xbf/0x420
[  390.735214]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.735227] RIP: 0033:0x7fdfc7692b19
[  390.735237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  390.735249] RSP: 002b:00007fdfc4c08188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  390.735261] RAX: ffffffffffffffda RBX: 00007fdfc77a5f60 RCX: 00007fdfc7692b19
[  390.735269] RDX: 0000000000000000 RSI: 000000000000006c RDI: 0000000020005880
[  390.735276] RBP: 00007fdfc4c081d0 R08: 0000000000000000 R09: 0000000000000000
[  390.735283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  390.735290] R13: 00007ffc9a0950bf R14: 00007fdfc4c08300 R15: 0000000000022000
[  390.735305]  </TASK>
03:40:17 executing program 7:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz1\x00', 0x1ff)
r0 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
r1 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="00faa65f3b00"/16])
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601", 0x200)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r2, 0x0, 0xfdef)

03:40:17 executing program 3:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:17 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 5)

03:40:17 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:17 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:40:17 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:40:17 executing program 5:
clone3(&(0x7f0000005880)={0x0, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x58)

03:40:17 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

[  400.393691] loop6: detected capacity change from 0 to 512
[  400.397789] loop3: detected capacity change from 0 to 512
[  400.400572] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  400.401421] EXT4-fs (loop6): group descriptors corrupted!
[  400.402262] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  400.403117] EXT4-fs (loop3): group descriptors corrupted!
[  400.428457] FAULT_INJECTION: forcing a failure.
[  400.428457] name failslab, interval 1, probability 0, space 0, times 0
[  400.430586] CPU: 1 UID: 0 PID: 5575 Comm: syz-executor.1 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  400.430620] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  400.430634] Call Trace:
[  400.430642]  <TASK>
[  400.430652]  dump_stack_lvl+0xfa/0x120
[  400.430700]  should_fail_ex+0x4d7/0x5e0
[  400.430734]  ? prepare_creds+0x2c/0x830
[  400.430768]  should_failslab+0xc2/0x120
[  400.430804]  kmem_cache_alloc_noprof+0x80/0x710
[  400.430840]  ? prepare_creds+0x2c/0x830
[  400.430881]  prepare_creds+0x2c/0x830
[  400.430930]  copy_creds+0x7c/0xa30
[  400.430970]  copy_process+0xeb0/0x7230
[  400.431003]  ? __pfx__kstrtoull+0x10/0x10
[  400.431054]  ? lock_acquire+0x15e/0x2d0
[  400.431094]  ? __pfx_copy_process+0x10/0x10
[  400.431126]  ? __might_fault+0xe0/0x190
[  400.431161]  ? _copy_from_user+0x5b/0xd0
[  400.431195]  kernel_clone+0xea/0x7c0
[  400.431226]  ? get_pid_task+0xfd/0x250
[  400.431256]  ? __pfx_kernel_clone+0x10/0x10
[  400.431296]  ? find_held_lock+0x2b/0x80
[  400.431320]  ? ksys_write+0x121/0x240
[  400.431353]  ? lock_is_held_type+0x9e/0x120
[  400.431395]  __do_sys_clone3+0x1f5/0x280
[  400.431427]  ? __pfx___do_sys_clone3+0x10/0x10
[  400.431477]  ? __fget_files+0x20d/0x3b0
[  400.431519]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  400.431558]  ? ksys_write+0x1a3/0x240
[  400.431589]  ? __pfx_ksys_write+0x10/0x10
[  400.431618]  ? irqentry_exit+0xee/0x650
[  400.431655]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  400.431689]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  400.431731]  do_syscall_64+0xbf/0x420
[  400.431758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.431784] RIP: 0033:0x7fdfc7692b19
[  400.431804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  400.431833] RSP: 002b:00007fdfc4c08188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  400.431866] RAX: ffffffffffffffda RBX: 00007fdfc77a5f60 RCX: 00007fdfc7692b19
[  400.431883] RDX: 0000000000000000 RSI: 000000000000006c RDI: 0000000020005880
[  400.431898] RBP: 00007fdfc4c081d0 R08: 0000000000000000 R09: 0000000000000000
[  400.431913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.431928] R13: 00007ffc9a0950bf R14: 00007fdfc4c08300 R15: 0000000000022000
[  400.431962]  </TASK>
03:40:17 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:17 executing program 5:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:40:17 executing program 3:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:17 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

[  400.523578] loop3: detected capacity change from 0 to 512
[  400.530982] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  400.531814] EXT4-fs (loop3): group descriptors corrupted!
03:40:17 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[  400.548740] loop6: detected capacity change from 0 to 512
03:40:17 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

03:40:17 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 6)

03:40:17 executing program 3:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  400.595680] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  400.597408] EXT4-fs (loop6): group descriptors corrupted!
[  400.634209] loop3: detected capacity change from 0 to 512
[  400.641128] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  400.642063] EXT4-fs (loop3): group descriptors corrupted!
03:40:26 executing program 7:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz1\x00', 0x1ff)
r0 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
r1 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="00faa65f3b00"/16])
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff)
write(r0, &(0x7f0000000900)="5ed0b2ff68d76fb346352b602a2a1295cbe01cb3f64fbed9e7f9bc9be0f300cb97f6a204cc586e45dfb949002f61f8fb969dd435dd0c37c5077e5b10cfeafd75205e215b167323a3b971b0ec98e6c3d4d825cae01271cb35cdd091e4872367f354e0dc81a7e4ac79775bc1dcaafe2f5079da79d1989f1ddce6722fc438a7217526cfe75d53471624d6f091e19a7fb699ea27efa9e0fd1914e7c35f297afd9b9b85ff0ce7a982f4fa0c172ea5f06479eec302f30e5df66273717e028f4ca7d4c5b6bc8a3c3c67f688195f22488a15d9e1f7e5fed3a6c2aba7bc308b0e2c5657f4538f4a3bf9b975bb887a901ab3c85261be3e331b741313e78b5ad63b7b1b378e9c79dc4a95b2b4d15cd1d1b808844378f882a72af1e5b0eefd356e0247246e60643204c3b46183dbe4e066c55cb1dcdaa7b70ef43ab2fa4d2b8c4c1a89cb0e325fd9716874d3856cf368efd1f92d21214e55e4de647c37c71887d11f74f9afe1616e3054ceae601e4b3555e243c1882ad42c7730caeb309e7714ad87c55e9fba308cfc4161e562abde3ac4f3d7e0a3584d4928100197f102307c05c0b4b4898b0591bc1433af443478979f28e6136ffb21aaeac2be5490475a08e96bb94fd9d9d3aa2f8a1e147a80ba9bfd04dac3f476ff128476c693ea71f7be47a508c98eddc479eb703d6f17cc5be2182f7c39b0a47eb23e0808b5d87dd2a9ce88eb48a601", 0x200)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
sendfile(r0, r2, 0x0, 0xfdef)

03:40:26 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 7)

03:40:26 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

03:40:26 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:40:26 executing program 5:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

03:40:26 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:26 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:26 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

[  409.436594] loop3: detected capacity change from 0 to 512
[  409.449338] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  409.450155] EXT4-fs (loop3): group descriptors corrupted!
[  409.451002] loop6: detected capacity change from 0 to 512
[  409.456728] FAULT_INJECTION: forcing a failure.
[  409.456728] name failslab, interval 1, probability 0, space 0, times 0
[  409.457684] CPU: 0 UID: 0 PID: 5617 Comm: syz-executor.1 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  409.457700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  409.457707] Call Trace:
[  409.457711]  <TASK>
[  409.457716]  dump_stack_lvl+0xfa/0x120
[  409.457742]  should_fail_ex+0x4d7/0x5e0
[  409.457759]  should_failslab+0xc2/0x120
[  409.457777]  __kmalloc_noprof+0xd6/0x830
[  409.457795]  ? __create_object+0x59/0x80
[  409.457808]  ? security_prepare_creds+0x101/0x160
[  409.457830]  ? security_prepare_creds+0x101/0x160
[  409.457846]  security_prepare_creds+0x101/0x160
[  409.457863]  prepare_creds+0x55c/0x830
[  409.457882]  copy_creds+0x7c/0xa30
[  409.457900]  copy_process+0xeb0/0x7230
[  409.457916]  ? __pfx__kstrtoull+0x10/0x10
[  409.457936]  ? lock_acquire+0x15e/0x2d0
[  409.457955]  ? __pfx_copy_process+0x10/0x10
[  409.457970]  ? __might_fault+0xe0/0x190
[  409.457986]  ? _copy_from_user+0x5b/0xd0
[  409.458002]  kernel_clone+0xea/0x7c0
[  409.458020]  ? get_pid_task+0xfd/0x250
[  409.458034]  ? __pfx_kernel_clone+0x10/0x10
[  409.458052]  ? find_held_lock+0x2b/0x80
[  409.458063]  ? ksys_write+0x121/0x240
[  409.458078]  ? lock_is_held_type+0x9e/0x120
[  409.458099]  __do_sys_clone3+0x1f5/0x280
[  409.458113]  ? __pfx___do_sys_clone3+0x10/0x10
[  409.458135]  ? __fget_files+0x20d/0x3b0
[  409.458155]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  409.458174]  ? ksys_write+0x1a3/0x240
[  409.458187]  ? __pfx_ksys_write+0x10/0x10
[  409.458201]  ? irqentry_exit+0xee/0x650
[  409.458217]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  409.458233]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  409.458251]  do_syscall_64+0xbf/0x420
[  409.458264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.458276] RIP: 0033:0x7fdfc7692b19
[  409.458286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  409.458296] RSP: 002b:00007fdfc4c08188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  409.458308] RAX: ffffffffffffffda RBX: 00007fdfc77a5f60 RCX: 00007fdfc7692b19
[  409.458316] RDX: 0000000000000000 RSI: 000000000000006c RDI: 0000000020005880
[  409.458323] RBP: 00007fdfc4c081d0 R08: 0000000000000000 R09: 0000000000000000
[  409.458329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  409.458336] R13: 00007ffc9a0950bf R14: 00007fdfc4c08300 R15: 0000000000022000
[  409.458351]  </TASK>
[  409.497448] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  409.499049] EXT4-fs (loop6): group descriptors corrupted!
03:40:26 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

03:40:26 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:26 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

03:40:26 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 8)

[  409.592521] loop3: detected capacity change from 0 to 512
03:40:26 executing program 5:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

03:40:26 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:40:26 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:26 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  409.696173] loop6: detected capacity change from 0 to 512
[  409.710255] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  409.711163] EXT4-fs (loop6): group descriptors corrupted!
03:40:35 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 1)

03:40:35 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 1)

03:40:35 executing program 5:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

03:40:35 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

03:40:35 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:35 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:40:35 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 9)

03:40:35 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  418.840973] FAULT_INJECTION: forcing a failure.
[  418.840973] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  418.842070] CPU: 0 UID: 0 PID: 5654 Comm: syz-executor.2 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  418.842086] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  418.842093] Call Trace:
[  418.842098]  <TASK>
[  418.842102]  dump_stack_lvl+0xfa/0x120
[  418.842130]  should_fail_ex+0x4d7/0x5e0
[  418.842149]  _copy_from_user+0x30/0xd0
[  418.842165]  copy_clone_args_from_user+0x152/0x7a0
[  418.842182]  ? find_held_lock+0x2b/0x80
[  418.842194]  ? get_pid_task+0xfd/0x250
[  418.842209]  ? __pfx_copy_clone_args_from_user+0x10/0x10
[  418.842224]  ? get_pid_task+0x107/0x250
[  418.842237]  ? proc_fail_nth_write+0x97/0x220
[  418.842257]  ? find_held_lock+0x2b/0x80
[  418.842268]  ? ksys_write+0x121/0x240
[  418.842284]  ? lock_is_held_type+0x9e/0x120
[  418.842306]  __do_sys_clone3+0xa5/0x280
[  418.842322]  ? __pfx___do_sys_clone3+0x10/0x10
[  418.842338]  ? __mutex_unlock_slowpath+0x157/0x740
[  418.842357]  ? kernel_write+0x583/0x660
[  418.842373]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  418.842392]  ? __fget_files+0x20d/0x3b0
[  418.842413]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  418.842433]  ? ksys_write+0x1a3/0x240
[  418.842447]  ? __pfx_ksys_write+0x10/0x10
[  418.842460]  ? irqentry_exit+0xee/0x650
[  418.842476]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  418.842502]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  418.842522]  do_syscall_64+0xbf/0x420
[  418.842535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.842547] RIP: 0033:0x7f151bad5b19
[  418.842557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  418.842568] RSP: 002b:00007f151904b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  418.842580] RAX: ffffffffffffffda RBX: 00007f151bbe8f60 RCX: 00007f151bad5b19
[  418.842588] RDX: 0000000000000000 RSI: 000000000000006c RDI: 0000000020005880
[  418.842595] RBP: 00007f151904b1d0 R08: 0000000000000000 R09: 0000000000000000
[  418.842602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  418.842608] R13: 00007ffdb223eccf R14: 00007f151904b300 R15: 0000000000022000
[  418.842624]  </TASK>
[  418.860454] loop3: detected capacity change from 0 to 512
[  418.860875] FAULT_INJECTION: forcing a failure.
[  418.860875] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  418.862927] CPU: 1 UID: 0 PID: 5655 Comm: syz-executor.7 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  418.862960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  418.862974] Call Trace:
[  418.862982]  <TASK>
[  418.862991]  dump_stack_lvl+0xfa/0x120
[  418.863041]  should_fail_ex+0x4d7/0x5e0
[  418.863074]  _copy_from_user+0x30/0xd0
[  418.863105]  copy_clone_args_from_user+0x152/0x7a0
[  418.863136]  ? find_held_lock+0x2b/0x80
[  418.863159]  ? get_pid_task+0xfd/0x250
[  418.863189]  ? __pfx_copy_clone_args_from_user+0x10/0x10
[  418.863222]  ? get_pid_task+0x107/0x250
[  418.863250]  ? proc_fail_nth_write+0x97/0x220
[  418.863290]  ? find_held_lock+0x2b/0x80
[  418.863313]  ? ksys_write+0x121/0x240
[  418.863344]  ? lock_is_held_type+0x9e/0x120
[  418.863386]  __do_sys_clone3+0xa5/0x280
[  418.863418]  ? __pfx___do_sys_clone3+0x10/0x10
[  418.863455]  ? __mutex_unlock_slowpath+0x157/0x740
[  418.863493]  ? kernel_write+0x583/0x660
[  418.863528]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  418.863572]  ? __fget_files+0x20d/0x3b0
[  418.863612]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  418.863650]  ? ksys_write+0x1a3/0x240
[  418.863681]  ? __pfx_ksys_write+0x10/0x10
[  418.863711]  ? irqentry_exit+0xee/0x650
[  418.863747]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  418.863781]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  418.863823]  do_syscall_64+0xbf/0x420
[  418.863850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.863875] RIP: 0033:0x7f0f46a55b19
[  418.863893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  418.863917] RSP: 002b:00007f0f43fcb188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  418.863940] RAX: ffffffffffffffda RBX: 00007f0f46b68f60 RCX: 00007f0f46a55b19
[  418.863957] RDX: 0000000000000000 RSI: 000000000000006c RDI: 0000000020005880
[  418.863972] RBP: 00007f0f43fcb1d0 R08: 0000000000000000 R09: 0000000000000000
[  418.863987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  418.864002] R13: 00007ffc17ff05ef R14: 00007f0f43fcb300 R15: 0000000000022000
[  418.864035]  </TASK>
[  418.899047] loop6: detected capacity change from 0 to 512
[  418.902298] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  418.903082] EXT4-fs (loop6): group descriptors corrupted!
[  418.916854] FAULT_INJECTION: forcing a failure.
[  418.916854] name failslab, interval 1, probability 0, space 0, times 0
[  418.917905] CPU: 0 UID: 0 PID: 5664 Comm: syz-executor.1 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  418.917921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  418.917928] Call Trace:
[  418.917932]  <TASK>
[  418.917937]  dump_stack_lvl+0xfa/0x120
[  418.917962]  should_fail_ex+0x4d7/0x5e0
[  418.917980]  should_failslab+0xc2/0x120
[  418.917998]  __kmalloc_noprof+0xd6/0x830
[  418.918021]  ? __pfx_perf_event_init_task+0x10/0x10
[  418.918037]  ? audit_alloc+0xa3/0x780
[  418.918049]  ? security_task_alloc+0xf0/0x150
[  418.918067]  ? __pfx_audit_alloc+0x10/0x10
[  418.918080]  ? security_task_alloc+0xf0/0x150
[  418.918095]  ? copy_process+0x1e1e/0x7230
[  418.918111]  security_task_alloc+0xf0/0x150
[  418.918128]  copy_process+0x1fed/0x7230
[  418.918142]  ? __pfx__kstrtoull+0x10/0x10
[  418.918165]  ? __pfx_copy_process+0x10/0x10
[  418.918180]  ? __might_fault+0xe0/0x190
[  418.918197]  ? _copy_from_user+0x5b/0xd0
[  418.918212]  kernel_clone+0xea/0x7c0
[  418.918226]  ? get_pid_task+0xfd/0x250
[  418.918242]  ? __pfx_kernel_clone+0x10/0x10
[  418.918260]  ? find_held_lock+0x2b/0x80
[  418.918272]  ? ksys_write+0x121/0x240
[  418.918287]  ? lock_is_held_type+0x9e/0x120
[  418.918309]  __do_sys_clone3+0x1f5/0x280
[  418.918323]  ? __pfx___do_sys_clone3+0x10/0x10
[  418.918345]  ? __fget_files+0x20d/0x3b0
[  418.918364]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  418.918383]  ? ksys_write+0x1a3/0x240
[  418.918396]  ? __pfx_ksys_write+0x10/0x10
[  418.918410]  ? irqentry_exit+0xee/0x650
[  418.918426]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  418.918441]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  418.918461]  do_syscall_64+0xbf/0x420
[  418.918473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.918494] RIP: 0033:0x7fdfc7692b19
[  418.918503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  418.918515] RSP: 002b:00007fdfc4c08188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  418.918527] RAX: ffffffffffffffda RBX: 00007fdfc77a5f60 RCX: 00007fdfc7692b19
[  418.918535] RDX: 0000000000000000 RSI: 000000000000006c RDI: 0000000020005880
[  418.918542] RBP: 00007fdfc4c081d0 R08: 0000000000000000 R09: 0000000000000000
[  418.918549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  418.918555] R13: 00007ffc9a0950bf R14: 00007fdfc4c08300 R15: 0000000000022000
[  418.918570]  </TASK>
[  418.938365] Process accounting paused
03:40:36 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 2)

03:40:36 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  418.973446] FAULT_INJECTION: forcing a failure.
[  418.973446] name failslab, interval 1, probability 0, space 0, times 0
[  418.974436] CPU: 0 UID: 0 PID: 5669 Comm: syz-executor.2 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  418.974452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  418.974459] Call Trace:
[  418.974463]  <TASK>
[  418.974468]  dump_stack_lvl+0xfa/0x120
[  418.974505]  should_fail_ex+0x4d7/0x5e0
[  418.974523]  should_failslab+0xc2/0x120
[  418.974541]  kmem_cache_alloc_node_noprof+0x87/0x730
[  418.974555]  ? copy_process+0x3da/0x7230
[  418.974571]  ? copy_process+0x460/0x7230
[  418.974588]  ? copy_process+0x460/0x7230
[  418.974601]  copy_process+0x460/0x7230
[  418.974615]  ? __pfx__kstrtoull+0x10/0x10
[  418.974635]  ? lock_acquire+0x15e/0x2d0
[  418.974652]  ? __might_fault+0xe0/0x190
[  418.974670]  ? __pfx_copy_process+0x10/0x10
[  418.974684]  ? __might_fault+0xe0/0x190
[  418.974700]  ? _copy_from_user+0x5b/0xd0
[  418.974716]  kernel_clone+0xea/0x7c0
[  418.974730]  ? get_pid_task+0xfd/0x250
[  418.974745]  ? __pfx_kernel_clone+0x10/0x10
[  418.974763]  ? find_held_lock+0x2b/0x80
[  418.974775]  ? ksys_write+0x121/0x240
[  418.974791]  ? lock_is_held_type+0x9e/0x120
[  418.974812]  __do_sys_clone3+0x1f5/0x280
[  418.974826]  ? __pfx___do_sys_clone3+0x10/0x10
[  418.974848]  ? __fget_files+0x20d/0x3b0
[  418.974868]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  418.974888]  ? ksys_write+0x1a3/0x240
[  418.974902]  ? __pfx_ksys_write+0x10/0x10
[  418.974916]  ? irqentry_exit+0xee/0x650
[  418.974932]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  418.974947]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  418.974966]  do_syscall_64+0xbf/0x420
[  418.974979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.974991] RIP: 0033:0x7f151bad5b19
[  418.975000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  418.975012] RSP: 002b:00007f151904b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  418.975028] RAX: ffffffffffffffda RBX: 00007f151bbe8f60 RCX: 00007f151bad5b19
[  418.975035] RDX: 0000000000000000 RSI: 000000000000006c RDI: 0000000020005880
[  418.975042] RBP: 00007f151904b1d0 R08: 0000000000000000 R09: 0000000000000000
[  418.975050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  418.975057] R13: 00007ffdb223eccf R14: 00007f151904b300 R15: 0000000000022000
[  418.975073]  </TASK>
03:40:36 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[  419.015354] loop3: detected capacity change from 0 to 512
03:40:36 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  419.039382] loop6: detected capacity change from 0 to 512
[  419.043937] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  419.044773] EXT4-fs (loop6): group descriptors corrupted!
03:40:36 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 2)

03:40:36 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

03:40:36 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 10)

03:40:36 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 3)

03:40:36 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  419.125926] FAULT_INJECTION: forcing a failure.
[  419.125926] name failslab, interval 1, probability 0, space 0, times 0
[  419.127719] CPU: 1 UID: 0 PID: 5679 Comm: syz-executor.7 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  419.127749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  419.127762] Call Trace:
[  419.127770]  <TASK>
[  419.127778]  dump_stack_lvl+0xfa/0x120
[  419.127821]  should_fail_ex+0x4d7/0x5e0
[  419.127853]  should_failslab+0xc2/0x120
[  419.127885]  kmem_cache_alloc_node_noprof+0x87/0x730
[  419.127911]  ? copy_process+0x3da/0x7230
[  419.127939]  ? copy_process+0x460/0x7230
[  419.127972]  ? copy_process+0x460/0x7230
[  419.127998]  copy_process+0x460/0x7230
[  419.128033]  ? __pfx__kstrtoull+0x10/0x10
[  419.128070]  ? lock_acquire+0x15e/0x2d0
[  419.128099]  ? __might_fault+0xe0/0x190
[  419.128130]  ? __pfx_copy_process+0x10/0x10
03:40:36 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  419.128158]  ? __might_fault+0xe0/0x190
[  419.128189]  ? _copy_from_user+0x5b/0xd0
[  419.128219]  kernel_clone+0xea/0x7c0
[  419.128246]  ? get_pid_task+0xfd/0x250
[  419.128273]  ? __pfx_kernel_clone+0x10/0x10
[  419.128309]  ? find_held_lock+0x2b/0x80
[  419.128331]  ? ksys_write+0x121/0x240
[  419.128359]  ? lock_is_held_type+0x9e/0x120
[  419.128398]  __do_sys_clone3+0x1f5/0x280
[  419.128426]  ? __pfx___do_sys_clone3+0x10/0x10
[  419.128470]  ? __fget_files+0x20d/0x3b0
[  419.128507]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  419.128542]  ? ksys_write+0x1a3/0x240
[  419.128570]  ? __pfx_ksys_write+0x10/0x10
[  419.128596]  ? irqentry_exit+0xee/0x650
[  419.128629]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  419.128659]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  419.128696]  do_syscall_64+0xbf/0x420
[  419.128720]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.128743] RIP: 0033:0x7f0f46a55b19
[  419.128760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  419.128782] RSP: 002b:00007f0f43fcb188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  419.128804] RAX: ffffffffffffffda RBX: 00007f0f46b68f60 RCX: 00007f0f46a55b19
[  419.128819] RDX: 0000000000000000 RSI: 000000000000006c RDI: 0000000020005880
[  419.128832] RBP: 00007f0f43fcb1d0 R08: 0000000000000000 R09: 0000000000000000
[  419.128846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  419.128858] R13: 00007ffc17ff05ef R14: 00007f0f43fcb300 R15: 0000000000022000
[  419.128888]  </TASK>
[  419.156589] loop3: detected capacity change from 0 to 512
[  419.189658] loop6: detected capacity change from 0 to 512
03:40:36 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[  419.200776] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  419.202277] EXT4-fs (loop6): group descriptors corrupted!
03:40:36 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:36 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 4)

[  419.259003] FAULT_INJECTION: forcing a failure.
[  419.259003] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  419.260583] CPU: 0 UID: 0 PID: 5693 Comm: syz-executor.2 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  419.260599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  419.260606] Call Trace:
[  419.260611]  <TASK>
[  419.260615]  dump_stack_lvl+0xfa/0x120
[  419.260643]  should_fail_ex+0x4d7/0x5e0
[  419.260661]  should_fail_alloc_page+0xe0/0x110
[  419.260680]  prepare_alloc_pages+0x1eb/0x550
[  419.260700]  __alloc_frozen_pages_noprof+0x17f/0x2000
[  419.260723]  ? lock_acquire+0x15e/0x2d0
[  419.260740]  ? __memcg_slab_post_alloc_hook+0x446/0x970
[  419.260755]  ? find_held_lock+0x2b/0x80
[  419.260767]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  419.260785]  ? lock_release+0xc8/0x270
[  419.260804]  ? __create_object+0x59/0x80
[  419.260817]  ? kmem_cache_alloc_node_noprof+0x475/0x730
[  419.260830]  ? __asan_memset+0x24/0x50
[  419.260848]  __alloc_pages_noprof+0xb/0x30
[  419.260865]  copy_process+0x4f4/0x7230
[  419.260882]  ? __pfx__kstrtoull+0x10/0x10
[  419.260903]  ? lock_acquire+0x15e/0x2d0
[  419.260917]  ? __might_fault+0xe0/0x190
[  419.260933]  ? __pfx_copy_process+0x10/0x10
[  419.260948]  ? __might_fault+0xe0/0x190
[  419.260963]  ? _copy_from_user+0x5b/0xd0
[  419.260979]  kernel_clone+0xea/0x7c0
[  419.260993]  ? get_pid_task+0xfd/0x250
[  419.261008]  ? __pfx_kernel_clone+0x10/0x10
[  419.261030]  ? find_held_lock+0x2b/0x80
[  419.261041]  ? ksys_write+0x121/0x240
[  419.261057]  ? lock_is_held_type+0x9e/0x120
[  419.261077]  __do_sys_clone3+0x1f5/0x280
[  419.261092]  ? __pfx___do_sys_clone3+0x10/0x10
[  419.261114]  ? __fget_files+0x20d/0x3b0
[  419.261134]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  419.261154]  ? ksys_write+0x1a3/0x240
[  419.261167]  ? __pfx_ksys_write+0x10/0x10
[  419.261180]  ? irqentry_exit+0xee/0x650
[  419.261197]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  419.261212]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  419.261231]  do_syscall_64+0xbf/0x420
[  419.261243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.261256] RIP: 0033:0x7f151bad5b19
[  419.261265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  419.261277] RSP: 002b:00007f151904b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  419.261289] RAX: ffffffffffffffda RBX: 00007f151bbe8f60 RCX: 00007f151bad5b19
[  419.261297] RDX: 0000000000000000 RSI: 000000000000006c RDI: 0000000020005880
[  419.261304] RBP: 00007f151904b1d0 R08: 0000000000000000 R09: 0000000000000000
[  419.261311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  419.261318] R13: 00007ffdb223eccf R14: 00007f151904b300 R15: 0000000000022000
[  419.261333]  </TASK>
03:40:36 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

[  419.284574] loop3: detected capacity change from 0 to 512
03:40:36 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:40:36 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 3)

[  419.345628] loop6: detected capacity change from 0 to 512
03:40:36 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  419.349813] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  419.350591] EXT4-fs (loop6): group descriptors corrupted!
03:40:45 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 11)

03:40:45 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:40:45 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:40:45 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 5)

03:40:45 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

03:40:45 executing program 5:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:45 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  427.904984] FAULT_INJECTION: forcing a failure.
[  427.904984] name failslab, interval 1, probability 0, space 0, times 0
[  427.906156] CPU: 1 UID: 0 PID: 5716 Comm: syz-executor.2 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  427.906172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  427.906179] Call Trace:
[  427.906183]  <TASK>
[  427.906187]  dump_stack_lvl+0xfa/0x120
[  427.906216]  should_fail_ex+0x4d7/0x5e0
[  427.906234]  ? prepare_creds+0x2c/0x830
[  427.906251]  should_failslab+0xc2/0x120
[  427.906269]  kmem_cache_alloc_noprof+0x80/0x710
[  427.906288]  ? prepare_creds+0x2c/0x830
[  427.906303]  prepare_creds+0x2c/0x830
[  427.906321]  copy_creds+0x7c/0xa30
[  427.906340]  copy_process+0xeb0/0x7230
[  427.906356]  ? __pfx_perf_trace_lock+0x10/0x10
[  427.906377]  ? lock_acquire+0x15e/0x2d0
[  427.906397]  ? __pfx_copy_process+0x10/0x10
[  427.906411]  ? __might_fault+0xe0/0x190
[  427.906429]  ? _copy_from_user+0x5b/0xd0
[  427.906447]  kernel_clone+0xea/0x7c0
[  427.906461]  ? get_pid_task+0xfd/0x250
[  427.906476]  ? __pfx_kernel_clone+0x10/0x10
[  427.906490]  ? perf_trace_lock+0xb5/0x5d0
[  427.906522]  ? find_held_lock+0x2b/0x80
[  427.906533]  ? ksys_write+0x121/0x240
[  427.906549]  ? lock_is_held_type+0x9e/0x120
[  427.906573]  __do_sys_clone3+0x1f5/0x280
[  427.906588]  ? __pfx___do_sys_clone3+0x10/0x10
[  427.906612]  ? __fget_files+0x20d/0x3b0
[  427.906633]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  427.906653]  ? ksys_write+0x1a3/0x240
[  427.906667]  ? __pfx_ksys_write+0x10/0x10
[  427.906680]  ? irqentry_exit+0xee/0x650
[  427.906697]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  427.906712]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  427.906732]  do_syscall_64+0xbf/0x420
[  427.906745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.906757] RIP: 0033:0x7f151bad5b19
[  427.906767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  427.906778] RSP: 002b:00007f151904b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  427.906790] RAX: ffffffffffffffda RBX: 00007f151bbe8f60 RCX: 00007f151bad5b19
[  427.906798] RDX: 0000000000000000 RSI: 000000000000006c RDI: 0000000020005880
[  427.906805] RBP: 00007f151904b1d0 R08: 0000000000000000 R09: 0000000000000000
[  427.906812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  427.906819] R13: 00007ffdb223eccf R14: 00007f151904b300 R15: 0000000000022000
[  427.906836]  </TASK>
[  427.927111] FAULT_INJECTION: forcing a failure.
[  427.927111] name failslab, interval 1, probability 0, space 0, times 0
[  427.927981] CPU: 1 UID: 0 PID: 5717 Comm: syz-executor.1 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  427.927996] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  427.928002] Call Trace:
[  427.928006]  <TASK>
[  427.928010]  dump_stack_lvl+0xfa/0x120
[  427.928034]  should_fail_ex+0x4d7/0x5e0
[  427.928049]  ? dup_fd+0x4d/0xa50
[  427.928064]  should_failslab+0xc2/0x120
[  427.928080]  kmem_cache_alloc_noprof+0x80/0x710
[  427.928097]  ? dup_fd+0x4d/0xa50
[  427.928110]  dup_fd+0x4d/0xa50
[  427.928129]  copy_process+0x20e0/0x7230
[  427.928144]  ? __pfx_perf_trace_lock+0x10/0x10
[  427.928168]  ? __pfx_copy_process+0x10/0x10
[  427.928183]  ? __might_fault+0xe0/0x190
[  427.928199]  ? _copy_from_user+0x5b/0xd0
[  427.928216]  kernel_clone+0xea/0x7c0
[  427.928229]  ? get_pid_task+0xfd/0x250
[  427.928243]  ? __pfx_kernel_clone+0x10/0x10
[  427.928256]  ? perf_trace_lock+0xb5/0x5d0
[  427.928275]  ? find_held_lock+0x2b/0x80
[  427.928286]  ? ksys_write+0x121/0x240
[  427.928300]  ? lock_is_held_type+0x9e/0x120
[  427.928321]  __do_sys_clone3+0x1f5/0x280
[  427.928335]  ? __pfx___do_sys_clone3+0x10/0x10
[  427.928359]  ? __fget_files+0x20d/0x3b0
[  427.928379]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  427.928396]  ? ksys_write+0x1a3/0x240
[  427.928411]  ? __pfx_ksys_write+0x10/0x10
[  427.928424]  ? irqentry_exit+0xee/0x650
[  427.928440]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  427.928456]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  427.928475]  do_syscall_64+0xbf/0x420
[  427.928488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.928499] RIP: 0033:0x7fdfc7692b19
[  427.928508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  427.928519] RSP: 002b:00007fdfc4c08188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  427.928530] RAX: ffffffffffffffda RBX: 00007fdfc77a5f60 RCX: 00007fdfc7692b19
[  427.928537] RDX: 0000000000000000 RSI: 000000000000006c RDI: 0000000020005880
[  427.928544] RBP: 00007fdfc4c081d0 R08: 0000000000000000 R09: 0000000000000000
[  427.928550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  427.928557] R13: 00007ffc9a0950bf R14: 00007fdfc4c08300 R15: 0000000000022000
[  427.928574]  </TASK>
[  427.932961] loop5: detected capacity change from 0 to 512
[  427.944673] loop3: detected capacity change from 0 to 22
03:40:45 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 6)

[  427.955652] loop6: detected capacity change from 0 to 512
[  427.966948] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  427.968597] EXT4-fs (loop6): group descriptors corrupted!
[  427.972643] EXT4-fs (loop3): bad geometry: block count 256 exceeds size of device (11 blocks)
[  427.976508] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  427.978091] EXT4-fs (loop5): group descriptors corrupted!
03:40:56 executing program 7:
clone3(&(0x7f0000005880)={0x2, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:40:56 executing program 5:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:56 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

03:40:56 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 12)

03:40:56 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:56 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:40:56 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="03000000040000", 0x7, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:56 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 7)

[  439.234412] loop3: detected capacity change from 0 to 22
[  439.239076] EXT4-fs (loop3): bad geometry: block count 256 exceeds size of device (11 blocks)
03:40:56 executing program 7:
clone3(&(0x7f0000005880)={0x3, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:40:56 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  439.281589] loop5: detected capacity change from 0 to 512
[  439.292852] loop6: detected capacity change from 0 to 512
03:40:56 executing program 7:
clone3(&(0x7f0000005880)={0x4, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  439.298121] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  439.299469] EXT4-fs (loop5): group descriptors corrupted!
[  439.300310] FAULT_INJECTION: forcing a failure.
[  439.300310] name failslab, interval 1, probability 0, space 0, times 0
[  439.302071] CPU: 1 UID: 0 PID: 5751 Comm: syz-executor.2 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  439.302100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  439.302113] Call Trace:
[  439.302120]  <TASK>
[  439.302129]  dump_stack_lvl+0xfa/0x120
[  439.302172]  should_fail_ex+0x4d7/0x5e0
[  439.302204]  should_failslab+0xc2/0x120
[  439.302237]  __kmalloc_noprof+0xd6/0x830
[  439.302271]  ? __create_object+0x59/0x80
[  439.302295]  ? security_prepare_creds+0x101/0x160
[  439.302336]  ? security_prepare_creds+0x101/0x160
[  439.302368]  security_prepare_creds+0x101/0x160
[  439.302404]  prepare_creds+0x55c/0x830
[  439.302440]  copy_creds+0x7c/0xa30
[  439.302476]  copy_process+0xeb0/0x7230
[  439.302506]  ? __pfx_perf_trace_lock+0x10/0x10
[  439.302570]  ? lock_acquire+0x15e/0x2d0
[  439.302622]  ? __pfx_copy_process+0x10/0x10
[  439.302655]  ? __might_fault+0xe0/0x190
[  439.302688]  ? _copy_from_user+0x5b/0xd0
[  439.302720]  kernel_clone+0xea/0x7c0
[  439.302747]  ? get_pid_task+0xfd/0x250
[  439.302774]  ? __pfx_kernel_clone+0x10/0x10
[  439.302800]  ? perf_trace_lock+0xb5/0x5d0
[  439.302838]  ? find_held_lock+0x2b/0x80
[  439.302860]  ? ksys_write+0x121/0x240
[  439.302888]  ? lock_is_held_type+0x9e/0x120
[  439.302927]  __do_sys_clone3+0x1f5/0x280
[  439.302956]  ? __pfx___do_sys_clone3+0x10/0x10
[  439.303003]  ? __fget_files+0x20d/0x3b0
[  439.303049]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  439.303084]  ? ksys_write+0x1a3/0x240
[  439.303111]  ? __pfx_ksys_write+0x10/0x10
[  439.303137]  ? irqentry_exit+0xee/0x650
[  439.303168]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  439.303198]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  439.303236]  do_syscall_64+0xbf/0x420
[  439.303260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.303283] RIP: 0033:0x7f151bad5b19
[  439.303300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  439.303321] RSP: 002b:00007f151904b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  439.303342] RAX: ffffffffffffffda RBX: 00007f151bbe8f60 RCX: 00007f151bad5b19
[  439.303357] RDX: 0000000000000000 RSI: 000000000000006c RDI: 0000000020005880
[  439.303370] RBP: 00007f151904b1d0 R08: 0000000000000000 R09: 0000000000000000
[  439.303383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  439.303395] R13: 00007ffdb223eccf R14: 00007f151904b300 R15: 0000000000022000
[  439.303428]  </TASK>
[  439.309190] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  439.326238] EXT4-fs (loop6): group descriptors corrupted!
[  439.368787] loop3: detected capacity change from 0 to 22
03:40:56 executing program 5:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:56 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:40:56 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

[  439.411386] EXT4-fs (loop3): bad geometry: block count 256 exceeds size of device (11 blocks)
03:40:56 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[  439.415953] loop5: detected capacity change from 0 to 512
03:40:56 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c) (fail_nth: 8)

[  439.420932] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  439.421785] EXT4-fs (loop5): group descriptors corrupted!
03:40:56 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

03:40:56 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="03000000040000", 0x7, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:56 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:40:56 executing program 7:
clone3(&(0x7f0000005880)={0x5, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  439.515847] loop6: detected capacity change from 0 to 512
[  439.520538] loop5: detected capacity change from 0 to 512
03:40:56 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012900))

[  439.530802] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  439.531606] EXT4-fs (loop6): group descriptors corrupted!
[  439.537906] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  439.538757] EXT4-fs (loop5): group descriptors corrupted!
03:40:56 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

[  439.619066] No source specified
03:41:05 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="03000000040000", 0x7, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:05 executing program 1:
clone3(&(0x7f0000005880)={0x2, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:05 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012900))

03:41:05 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

03:41:05 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, 0x0, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:41:05 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:05 executing program 7:
clone3(&(0x7f0000005880)={0x6, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:05 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  448.430529] loop6: detected capacity change from 0 to 512
[  448.434705] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  448.435478] EXT4-fs (loop6): group descriptors corrupted!
[  448.469211] loop5: detected capacity change from 0 to 512
[  448.483951] No source specified
03:41:14 executing program 7:
clone3(&(0x7f0000005880)={0x7, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:14 executing program 1:
clone3(&(0x7f0000005880)={0x3, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:14 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004000000", 0x8, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:14 executing program 2:
clone3(&(0x7f0000005880)={0x2, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:14 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, 0x0, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:41:14 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012900))

03:41:14 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:14 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, 0x0, 0x414d02)

[  457.681694] loop6: detected capacity change from 0 to 512
[  457.691525] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  457.692368] EXT4-fs (loop6): group descriptors corrupted!
[  457.703656] loop5: detected capacity change from 0 to 512
03:41:14 executing program 7:
clone3(&(0x7f0000005880)={0x8, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  457.725977] No source specified
03:41:14 executing program 2:
clone3(&(0x7f0000005880)={0x3, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:14 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004000000", 0x8, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  457.777962] loop6: detected capacity change from 0 to 512
[  457.785255] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  457.785992] EXT4-fs (loop6): group descriptors corrupted!
03:41:14 executing program 7:
clone3(&(0x7f0000005880)={0x9, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:14 executing program 1:
clone3(&(0x7f0000005880)={0x4, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  457.808739] Process accounting resumed
03:41:14 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}], 0x0, &(0x7f0000012900))

03:41:14 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, 0x0, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:41:14 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:14 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, 0x0, 0x414d02)

03:41:14 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004000000", 0x8, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  457.889113] loop6: detected capacity change from 0 to 512
03:41:15 executing program 2:
clone3(&(0x7f0000005880)={0x4, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  457.919702] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  457.920478] EXT4-fs (loop6): group descriptors corrupted!
[  457.936850] loop5: detected capacity change from 0 to 512
[  457.938005] loop3: detected capacity change from 0 to 512
[  457.958249] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  457.959816] EXT4-fs (loop3): group descriptors corrupted!
03:41:15 executing program 2:
clone3(&(0x7f0000005880)={0x5, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:15 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:15 executing program 7:
clone3(&(0x7f0000005880)={0xd, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:15 executing program 1:
clone3(&(0x7f0000005880)={0x5, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:15 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, 0x0, 0x414d02)

03:41:15 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012900))

[  458.097557] loop6: detected capacity change from 0 to 512
[  458.106470] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  458.107425] EXT4-fs (loop6): group descriptors corrupted!
[  458.139369] loop5: detected capacity change from 0 to 512
[  458.140226] loop3: detected capacity change from 0 to 512
[  458.152268] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:41:24 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10}, 0x414d02)

03:41:24 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012900))

03:41:24 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:24 executing program 2:
clone3(&(0x7f0000005880)={0x6, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:24 executing program 1:
clone3(&(0x7f0000005880)={0x6, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:24 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:24 executing program 7:
clone3(&(0x7f0000005880)={0x10, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:24 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[  467.789559] loop6: detected capacity change from 0 to 512
[  467.792226] loop5: detected capacity change from 0 to 512
[  467.797093] loop3: detected capacity change from 0 to 512
[  467.797469] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  467.799071] EXT4-fs (loop6): group descriptors corrupted!
[  467.812245] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:41:24 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  467.877833] loop5: detected capacity change from 0 to 512
03:41:34 executing program 1:
clone3(&(0x7f0000005880)={0x7, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:34 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:34 executing program 7:
clone3(&(0x7f0000005880)={0x11, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:34 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:34 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:41:34 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012900))

03:41:34 executing program 2:
clone3(&(0x7f0000005880)={0x7, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:34 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10}, 0x414d02)

[  477.780690] loop5: detected capacity change from 0 to 22
[  477.793856] loop3: detected capacity change from 0 to 512
[  477.804399] EXT4-fs (loop5): bad geometry: block count 256 exceeds size of device (11 blocks)
03:41:34 executing program 1:
clone3(&(0x7f0000005880)={0x8, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  477.822120] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  477.831938] loop6: detected capacity change from 0 to 512
[  477.853694] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  477.855079] EXT4-fs (loop6): group descriptors corrupted!
03:41:35 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10}, 0x414d02)

03:41:35 executing program 7:
clone3(&(0x7f0000005880)={0xf4, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:35 executing program 2:
clone3(&(0x7f0000005880)={0x8, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:35 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:41:35 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:35 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000012900))

03:41:35 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:35 executing program 1:
clone3(&(0x7f0000005880)={0x9, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  478.029160] loop5: detected capacity change from 0 to 22
[  478.043896] loop3: detected capacity change from 0 to 512
[  478.047300] EXT4-fs (loop5): bad geometry: block count 256 exceeds size of device (11 blocks)
03:41:35 executing program 7:
clone3(&(0x7f0000005880)={0x210, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  478.061947] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  478.137705] loop6: detected capacity change from 0 to 512
[  478.166199] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
03:41:43 executing program 2:
clone3(&(0x7f0000005880)={0x9, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:43 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

03:41:43 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:43 executing program 7:
clone3(&(0x7f0000005880)={0x300, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:43 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:43 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000012900))

03:41:43 executing program 1:
clone3(&(0x7f0000005880)={0xd, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:43 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x0)

[  486.675965] loop3: detected capacity change from 0 to 512
[  486.683578] loop5: detected capacity change from 0 to 22
[  486.691870] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  486.692480] EXT4-fs (loop5): bad geometry: block count 256 exceeds size of device (11 blocks)
[  486.716811] loop6: detected capacity change from 0 to 512
03:41:43 executing program 7:
clone3(&(0x7f0000005880)={0x500, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  486.738053] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
03:41:43 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000012900))

03:41:43 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012900))

03:41:43 executing program 2:
clone3(&(0x7f0000005880)={0xd, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:43 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

03:41:43 executing program 1:
clone3(&(0x7f0000005880)={0x10, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  486.808951] No source specified
[  486.811774] loop3: detected capacity change from 0 to 512
03:41:43 executing program 7:
clone3(&(0x7f0000005880)={0x600, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  486.820367] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:41:43 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x0)

03:41:43 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012900))

03:41:43 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  486.900278] No source specified
[  486.951942] loop6: detected capacity change from 0 to 512
[  486.956918] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
03:41:53 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x0)

03:41:53 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}], 0x0, &(0x7f0000012900))

03:41:53 executing program 7:
clone3(&(0x7f0000005880)={0x700, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:53 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:41:53 executing program 2:
clone3(&(0x7f0000005880)={0x10, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:53 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012900))

03:41:53 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

03:41:53 executing program 1:
clone3(&(0x7f0000005880)={0x11, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  496.014503] loop3: detected capacity change from 0 to 512
[  496.025832] loop6: detected capacity change from 0 to 512
[  496.027229] No source specified
03:41:53 executing program 7:
clone3(&(0x7f0000005880)={0x840, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  496.033532] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  496.043731] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  496.053797] Process accounting paused
03:41:53 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:41:53 executing program 2:
clone3(&(0x7f0000005880)={0x11, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:41:53 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  496.148011] loop5: detected capacity change from 0 to 512
[  496.150822] loop6: detected capacity change from 0 to 512
[  496.159027] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  496.160111] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  496.160930] EXT4-fs (loop5): group descriptors corrupted!
03:42:03 executing program 2:
clone3(&(0x7f0000005880)={0xf4, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:03 executing program 1:
clone3(&(0x7f0000005880)={0xf4, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:03 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:42:03 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}], 0x0, &(0x7f0000012900))

03:42:03 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}], 0x0, &(0x7f0000012900))

03:42:03 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

03:42:03 executing program 7:
clone3(&(0x7f0000005880)={0x900, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:03 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 1)

[  506.177487] loop3: detected capacity change from 0 to 512
[  506.178783] loop5: detected capacity change from 0 to 512
[  506.187631] loop6: detected capacity change from 0 to 512
[  506.193906] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  506.195347] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  506.196916] EXT4-fs (loop5): group descriptors corrupted!
[  506.201988] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  506.228752] FAULT_INJECTION: forcing a failure.
[  506.228752] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  506.230603] CPU: 0 UID: 0 PID: 6036 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  506.230632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  506.230643] Call Trace:
[  506.230652]  <TASK>
[  506.230662]  dump_stack_lvl+0xfa/0x120
[  506.230721]  should_fail_ex+0x4d7/0x5e0
[  506.230762]  _copy_from_user+0x30/0xd0
[  506.230798]  do_handle_open+0xd5/0xd00
[  506.230827]  ? __pfx_do_handle_open+0x10/0x10
[  506.230866]  ? ksys_write+0x1a3/0x240
[  506.230896]  ? __pfx_ksys_write+0x10/0x10
[  506.230921]  ? irqentry_exit+0xee/0x650
[  506.230954]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  506.230983]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  506.231044]  do_syscall_64+0xbf/0x420
[  506.231074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  506.231097] RIP: 0033:0x7f349fed8b19
[  506.231114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  506.231134] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  506.231155] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  506.231169] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  506.231182] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  506.231194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  506.231206] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  506.231271]  </TASK>
03:42:03 executing program 1:
clone3(&(0x7f0000005880)={0x250, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:03 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}], 0x0, &(0x7f0000012900))

03:42:03 executing program 2:
clone3(&(0x7f0000005880)={0x274, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:03 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:42:03 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}], 0x0, &(0x7f0000012900))

03:42:03 executing program 7:
clone3(&(0x7f0000005880)={0xd00, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:03 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

03:42:03 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 2)

[  506.399958] loop3: detected capacity change from 0 to 512
[  506.408867] loop5: detected capacity change from 0 to 512
[  506.410732] loop6: detected capacity change from 0 to 512
[  506.421885] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  506.425157] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  506.427116] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  506.428721] EXT4-fs (loop5): group descriptors corrupted!
03:42:03 executing program 1:
clone3(&(0x7f0000005880)={0x300, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:03 executing program 2:
clone3(&(0x7f0000005880)={0x300, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:03 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1", 0x2d, 0x400}], 0x0, &(0x7f0000012900))

[  506.554156] FAULT_INJECTION: forcing a failure.
[  506.554156] name failslab, interval 1, probability 0, space 0, times 0
[  506.555876] CPU: 0 UID: 0 PID: 6057 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  506.555904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  506.555917] Call Trace:
[  506.555925]  <TASK>
[  506.555936]  dump_stack_lvl+0xfa/0x120
[  506.555982]  should_fail_ex+0x4d7/0x5e0
[  506.556030]  should_failslab+0xc2/0x120
[  506.556065]  __kmalloc_noprof+0xd6/0x830
[  506.556109]  ? do_handle_open+0x5a7/0xd00
[  506.556149]  ? do_handle_open+0x5a7/0xd00
[  506.556168]  do_handle_open+0x5a7/0xd00
[  506.556196]  ? __pfx_do_handle_open+0x10/0x10
[  506.556234]  ? ksys_write+0x1a3/0x240
[  506.556264]  ? __pfx_ksys_write+0x10/0x10
[  506.556294]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  506.556323]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  506.556377]  do_syscall_64+0xbf/0x420
[  506.556408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  506.556430] RIP: 0033:0x7f349fed8b19
[  506.556448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  506.556468] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  506.556488] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  506.556503] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  506.556515] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  506.556528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  506.556540] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  506.556601]  </TASK>
[  506.609617] loop3: detected capacity change from 0 to 512
[  506.617617] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:42:13 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 3)

03:42:13 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1", 0x2d, 0x400}], 0x0, &(0x7f0000012900))

03:42:13 executing program 7:
clone3(&(0x7f0000005880)={0x1002, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:13 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}], 0x0, &(0x7f0000012900))

03:42:13 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

03:42:13 executing program 2:
clone3(&(0x7f0000005880)={0x500, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:13 executing program 1:
clone3(&(0x7f0000005880)={0x500, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:13 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  516.493438] loop3: detected capacity change from 0 to 512
03:42:13 executing program 1:
clone3(&(0x7f0000005880)={0x600, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:13 executing program 2:
clone3(&(0x7f0000005880)={0x600, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  516.520656] loop5: detected capacity change from 0 to 512
[  516.525130] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:42:13 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 4)

[  516.538193] loop6: detected capacity change from 0 to 512
[  516.544485] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  516.546192] EXT4-fs (loop5): group descriptors corrupted!
[  516.561777] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  516.567829] FAULT_INJECTION: forcing a failure.
[  516.567829] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  516.568894] CPU: 1 UID: 0 PID: 6096 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  516.568910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  516.568918] Call Trace:
[  516.568922]  <TASK>
[  516.568927]  dump_stack_lvl+0xfa/0x120
[  516.568954]  should_fail_ex+0x4d7/0x5e0
[  516.568972]  _copy_from_user+0x30/0xd0
[  516.568988]  do_handle_open+0x64b/0xd00
[  516.569001]  ? __pfx_do_handle_open+0x10/0x10
[  516.569019]  ? ksys_write+0x1a3/0x240
[  516.569036]  ? __pfx_ksys_write+0x10/0x10
[  516.569060]  do_syscall_64+0xbf/0x420
[  516.569076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.569089] RIP: 0033:0x7f349fed8b19
[  516.569098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  516.569110] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  516.569121] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  516.569129] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  516.569136] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  516.569143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  516.569150] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  516.569168]  </TASK>
03:42:13 executing program 7:
clone3(&(0x7f0000005880)={0x1100, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:13 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 5)

03:42:13 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0) (fail_nth: 1)

03:42:13 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1", 0x2d, 0x400}], 0x0, &(0x7f0000012900))

03:42:13 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  516.695616] loop3: detected capacity change from 0 to 512
[  516.703499] loop6: detected capacity change from 0 to 512
[  516.711921] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  516.713726] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  516.737458] FAULT_INJECTION: forcing a failure.
[  516.737458] name failslab, interval 1, probability 0, space 0, times 0
[  516.739400] CPU: 0 UID: 0 PID: 6114 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  516.739431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  516.739445] Call Trace:
[  516.739454]  <TASK>
[  516.739465]  dump_stack_lvl+0xfa/0x120
[  516.739516]  should_fail_ex+0x4d7/0x5e0
[  516.739559]  ? getname_kernel+0x52/0x390
[  516.739591]  should_failslab+0xc2/0x120
[  516.739629]  kmem_cache_alloc_noprof+0x80/0x710
[  516.739686]  ? getname_kernel+0x52/0x390
[  516.739720]  getname_kernel+0x52/0x390
[  516.739765]  do_file_open_root+0x17f/0x5e0
[  516.739806]  ? __pfx_do_file_open_root+0x10/0x10
[  516.739837]  ? perf_trace_run_bpf_submit+0xef/0x180
[  516.739863]  ? perf_trace_lock+0x337/0x5d0
[  516.739904]  ? perf_trace_run_bpf_submit+0xef/0x180
[  516.739955]  ? perf_trace_lock+0x337/0x5d0
[  516.740017]  ? __pfx_perf_trace_lock+0x10/0x10
[  516.740081]  ? find_held_lock+0x2b/0x80
[  516.740121]  file_open_root+0x2e4/0x470
[  516.740161]  ? __pfx_file_open_root+0x10/0x10
[  516.740190]  ? _raw_spin_unlock+0x1e/0x40
[  516.740265]  do_handle_open+0x9f2/0xd00
[  516.740296]  ? __pfx_do_handle_open+0x10/0x10
[  516.740339]  ? ksys_write+0x1a3/0x240
[  516.740371]  ? __pfx_ksys_write+0x10/0x10
[  516.740403]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  516.740436]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  516.740494]  do_syscall_64+0xbf/0x420
[  516.740527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.740552] RIP: 0033:0x7f349fed8b19
[  516.740572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  516.740594] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  516.740617] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  516.740632] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  516.740646] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  516.740660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  516.740673] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  516.740740]  </TASK>
03:42:23 executing program 1:
clone3(&(0x7f0000005880)={0x700, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:23 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 6)

03:42:23 executing program 2:
clone3(&(0x7f0000005880)={0x700, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:23 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f", 0x44, 0x400}], 0x0, &(0x7f0000012900))

03:42:23 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000012900))

03:42:23 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:42:23 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1", 0x2d, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:42:23 executing program 7:
clone3(&(0x7f0000005880)={0x2000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  526.590788] loop5: detected capacity change from 0 to 512
[  526.592874] cgroup: fork rejected by pids controller in /syz1
[  526.608700] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  526.610125] EXT4-fs (loop5): group descriptors corrupted!
[  526.615327] loop3: detected capacity change from 0 to 512
[  526.616911] loop6: detected capacity change from 0 to 512
[  526.633903] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  526.640308] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  526.641751] EXT4-fs (loop3): group descriptors corrupted!
03:42:23 executing program 1:
clone3(&(0x7f0000005880)={0x900, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  526.676275] Process accounting resumed
03:42:23 executing program 2:
clone3(&(0x7f0000005880)={0x900, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:23 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 7)

03:42:23 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000012900))

03:42:23 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1", 0x2d, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:42:23 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4", 0x2e, 0x400}], 0x0, &(0x7f0000012900))

03:42:23 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x2)

03:42:23 executing program 7:
clone3(&(0x7f0000005880)={0x3f00, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  526.822831] loop5: detected capacity change from 0 to 512
[  526.826885] FAULT_INJECTION: forcing a failure.
[  526.826885] name failslab, interval 1, probability 0, space 0, times 0
[  526.828637] CPU: 1 UID: 0 PID: 6155 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  526.828665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  526.828677] Call Trace:
[  526.828685]  <TASK>
[  526.828693]  dump_stack_lvl+0xfa/0x120
[  526.828734]  should_fail_ex+0x4d7/0x5e0
[  526.828764]  ? alloc_empty_file+0x58/0x1e0
[  526.828796]  should_failslab+0xc2/0x120
[  526.828827]  kmem_cache_alloc_noprof+0x80/0x710
[  526.828850]  ? __pfx_perf_trace_lock+0x10/0x10
[  526.828887]  ? alloc_empty_file+0x58/0x1e0
[  526.828919]  alloc_empty_file+0x58/0x1e0
[  526.828954]  path_openat+0xee/0x2d30
[  526.828985]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  526.829020]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  526.829053]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  526.829088]  ? __create_object+0x59/0x80
[  526.829112]  ? __pfx_path_openat+0x10/0x10
[  526.829146]  ? __asan_memcpy+0x3d/0x60
[  526.829179]  do_file_open_root+0x2f7/0x5e0
[  526.829210]  ? __pfx_do_file_open_root+0x10/0x10
[  526.829254]  ? perf_trace_lock+0xb5/0x5d0
[  526.829300]  ? find_held_lock+0x2b/0x80
[  526.829325]  file_open_root+0x2e4/0x470
[  526.829355]  ? __pfx_file_open_root+0x10/0x10
[  526.829381]  ? _raw_spin_unlock+0x1e/0x40
[  526.829422]  do_handle_open+0x9f2/0xd00
[  526.829444]  ? __pfx_do_handle_open+0x10/0x10
[  526.829470]  ? ksys_write+0x1a3/0x240
[  526.829496]  ? __pfx_ksys_write+0x10/0x10
[  526.829522]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  526.829552]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  526.829588]  do_syscall_64+0xbf/0x420
[  526.829612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.829634] RIP: 0033:0x7f349fed8b19
[  526.829651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  526.829670] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  526.829691] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  526.829705] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  526.829718] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  526.829730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  526.829742] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  526.829774]  </TASK>
[  526.837448] loop6: detected capacity change from 0 to 512
[  526.852062] loop3: detected capacity change from 0 to 512
[  526.854186] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  526.867785] EXT4-fs (loop5): group descriptors corrupted!
[  526.885636] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  526.910706] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
03:42:33 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000012900))

03:42:33 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1", 0x2d, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:42:33 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x4)

03:42:33 executing program 1:
clone3(&(0x7f0000005880)={0xd00, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:33 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 8)

03:42:33 executing program 7:
clone3(&(0x7f0000005880)={0x4000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:33 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4", 0x2e, 0x400}], 0x0, &(0x7f0000012900))

03:42:33 executing program 2:
clone3(&(0x7f0000005880)={0xd00, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  536.724299] loop3: detected capacity change from 0 to 512
[  536.740985] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  536.752828] loop5: detected capacity change from 0 to 512
[  536.753565] loop6: detected capacity change from 0 to 512
[  536.769794] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  536.772594] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  536.774192] EXT4-fs (loop5): group descriptors corrupted!
03:42:33 executing program 2:
clone3(&(0x7f0000005880)={0x1100, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:33 executing program 1:
clone3(&(0x7f0000005880)={0x1100, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:33 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4", 0x2e, 0x400}], 0x0, &(0x7f0000012900))

03:42:34 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f", 0x44, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:42:34 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 9)

03:42:34 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012900))

[  536.918916] loop3: detected capacity change from 0 to 512
[  536.938413] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:42:34 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x6)

[  536.971611] loop5: detected capacity change from 0 to 512
[  536.975553] loop6: detected capacity change from 0 to 512
[  536.991580] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  536.993343] EXT4-fs (loop5): group descriptors corrupted!
[  537.009684] FAULT_INJECTION: forcing a failure.
[  537.009684] name failslab, interval 1, probability 0, space 0, times 0
[  537.011562] EXT4-fs error (device loop6): __ext4_fill_super:5553: inode #2: comm syz-executor.6: iget: special inode unallocated
[  537.012164] EXT4-fs (loop6): get root inode failed
[  537.013559] CPU: 1 UID: 0 PID: 6213 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  537.013587] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  537.013599] Call Trace:
[  537.013606]  <TASK>
[  537.013614]  dump_stack_lvl+0xfa/0x120
[  537.013656]  should_fail_ex+0x4d7/0x5e0
[  537.013685]  ? security_file_alloc+0x35/0x130
[  537.013713]  should_failslab+0xc2/0x120
[  537.013743]  kmem_cache_alloc_noprof+0x80/0x710
[  537.013766]  ? __create_object+0x59/0x80
[  537.013792]  ? security_file_alloc+0x35/0x130
[  537.013820]  security_file_alloc+0x35/0x130
[  537.013848]  init_file+0x95/0x4c0
[  537.013881]  alloc_empty_file+0x76/0x1e0
[  537.013915]  path_openat+0xee/0x2d30
[  537.013944]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  537.013972]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  537.014002]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  537.014039]  ? __create_object+0x59/0x80
[  537.014062]  ? __pfx_path_openat+0x10/0x10
[  537.014095]  ? __asan_memcpy+0x3d/0x60
[  537.014126]  do_file_open_root+0x2f7/0x5e0
[  537.014156]  ? __pfx_do_file_open_root+0x10/0x10
[  537.014198]  ? perf_trace_lock+0xb5/0x5d0
[  537.014243]  ? find_held_lock+0x2b/0x80
[  537.014267]  file_open_root+0x2e4/0x470
[  537.014295]  ? __pfx_file_open_root+0x10/0x10
[  537.014320]  ? _raw_spin_unlock+0x1e/0x40
[  537.014360]  do_handle_open+0x9f2/0xd00
[  537.014381]  ? __pfx_do_handle_open+0x10/0x10
[  537.014405]  ? ksys_write+0x1a3/0x240
[  537.014430]  ? __pfx_ksys_write+0x10/0x10
[  537.014456]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  537.014484]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  537.014519]  do_syscall_64+0xbf/0x420
[  537.014542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.014563] RIP: 0033:0x7f349fed8b19
[  537.014579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  537.014598] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  537.014618] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  537.014631] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  537.014644] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  537.014655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  537.014667] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  537.014697]  </TASK>
[  537.051820] EXT4-fs (loop6): mount failed
[  537.579915] cgroup: fork rejected by pids controller in /syz7
03:42:44 executing program 2:
clone3(&(0x7f0000005880)={0x2000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:44 executing program 7:
clone3(&(0x7f0000005880)={0x4008, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:44 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x8)

03:42:44 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f", 0x44, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:42:44 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012900))

03:42:44 executing program 1:
clone3(&(0x7f0000005880)={0x2000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:44 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 10)

03:42:44 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012900))

[  547.833664] loop6: detected capacity change from 0 to 512
[  547.846814] EXT4-fs error (device loop6): __ext4_fill_super:5553: inode #2: comm syz-executor.6: iget: special inode unallocated
[  547.850494] EXT4-fs (loop6): get root inode failed
[  547.850997] EXT4-fs (loop6): mount failed
[  547.867365] loop5: detected capacity change from 0 to 512
[  547.882312] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  547.883261] EXT4-fs (loop5): group descriptors corrupted!
[  547.885300] loop3: detected capacity change from 0 to 512
[  547.902620] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:42:45 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 11)

03:42:45 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f", 0x44, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:42:45 executing program 1:
clone3(&(0x7f0000005880)={0x3f00, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:45 executing program 7:
clone3(&(0x7f0000005880)={0xf400, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  547.971575] loop6: detected capacity change from 0 to 512
[  547.980748] FAULT_INJECTION: forcing a failure.
[  547.980748] name failslab, interval 1, probability 0, space 0, times 0
[  547.982059] CPU: 0 UID: 0 PID: 6349 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  547.982076] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  547.982084] Call Trace:
[  547.982090]  <TASK>
[  547.982096]  dump_stack_lvl+0xfa/0x120
[  547.982129]  should_fail_ex+0x4d7/0x5e0
[  547.982154]  ? __d_alloc+0x34/0xa10
[  547.982173]  should_failslab+0xc2/0x120
[  547.982196]  kmem_cache_alloc_lru_noprof+0x84/0x720
[  547.982211]  ? __pfx_selinux_inode_permission+0x10/0x10
[  547.982251]  ? __d_alloc+0x34/0xa10
[  547.982268]  __d_alloc+0x34/0xa10
[  547.982297]  d_alloc+0x4a/0x1e0
[  547.982323]  vfs_tmpfile+0x149/0x9a0
[  547.982358]  path_openat+0x1852/0x2d30
[  547.982382]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  547.982406]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  547.982426]  ? __create_object+0x59/0x80
[  547.982449]  ? __pfx_path_openat+0x10/0x10
[  547.982478]  ? __asan_memcpy+0x3d/0x60
[  547.982506]  do_file_open_root+0x2f7/0x5e0
[  547.982529]  ? __pfx_do_file_open_root+0x10/0x10
[  547.982546]  ? perf_trace_run_bpf_submit+0xef/0x180
[  547.982562]  ? perf_trace_lock+0x337/0x5d0
[  547.982586]  ? perf_trace_run_bpf_submit+0xef/0x180
[  547.982615]  ? perf_trace_lock+0x337/0x5d0
[  547.982664]  ? find_held_lock+0x2b/0x80
[  547.982687]  file_open_root+0x2e4/0x470
[  547.982712]  ? __pfx_file_open_root+0x10/0x10
[  547.982728]  ? _raw_spin_unlock+0x1e/0x40
[  547.982769]  do_handle_open+0x9f2/0xd00
[  547.982787]  ? __pfx_do_handle_open+0x10/0x10
[  547.982819]  ? ksys_write+0x1a3/0x240
[  547.982840]  ? __pfx_ksys_write+0x10/0x10
[  547.982858]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  547.982877]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  547.982910]  do_syscall_64+0xbf/0x420
[  547.982930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.982945] RIP: 0033:0x7f349fed8b19
[  547.982957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  547.982969] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  547.982982] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  547.982991] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  547.982999] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  547.983012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  547.983019] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  547.983058]  </TASK>
[  548.029611] EXT4-fs error (device loop6): __ext4_fill_super:5553: inode #2: comm syz-executor.6: iget: special inode unallocated
[  548.045309] EXT4-fs (loop6): get root inode failed
[  548.045764] EXT4-fs (loop6): mount failed
[  548.092392] loop5: detected capacity change from 0 to 512
03:42:45 executing program 2:
clone3(&(0x7f0000005880)={0x3f00, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:45 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012900))

03:42:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xc)

[  548.104180] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  548.104958] EXT4-fs (loop5): group descriptors corrupted!
03:42:54 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012900))

03:42:54 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x10)

03:42:54 executing program 7:
clone3(&(0x7f0000005880)={0x20010, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:54 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 12)

03:42:54 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

03:42:54 executing program 2:
clone3(&(0x7f0000005880)={0x4000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:54 executing program 1:
clone3(&(0x7f0000005880)={0x4000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:54 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f0000000000000000010000", 0x4f, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  556.956353] loop3: detected capacity change from 0 to 512
[  556.965196] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:42:54 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012900))

[  557.021410] loop5: detected capacity change from 0 to 512
[  557.022876] loop6: detected capacity change from 0 to 512
[  557.031294] EXT4-fs (loop6): invalid first ino: 0
[  557.034432] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  557.035597] EXT4-fs (loop5): group descriptors corrupted!
03:42:54 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x12)

[  557.074809] loop3: detected capacity change from 0 to 512
03:42:54 executing program 7:
clone3(&(0x7f0000005880)={0x20200, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:42:54 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 13)

03:42:54 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f0000000000000000010000", 0x4f, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  557.119294] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  557.120710] Process accounting paused
03:42:54 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

03:42:54 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x112)

[  557.160802] loop6: detected capacity change from 0 to 512
[  557.171075] EXT4-fs (loop6): invalid first ino: 0
[  557.194521] loop5: detected capacity change from 0 to 512
03:42:54 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef0100010000", 0x3f, 0x400}], 0x0, &(0x7f0000012900))

[  557.198778] FAULT_INJECTION: forcing a failure.
[  557.198778] name failslab, interval 1, probability 0, space 0, times 0
[  557.200434] CPU: 0 UID: 0 PID: 6411 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  557.200458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  557.200468] Call Trace:
[  557.200475]  <TASK>
[  557.200483]  dump_stack_lvl+0xfa/0x120
[  557.200522]  should_fail_ex+0x4d7/0x5e0
[  557.200554]  ? ext4_alloc_inode+0x28/0x640
[  557.200572]  should_failslab+0xc2/0x120
[  557.200600]  kmem_cache_alloc_lru_noprof+0x84/0x720
[  557.200638]  ? __pfx_ext4_alloc_inode+0x10/0x10
[  557.200663]  ? ext4_alloc_inode+0x28/0x640
[  557.200681]  ext4_alloc_inode+0x28/0x640
[  557.200702]  ? __pfx_ext4_alloc_inode+0x10/0x10
[  557.200719]  alloc_inode+0x67/0x250
[  557.200741]  new_inode+0x1e/0x160
[  557.200767]  __ext4_new_inode+0x35d/0x4cd0
[  557.200832]  ? __pfx___ext4_new_inode+0x10/0x10
[  557.200872]  ? __pfx___dquot_initialize+0x10/0x10
[  557.200891]  ? perf_trace_lock+0x337/0x5d0
[  557.200946]  ext4_tmpfile+0x1e2/0x4c0
[  557.200999]  ? __pfx_ext4_tmpfile+0x10/0x10
[  557.201033]  ? do_raw_spin_unlock+0x53/0x220
[  557.201064]  ? _raw_spin_unlock+0x1e/0x40
[  557.201101]  vfs_tmpfile+0x2c6/0x9a0
[  557.201148]  path_openat+0x1852/0x2d30
[  557.201179]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  557.201208]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  557.201235]  ? __create_object+0x59/0x80
[  557.201265]  ? __pfx_path_openat+0x10/0x10
[  557.201303]  ? __asan_memcpy+0x3d/0x60
[  557.201340]  do_file_open_root+0x2f7/0x5e0
[  557.201371]  ? __pfx_do_file_open_root+0x10/0x10
[  557.201393]  ? perf_trace_run_bpf_submit+0xef/0x180
[  557.201413]  ? perf_trace_lock+0x337/0x5d0
[  557.201442]  ? perf_trace_run_bpf_submit+0xef/0x180
[  557.201480]  ? perf_trace_lock+0x337/0x5d0
[  557.201547]  ? find_held_lock+0x2b/0x80
[  557.201577]  file_open_root+0x2e4/0x470
[  557.201607]  ? __pfx_file_open_root+0x10/0x10
[  557.201628]  ? _raw_spin_unlock+0x1e/0x40
[  557.201683]  do_handle_open+0x9f2/0xd00
[  557.201706]  ? __pfx_do_handle_open+0x10/0x10
[  557.201738]  ? ksys_write+0x1a3/0x240
[  557.201762]  ? __pfx_ksys_write+0x10/0x10
[  557.201786]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  557.201809]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  557.201852]  do_syscall_64+0xbf/0x420
[  557.201877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.201895] RIP: 0033:0x7f349fed8b19
[  557.201910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  557.201926] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  557.201943] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  557.201955] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  557.201965] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  557.201975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  557.201984] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  557.202035]  </TASK>
[  557.243510] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  557.244801] EXT4-fs (loop5): group descriptors corrupted!
[  557.281119] loop3: detected capacity change from 0 to 512
[  557.288358] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  557.289201] EXT4-fs (loop3): group descriptors corrupted!
03:43:03 executing program 7:
clone3(&(0x7f0000005880)={0x80000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:03 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

03:43:03 executing program 2:
clone3(&(0x7f0000005880)={0x7402, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:03 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x321)

03:43:03 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f0000000000000000010000", 0x4f, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:43:03 executing program 1:
clone3(&(0x7f0000005880)={0x5002, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:03 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 14)

03:43:03 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012900))

[  565.963110] loop5: detected capacity change from 0 to 512
[  565.974107] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  565.974849] EXT4-fs (loop5): group descriptors corrupted!
[  565.983721] loop6: detected capacity change from 0 to 512
[  565.998863] EXT4-fs (loop6): invalid first ino: 0
03:43:03 executing program 1:
clone3(&(0x7f0000005880)={0xf400, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  566.016128] loop3: detected capacity change from 0 to 512
03:43:03 executing program 2:
clone3(&(0x7f0000005880)={0xf400, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:03 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 15)

[  566.039232] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  566.040256] EXT4-fs (loop3): group descriptors corrupted!
03:43:03 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="03000000", 0x4, 0x800}], 0x0, &(0x7f0000012900))

03:43:03 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b", 0x55, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:43:03 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f01", 0x35, 0x400}], 0x0, &(0x7f0000012900))

[  566.093960] FAULT_INJECTION: forcing a failure.
[  566.093960] name failslab, interval 1, probability 0, space 0, times 0
[  566.095632] CPU: 1 UID: 0 PID: 6450 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  566.095648] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  566.095656] Call Trace:
[  566.095660]  <TASK>
[  566.095664]  dump_stack_lvl+0xfa/0x120
[  566.095692]  should_fail_ex+0x4d7/0x5e0
[  566.095712]  ? security_inode_alloc+0x3e/0x130
[  566.095728]  should_failslab+0xc2/0x120
[  566.095747]  kmem_cache_alloc_noprof+0x80/0x710
[  566.095759]  ? __pfx_map_id_range_down+0x10/0x10
[  566.095783]  ? security_inode_alloc+0x3e/0x130
[  566.095797]  security_inode_alloc+0x3e/0x130
[  566.095811]  inode_init_always_gfp+0xc9d/0xff0
[  566.095831]  alloc_inode+0x8d/0x250
[  566.095843]  new_inode+0x1e/0x160
[  566.095856]  __ext4_new_inode+0x35d/0x4cd0
[  566.095884]  ? __pfx___ext4_new_inode+0x10/0x10
[  566.095905]  ? __pfx___dquot_initialize+0x10/0x10
[  566.095919]  ? perf_trace_lock+0xb5/0x5d0
[  566.095943]  ext4_tmpfile+0x1e2/0x4c0
[  566.095967]  ? __pfx_ext4_tmpfile+0x10/0x10
[  566.095985]  ? do_raw_spin_unlock+0x53/0x220
[  566.096007]  ? _raw_spin_unlock+0x1e/0x40
[  566.096027]  vfs_tmpfile+0x2c6/0x9a0
[  566.096052]  path_openat+0x1852/0x2d30
[  566.096069]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  566.096086]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  566.096102]  ? __create_object+0x59/0x80
[  566.096116]  ? __pfx_path_openat+0x10/0x10
[  566.096135]  ? __asan_memcpy+0x3d/0x60
[  566.096153]  do_file_open_root+0x2f7/0x5e0
[  566.096170]  ? __pfx_do_file_open_root+0x10/0x10
[  566.096194]  ? perf_trace_lock+0xb5/0x5d0
[  566.096219]  ? find_held_lock+0x2b/0x80
[  566.096233]  file_open_root+0x2e4/0x470
[  566.096251]  ? __pfx_file_open_root+0x10/0x10
[  566.096265]  ? _raw_spin_unlock+0x1e/0x40
[  566.096288]  do_handle_open+0x9f2/0xd00
[  566.096301]  ? __pfx_do_handle_open+0x10/0x10
[  566.096315]  ? ksys_write+0x1a3/0x240
[  566.096330]  ? __pfx_ksys_write+0x10/0x10
[  566.096344]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  566.096361]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  566.096381]  do_syscall_64+0xbf/0x420
[  566.096395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.096407] RIP: 0033:0x7f349fed8b19
[  566.096417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  566.096428] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  566.096440] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  566.096448] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  566.096455] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  566.096462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  566.096469] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  566.096486]  </TASK>
[  566.100143] loop5: detected capacity change from 0 to 512
[  566.139495] loop6: detected capacity change from 0 to 512
03:43:03 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x600)

03:43:03 executing program 7:
clone3(&(0x7f0000005880)={0x101000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  566.143237] loop3: detected capacity change from 0 to 512
[  566.153544] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  566.154067] EXT4-fs (loop6): unsupported inode size: 0
[  566.154512] EXT4-fs (loop6): blocksize: 1024
[  566.187206] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  566.187959] EXT4-fs (loop5): group descriptors corrupted!
03:43:03 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f01", 0x35, 0x400}], 0x0, &(0x7f0000012900))

[  566.242991] loop3: detected capacity change from 0 to 512
[  566.246233] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:43:11 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xa9f)

03:43:11 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f01", 0x35, 0x400}], 0x0, &(0x7f0000012900))

03:43:11 executing program 7:
clone3(&(0x7f0000005880)={0x104000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:11 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b", 0x55, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:43:11 executing program 1:
clone3(&(0x7f0000005880)={0x20010, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:11 executing program 2:
clone3(&(0x7f0000005880)={0x20010, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:11 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="03000000", 0x4, 0x800}], 0x0, &(0x7f0000012900))

03:43:11 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 16)

[  574.014622] loop6: detected capacity change from 0 to 512
[  574.016629] loop5: detected capacity change from 0 to 512
[  574.019117] EXT4-fs (loop6): unsupported inode size: 0
[  574.019573] EXT4-fs (loop6): blocksize: 1024
[  574.023851] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  574.024629] EXT4-fs (loop5): group descriptors corrupted!
[  574.062568] loop3: detected capacity change from 0 to 512
03:43:11 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b", 0x55, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:43:11 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="03000000", 0x4, 0x800}], 0x0, &(0x7f0000012900))

[  574.089413] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:43:11 executing program 1:
clone3(&(0x7f0000005880)={0x20200, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:11 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xc00)

03:43:11 executing program 2:
clone3(&(0x7f0000005880)={0x20200, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  574.127502] loop5: detected capacity change from 0 to 512
[  574.144716] loop6: detected capacity change from 0 to 512
[  574.146122] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  574.146861] EXT4-fs (loop5): group descriptors corrupted!
[  574.168078] EXT4-fs (loop6): unsupported inode size: 0
[  574.168960] EXT4-fs (loop6): blocksize: 1024
03:43:11 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 17)

03:43:11 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5}], 0x0, &(0x7f0000012900))

03:43:11 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff", 0x38, 0x400}], 0x0, &(0x7f0000012900))

03:43:11 executing program 1:
clone3(&(0x7f0000005880)={0x80000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  574.244490] loop5: detected capacity change from 0 to 512
[  574.254576] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  574.255454] EXT4-fs (loop5): group descriptors corrupted!
[  574.299562] loop3: detected capacity change from 0 to 512
[  574.307947] FAULT_INJECTION: forcing a failure.
[  574.307947] name failslab, interval 1, probability 0, space 0, times 0
[  574.308882] CPU: 0 UID: 0 PID: 6511 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  574.308897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  574.308904] Call Trace:
[  574.308909]  <TASK>
[  574.308915]  dump_stack_lvl+0xfa/0x120
[  574.308942]  should_fail_ex+0x4d7/0x5e0
[  574.308964]  ? jbd2__journal_start+0x193/0x820
[  574.308979]  should_failslab+0xc2/0x120
[  574.308999]  kmem_cache_alloc_noprof+0x80/0x710
[  574.309031]  ? jbd2__journal_start+0x193/0x820
[  574.309044]  jbd2__journal_start+0x193/0x820
[  574.309067]  __ext4_journal_start_sb+0x325/0x580
[  574.309096]  __ext4_new_inode+0x2c81/0x4cd0
[  574.309141]  ? __pfx___ext4_new_inode+0x10/0x10
[  574.309168]  ? __pfx___dquot_initialize+0x10/0x10
[  574.309204]  ext4_tmpfile+0x1e2/0x4c0
[  574.309239]  ? __pfx_ext4_tmpfile+0x10/0x10
[  574.309258]  ? do_raw_spin_unlock+0x53/0x220
[  574.309279]  ? _raw_spin_unlock+0x1e/0x40
[  574.309305]  vfs_tmpfile+0x2c6/0x9a0
[  574.309336]  path_openat+0x1852/0x2d30
[  574.309357]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  574.309377]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  574.309394]  ? __create_object+0x59/0x80
[  574.309415]  ? __pfx_path_openat+0x10/0x10
[  574.309440]  ? __asan_memcpy+0x3d/0x60
[  574.309465]  do_file_open_root+0x2f7/0x5e0
[  574.309485]  ? __pfx_do_file_open_root+0x10/0x10
[  574.309500]  ? perf_trace_run_bpf_submit+0xef/0x180
[  574.309514]  ? perf_trace_lock+0x337/0x5d0
[  574.309534]  ? perf_trace_run_bpf_submit+0xef/0x180
[  574.309559]  ? perf_trace_lock+0x337/0x5d0
[  574.309604]  ? find_held_lock+0x2b/0x80
[  574.309624]  file_open_root+0x2e4/0x470
[  574.309644]  ? __pfx_file_open_root+0x10/0x10
[  574.309658]  ? _raw_spin_unlock+0x1e/0x40
[  574.309695]  do_handle_open+0x9f2/0xd00
[  574.309710]  ? __pfx_do_handle_open+0x10/0x10
[  574.309731]  ? ksys_write+0x1a3/0x240
[  574.309747]  ? __pfx_ksys_write+0x10/0x10
[  574.309763]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  574.309780]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  574.309808]  do_syscall_64+0xbf/0x420
[  574.309825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  574.309838] RIP: 0033:0x7f349fed8b19
[  574.309848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  574.309859] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  574.309871] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  574.309879] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  574.309886] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  574.309892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  574.309899] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  574.309933]  </TASK>
[  574.315107] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  574.315476] EXT4-fs error (device sda) in __ext4_new_inode:1086: Out of memory
03:43:20 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 18)

03:43:20 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff", 0x38, 0x400}], 0x0, &(0x7f0000012900))

03:43:20 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5}], 0x0, &(0x7f0000012900))

03:43:20 executing program 7:
clone3(&(0x7f0000005880)={0x401000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:20 executing program 2:
clone3(&(0x7f0000005880)={0x80000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:20 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x1200)

03:43:20 executing program 1:
clone3(&(0x7f0000005880)={0x101000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:20 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b000000", 0x58, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[  583.029583] loop5: detected capacity change from 0 to 512
[  583.038613] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  583.039420] EXT4-fs (loop5): group descriptors corrupted!
[  583.045483] loop6: detected capacity change from 0 to 512
[  583.050343] EXT4-fs (loop6): unsupported inode size: 0
[  583.050989] EXT4-fs (loop6): blocksize: 1024
03:43:20 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5}], 0x0, &(0x7f0000012900))

[  583.093391] loop3: detected capacity change from 0 to 512
[  583.106268] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:43:20 executing program 7:
clone3(&(0x7f0000005880)={0x1000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:20 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b000000", 0x58, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:43:20 executing program 1:
clone3(&(0x7f0000005880)={0x104000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  583.162355] loop5: detected capacity change from 0 to 512
03:43:20 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff", 0x38, 0x400}], 0x0, &(0x7f0000012900))

[  583.174477] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  583.175399] EXT4-fs (loop5): group descriptors corrupted!
03:43:20 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 19)

[  583.179543] loop6: detected capacity change from 0 to 512
[  583.184410] EXT4-fs (loop6): unsupported inode size: 0
[  583.184876] EXT4-fs (loop6): blocksize: 1024
03:43:20 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x1201)

[  583.231653] loop3: detected capacity change from 0 to 512
[  583.245910] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  583.300792] FAULT_INJECTION: forcing a failure.
[  583.300792] name failslab, interval 1, probability 0, space 0, times 0
[  583.303061] CPU: 1 UID: 0 PID: 6554 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  583.303093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  583.303107] Call Trace:
[  583.303115]  <TASK>
[  583.303124]  dump_stack_lvl+0xfa/0x120
[  583.303172]  should_fail_ex+0x4d7/0x5e0
[  583.303206]  should_failslab+0xc2/0x120
[  583.303241]  __kmalloc_noprof+0xd6/0x830
[  583.303281]  ? posix_acl_create.part.0+0x29a/0x4e0
[  583.303313]  ? security_inode_init_security+0x113/0x370
[  583.303347]  ? security_inode_init_security+0x113/0x370
[  583.303370]  security_inode_init_security+0x113/0x370
[  583.303396]  ? __pfx_ext4_initxattrs+0x10/0x10
[  583.303425]  ? __pfx_security_inode_init_security+0x10/0x10
[  583.303456]  ? crc32c+0x1ae/0x350
[  583.303482]  __ext4_new_inode+0x38f7/0x4cd0
[  583.303539]  ? __pfx___ext4_new_inode+0x10/0x10
[  583.303581]  ? __pfx___dquot_initialize+0x10/0x10
[  583.303610]  ? perf_trace_lock+0xb5/0x5d0
[  583.303642]  ? __pfx_queued_spin_lock_slowpath+0x10/0x10
[  583.303692]  ext4_tmpfile+0x1e2/0x4c0
[  583.303740]  ? __pfx_ext4_tmpfile+0x10/0x10
[  583.303776]  ? do_raw_spin_unlock+0x53/0x220
[  583.303814]  ? _raw_spin_unlock+0x1e/0x40
[  583.303851]  vfs_tmpfile+0x2c6/0x9a0
[  583.303895]  path_openat+0x1852/0x2d30
[  583.303930]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  583.303965]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  583.303999]  ? __create_object+0x59/0x80
[  583.304036]  ? __pfx_path_openat+0x10/0x10
[  583.304074]  ? __asan_memcpy+0x3d/0x60
[  583.304111]  do_file_open_root+0x2f7/0x5e0
[  583.304147]  ? __pfx_do_file_open_root+0x10/0x10
[  583.304197]  ? perf_trace_lock+0xb5/0x5d0
[  583.304249]  ? find_held_lock+0x2b/0x80
[  583.304278]  file_open_root+0x2e4/0x470
[  583.304312]  ? __pfx_file_open_root+0x10/0x10
[  583.304341]  ? _raw_spin_unlock+0x1e/0x40
[  583.304389]  do_handle_open+0x9f2/0xd00
[  583.304413]  ? __pfx_do_handle_open+0x10/0x10
[  583.304443]  ? ksys_write+0x1a3/0x240
[  583.304472]  ? __pfx_ksys_write+0x10/0x10
[  583.304502]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  583.304535]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  583.304577]  do_syscall_64+0xbf/0x420
[  583.304604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.304628] RIP: 0033:0x7f349fed8b19
[  583.304647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  583.304669] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  583.304692] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  583.304708] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  583.304722] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  583.304736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  583.304750] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  583.304786]  </TASK>
03:43:29 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 20)

03:43:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:43:29 executing program 7:
clone3(&(0x7f0000005880)={0x2000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:29 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x2103)

03:43:29 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b000000", 0x58, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:43:29 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012900))

03:43:29 executing program 1:
clone3(&(0x7f0000005880)={0x401000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:29 executing program 2:
clone3(&(0x7f0000005880)={0x101000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:29 executing program 2:
clone3(&(0x7f0000005880)={0x104000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  591.959551] loop3: detected capacity change from 0 to 512
[  591.966947] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  591.971787] loop5: detected capacity change from 0 to 512
[  591.981205] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  591.987136] Process accounting resumed
[  591.995197] loop6: detected capacity change from 0 to 512
03:43:29 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012900))

[  592.004234] EXT4-fs (loop6): unsupported inode size: 0
[  592.004852] EXT4-fs (loop6): blocksize: 1024
03:43:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:43:29 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 21)

[  592.049161] loop3: detected capacity change from 0 to 512
03:43:29 executing program 1:
clone3(&(0x7f0000005880)={0x1000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  592.056208] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  592.074407] FAULT_INJECTION: forcing a failure.
[  592.074407] name failslab, interval 1, probability 0, space 0, times 0
[  592.075607] CPU: 1 UID: 0 PID: 6591 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  592.075623] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  592.075630] Call Trace:
[  592.075635]  <TASK>
[  592.075639]  dump_stack_lvl+0xfa/0x120
[  592.075668]  should_fail_ex+0x4d7/0x5e0
[  592.075688]  should_failslab+0xc2/0x120
[  592.075708]  __kmalloc_node_track_caller_noprof+0xd7/0x820
[  592.075724]  ? lock_acquire+0x15e/0x2d0
[  592.075741]  ? sidtab_sid2str_get+0x85/0x6f0
[  592.075759]  ? sidtab_sid2str_get+0x17e/0x6f0
[  592.075777]  ? kmemdup_noprof+0x2b/0x60
[  592.075795]  kmemdup_noprof+0x2b/0x60
[  592.075813]  sidtab_sid2str_get+0x17e/0x6f0
[  592.075830]  sidtab_entry_to_string+0x33/0x110
[  592.075847]  security_sid_to_context_core+0x350/0x620
[  592.075863]  selinux_inode_init_security+0x432/0x650
[  592.075883]  ? __pfx_selinux_inode_init_security+0x10/0x10
[  592.075898]  ? __kmalloc_noprof+0x4b0/0x830
[  592.075919]  ? security_inode_init_security+0x113/0x370
[  592.075937]  security_inode_init_security+0x1bc/0x370
[  592.075950]  ? __pfx_ext4_initxattrs+0x10/0x10
[  592.075967]  ? __pfx_security_inode_init_security+0x10/0x10
[  592.075982]  ? crc32c+0x1ae/0x350
[  592.075995]  __ext4_new_inode+0x38f7/0x4cd0
[  592.076029]  ? __pfx___ext4_new_inode+0x10/0x10
[  592.076058]  ? __pfx___dquot_initialize+0x10/0x10
[  592.076076]  ? perf_trace_lock+0xb5/0x5d0
[  592.076100]  ext4_tmpfile+0x1e2/0x4c0
[  592.076125]  ? __pfx_ext4_tmpfile+0x10/0x10
[  592.076143]  ? do_raw_spin_unlock+0x53/0x220
[  592.076161]  ? _raw_spin_unlock+0x1e/0x40
[  592.076181]  vfs_tmpfile+0x2c6/0x9a0
[  592.076204]  path_openat+0x1852/0x2d30
[  592.076221]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  592.076238]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  592.076254]  ? __create_object+0x59/0x80
[  592.076269]  ? __pfx_path_openat+0x10/0x10
[  592.076288]  ? __asan_memcpy+0x3d/0x60
[  592.076306]  do_file_open_root+0x2f7/0x5e0
[  592.076323]  ? __pfx_do_file_open_root+0x10/0x10
[  592.076348]  ? perf_trace_lock+0xb5/0x5d0
[  592.076373]  ? find_held_lock+0x2b/0x80
[  592.076387]  file_open_root+0x2e4/0x470
[  592.076406]  ? __pfx_file_open_root+0x10/0x10
[  592.076420]  ? _raw_spin_unlock+0x1e/0x40
[  592.076443]  do_handle_open+0x9f2/0xd00
[  592.076456]  ? __pfx_do_handle_open+0x10/0x10
[  592.076470]  ? ksys_write+0x1a3/0x240
[  592.076485]  ? __pfx_ksys_write+0x10/0x10
[  592.076500]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  592.076517]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  592.076537]  do_syscall_64+0xbf/0x420
[  592.076551]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.076564] RIP: 0033:0x7f349fed8b19
[  592.076574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  592.076586] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  592.076598] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  592.076606] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  592.076613] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  592.076620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  592.076627] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  592.076645]  </TASK>
[  592.142666] loop5: detected capacity change from 0 to 512
[  592.144900] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
03:43:39 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x3f00)

03:43:39 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012900))

03:43:39 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000000", 0x59, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:43:39 executing program 7:
clone3(&(0x7f0000005880)={0x3000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:39 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 22)

03:43:39 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:43:39 executing program 1:
clone3(&(0x7f0000005880)={0x2000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:39 executing program 2:
clone3(&(0x7f0000005880)={0x401000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  602.594595] loop5: detected capacity change from 0 to 512
[  602.600979] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  602.654360] loop6: detected capacity change from 0 to 512
[  602.655709] loop3: detected capacity change from 0 to 512
[  602.664706] EXT4-fs (loop6): unsupported inode size: 0
[  602.665911] EXT4-fs (loop6): blocksize: 1024
03:43:39 executing program 2:
clone3(&(0x7f0000005880)={0x1000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  602.679940] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:43:39 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:43:39 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x9f0a)

[  602.763461] cgroup: fork rejected by pids controller in /syz2
03:43:39 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000000", 0x59, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:43:39 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 23)

03:43:39 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a}], 0x0, &(0x7f0000012900))

[  602.784503] loop5: detected capacity change from 0 to 512
[  602.802836] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
03:43:39 executing program 7:
clone3(&(0x7f0000005880)={0x4000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:39 executing program 2:
clone3(&(0x7f0000005880)={0x2000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:39 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x40000)

03:43:39 executing program 1:
clone3(&(0x7f0000005880)={0x3000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  602.884357] loop6: detected capacity change from 0 to 512
[  602.901543] loop3: detected capacity change from 0 to 512
03:43:40 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

[  602.904861] EXT4-fs (loop6): unsupported inode size: 0
[  602.905840] EXT4-fs (loop6): blocksize: 1024
[  602.914781] FAULT_INJECTION: forcing a failure.
[  602.914781] name failslab, interval 1, probability 0, space 0, times 0
[  602.916710] CPU: 0 UID: 0 PID: 6648 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  602.916742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  602.916756] Call Trace:
[  602.916766]  <TASK>
[  602.916777]  dump_stack_lvl+0xfa/0x120
[  602.916830]  should_fail_ex+0x4d7/0x5e0
[  602.916875]  ? ext4_inode_attach_jinode+0x118/0x230
[  602.916911]  should_failslab+0xc2/0x120
[  602.916951]  kmem_cache_alloc_noprof+0x80/0x710
[  602.916979]  ? avc_has_perm+0x12b/0x1d0
[  602.917050]  ? ext4_inode_attach_jinode+0x118/0x230
[  602.917083]  ext4_inode_attach_jinode+0x118/0x230
[  602.917131]  ext4_file_open+0x31f/0xfe0
[  602.917180]  ? inode_has_perm+0x16e/0x1c0
[  602.917226]  ? __pfx_ext4_file_open+0x10/0x10
[  602.917258]  ? selinux_file_open+0x37d/0x4c0
[  602.917291]  ? __pfx_selinux_file_open+0x10/0x10
[  602.917317]  ? find_held_lock+0x2b/0x80
[  602.917345]  ? mnt_get_write_access+0x4f/0x2c0
[  602.917373]  ? lock_release+0xc8/0x270
[  602.917414]  ? mnt_get_write_access+0x4f/0x2c0
[  602.917462]  do_dentry_open+0x76a/0x1460
[  602.917504]  ? __pfx_ext4_file_open+0x10/0x10
[  602.917546]  ? __ext4_journal_stop+0x10b/0x1f0
[  602.917598]  ext4_tmpfile+0x328/0x4c0
[  602.917658]  ? __pfx_ext4_tmpfile+0x10/0x10
[  602.917698]  ? do_raw_spin_unlock+0x53/0x220
[  602.917741]  ? _raw_spin_unlock+0x1e/0x40
[  602.917794]  vfs_tmpfile+0x2c6/0x9a0
[  602.917860]  path_openat+0x1852/0x2d30
[  602.917905]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  602.917946]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  602.917984]  ? __create_object+0x59/0x80
[  602.918026]  ? __pfx_path_openat+0x10/0x10
[  602.918081]  ? __asan_memcpy+0x3d/0x60
[  602.918134]  do_file_open_root+0x2f7/0x5e0
[  602.918177]  ? __pfx_do_file_open_root+0x10/0x10
[  602.918210]  ? perf_trace_run_bpf_submit+0xef/0x180
[  602.918237]  ? perf_trace_lock+0x337/0x5d0
[  602.918280]  ? perf_trace_run_bpf_submit+0xef/0x180
[  602.918334]  ? perf_trace_lock+0x337/0x5d0
[  602.918430]  ? find_held_lock+0x2b/0x80
[  602.918472]  file_open_root+0x2e4/0x470
[  602.918514]  ? __pfx_file_open_root+0x10/0x10
[  602.918544]  ? _raw_spin_unlock+0x1e/0x40
[  602.918623]  do_handle_open+0x9f2/0xd00
[  602.918656]  ? __pfx_do_handle_open+0x10/0x10
[  602.918701]  ? ksys_write+0x1a3/0x240
[  602.918735]  ? __pfx_ksys_write+0x10/0x10
[  602.918769]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  602.918802]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  602.918864]  do_syscall_64+0xbf/0x420
[  602.918899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  602.918925] RIP: 0033:0x7f349fed8b19
[  602.918945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  602.918968] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  602.918993] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  602.919009] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  602.919039] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  602.919053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  602.919067] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  602.919138]  </TASK>
[  603.003347] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:43:40 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x80000)

03:43:40 executing program 7:
clone3(&(0x7f0000005880)={0x5000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:40 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000000", 0x59, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:43:40 executing program 2:
clone3(&(0x7f0000005880)={0x3000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:40 executing program 1:
clone3(&(0x7f0000005880)={0x4000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:40 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a}], 0x0, &(0x7f0000012900))

03:43:40 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:43:40 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x1000000)

[  603.152765] loop6: detected capacity change from 0 to 512
[  603.161130] EXT4-fs (loop6): unsupported inode size: 0
[  603.162284] EXT4-fs (loop6): blocksize: 1024
[  603.203732] loop3: detected capacity change from 0 to 512
[  603.225621] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:43:40 executing program 7:
clone3(&(0x7f0000005880)={0x6000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  603.249139] loop5: detected capacity change from 0 to 512
[  603.265492] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
03:43:50 executing program 1:
clone3(&(0x7f0000005880)={0x5000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:50 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 24)

03:43:50 executing program 7:
clone3(&(0x7f0000005880)={0x7000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:50 executing program 2:
clone3(&(0x7f0000005880)={0x4000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:50 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x2000000)

03:43:50 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:43:50 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a}], 0x0, &(0x7f0000012900))

03:43:50 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

[  613.549470] loop5: detected capacity change from 0 to 512
[  613.562510] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  613.575221] loop6: detected capacity change from 0 to 512
[  613.580318] loop3: detected capacity change from 0 to 512
[  613.587022] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  613.598075] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  613.604546] FAULT_INJECTION: forcing a failure.
[  613.604546] name failslab, interval 1, probability 0, space 0, times 0
[  613.606570] CPU: 0 UID: 0 PID: 6711 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  613.606600] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  613.606613] Call Trace:
[  613.606622]  <TASK>
[  613.606633]  dump_stack_lvl+0xfa/0x120
[  613.606684]  should_fail_ex+0x4d7/0x5e0
[  613.606726]  ? jbd2_journal_add_journal_head+0x367/0x5d0
[  613.606751]  should_failslab+0xc2/0x120
[  613.606787]  kmem_cache_alloc_noprof+0x80/0x710
[  613.606815]  ? jbd2_write_access_granted+0x21f/0x3c0
[  613.606868]  ? jbd2_journal_add_journal_head+0x367/0x5d0
[  613.606891]  jbd2_journal_add_journal_head+0x367/0x5d0
[  613.606930]  jbd2_journal_get_write_access+0x1bc/0x250
[  613.606974]  __ext4_journal_get_write_access+0x6a/0x330
[  613.607035]  ext4_reserve_inode_write+0x217/0x350
[  613.607103]  ext4_xattr_set_handle+0x403/0x14c0
03:43:50 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

[  613.607166]  ? __pfx_ext4_xattr_set_handle+0x10/0x10
[  613.607204]  ? find_held_lock+0x2b/0x80
[  613.607238]  ? lock_release+0xc8/0x270
[  613.607265]  ? sidtab_entry_to_string+0x4d/0x110
[  613.607307]  ? security_sid_to_context_core+0x1cb/0x620
[  613.607368]  ? __pfx_selinux_inode_init_security+0x10/0x10
[  613.607401]  ? __kmalloc_noprof+0x4b0/0x830
[  613.607452]  ext4_initxattrs+0xb9/0x120
[  613.607496]  security_inode_init_security+0x243/0x370
[  613.607527]  ? __pfx_ext4_initxattrs+0x10/0x10
[  613.607558]  ? __pfx_security_inode_init_security+0x10/0x10
[  613.607599]  ? crc32c+0x1ae/0x350
[  613.607635]  __ext4_new_inode+0x38f7/0x4cd0
[  613.607721]  ? __pfx___ext4_new_inode+0x10/0x10
[  613.607774]  ? __pfx___dquot_initialize+0x10/0x10
[  613.607845]  ext4_tmpfile+0x1e2/0x4c0
03:43:50 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x4000000)

[  613.607913]  ? __pfx_ext4_tmpfile+0x10/0x10
[  613.607951]  ? do_raw_spin_unlock+0x53/0x220
[  613.607991]  ? _raw_spin_unlock+0x1e/0x40
[  613.608040]  vfs_tmpfile+0x2c6/0x9a0
[  613.608102]  path_openat+0x1852/0x2d30
[  613.608144]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  613.608182]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  613.608217]  ? __create_object+0x59/0x80
[  613.608257]  ? __pfx_path_openat+0x10/0x10
[  613.608308]  ? __asan_memcpy+0x3d/0x60
[  613.608357]  do_file_open_root+0x2f7/0x5e0
[  613.608397]  ? __pfx_do_file_open_root+0x10/0x10
[  613.608427]  ? perf_trace_run_bpf_submit+0xef/0x180
[  613.608453]  ? perf_trace_lock+0x337/0x5d0
[  613.608492]  ? perf_trace_run_bpf_submit+0xef/0x180
[  613.608542]  ? perf_trace_lock+0x337/0x5d0
[  613.608632]  ? find_held_lock+0x2b/0x80
[  613.608675]  file_open_root+0x2e4/0x470
[  613.608714]  ? __pfx_file_open_root+0x10/0x10
[  613.608742]  ? _raw_spin_unlock+0x1e/0x40
[  613.608816]  do_handle_open+0x9f2/0xd00
[  613.608846]  ? __pfx_do_handle_open+0x10/0x10
[  613.608888]  ? ksys_write+0x1a3/0x240
[  613.608920]  ? __pfx_ksys_write+0x10/0x10
[  613.608951]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  613.608983]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  613.609040]  do_syscall_64+0xbf/0x420
[  613.609072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  613.609096] RIP: 0033:0x7f349fed8b19
[  613.609115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  613.609136] RSP: 002b:00007f349d44e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  613.609158] RAX: ffffffffffffffda RBX: 00007f349ffebf60 RCX: 00007f349fed8b19
[  613.609173] RDX: 0000000000414d02 RSI: 0000000020000000 RDI: 0000000000000004
[  613.609187] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  613.609200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  613.609213] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  613.609281]  </TASK>
[  613.660918] loop5: detected capacity change from 0 to 512
[  613.662366] ENOMEM in journal_alloc_journal_head, retrying.
[  613.673721] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
03:43:50 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:43:50 executing program 7:
clone3(&(0x7f0000005880)={0x9000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:43:50 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, 0x0)

03:43:50 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:43:50 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x6000000)

[  613.770887] loop6: detected capacity change from 0 to 512
03:43:50 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02) (fail_nth: 25)

[  613.787894] loop3: detected capacity change from 0 to 512
[  613.789413] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  613.890927] FAULT_INJECTION: forcing a failure.
[  613.890927] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  613.893474] CPU: 0 UID: 0 PID: 6734 Comm: syz-executor.0 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  613.893503] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  613.893515] Call Trace:
[  613.893524]  <TASK>
[  613.893533]  dump_stack_lvl+0xfa/0x120
[  613.893580]  should_fail_ex+0x4d7/0x5e0
[  613.893621]  _copy_to_user+0x32/0xd0
[  613.893659]  simple_read_from_buffer+0xe0/0x180
[  613.893699]  proc_fail_nth_read+0x18a/0x240
[  613.893743]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  613.893787]  ? security_file_permission+0x22/0x90
[  613.893826]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  613.893866]  vfs_read+0x1eb/0xc70
[  613.893903]  ? __pfx___mutex_lock+0x10/0x10
[  613.893924]  ? __fget_files+0x34/0x3b0
[  613.893956]  ? __pfx_vfs_read+0x10/0x10
[  613.893992]  ? lock_release+0xc8/0x270
[  613.894044]  ? __fget_files+0x20d/0x3b0
[  613.894106]  ksys_read+0x121/0x240
[  613.894136]  ? __pfx_ksys_read+0x10/0x10
[  613.894195]  do_syscall_64+0xbf/0x420
[  613.894226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  613.894249] RIP: 0033:0x7f349fe8b69c
[  613.894267] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[  613.894287] RSP: 002b:00007f349d44e170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  613.894307] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f349fe8b69c
[  613.894321] RDX: 000000000000000f RSI: 00007f349d44e1e0 RDI: 0000000000000005
[  613.894333] RBP: 00007f349d44e1d0 R08: 0000000000000000 R09: 0000000000000000
[  613.894346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  613.894357] R13: 00007ffdd66f889f R14: 00007f349d44e300 R15: 0000000000022000
[  613.894420]  </TASK>
03:44:00 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

03:44:00 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, 0x0)

03:44:00 executing program 1:
clone3(&(0x7f0000005880)={0x6000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:00 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:44:00 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1", 0x2d, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:44:00 executing program 7:
clone3(&(0x7f0000005880)={0xd000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:00 executing program 2:
clone3(&(0x7f0000005880)={0x5000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:00 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xc000000)

[  622.912470] loop5: detected capacity change from 0 to 512
[  622.921142] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  622.937352] loop3: detected capacity change from 0 to 512
[  622.954392] loop6: detected capacity change from 0 to 512
[  622.967172] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  622.973731] Process accounting paused
03:44:09 executing program 2:
clone3(&(0x7f0000005880)={0x6000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:09 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x2f, 0x2, {{0xb}}}, 0x414d02)

03:44:09 executing program 7:
clone3(&(0x7f0000005880)={0x10000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:09 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1", 0x2d, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:44:09 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, 0x0)

03:44:09 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, 0x0)

03:44:09 executing program 1:
clone3(&(0x7f0000005880)={0x7000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:09 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x10000000)

[  632.293526] loop3: detected capacity change from 0 to 512
[  632.295890] loop6: detected capacity change from 0 to 512
[  632.298415] loop5: detected capacity change from 0 to 512
[  632.313469] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
03:44:09 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, 0x0)

03:44:09 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x12000000)

03:44:09 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1", 0x2d, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:44:09 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x4, {{0xb}}}, 0x414d02)

[  632.438230] loop6: detected capacity change from 0 to 512
03:44:09 executing program 2:
clone3(&(0x7f0000005880)={0x7000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  632.484929] loop5: detected capacity change from 0 to 512
[  632.500627] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
03:44:19 executing program 7:
clone3(&(0x7f0000005880)={0x10000200, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:19 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, 0x0)

03:44:19 executing program 1:
clone3(&(0x7f0000005880)={0x9000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:19 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x6, {{0xb}}}, 0x414d02)

03:44:19 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f", 0x44, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:44:19 executing program 2:
clone3(&(0x7f0000005880)={0x9000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:19 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x2103)

03:44:19 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x12010000)

03:44:19 executing program 7:
clone3(&(0x7f0000005880)={0x10020000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  642.334391] loop5: detected capacity change from 0 to 512
[  642.345769] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  642.346639] EXT4-fs (loop5): group descriptors corrupted!
[  642.356655] loop6: detected capacity change from 0 to 512
03:44:19 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0xf, {{0xb}}}, 0x414d02)

03:44:19 executing program 1:
clone3(&(0x7f0000005880)={0xd000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:19 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x21030000)

03:44:19 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x10, {{0xb}}}, 0x414d02)

03:44:19 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

[  642.568119] loop3: detected capacity change from 0 to 512
[  642.590099] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  642.591995] EXT4-fs (loop3): group descriptors corrupted!
03:44:19 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4", 0x2e, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

[  642.601673] loop5: detected capacity change from 0 to 512
[  642.611692] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
03:44:19 executing program 1:
clone3(&(0x7f0000005880)={0x10000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:29 executing program 1:
clone3(&(0x7f0000005880)={0x10000200, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:29 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x3f000000)

03:44:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4", 0x2e, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:44:29 executing program 2:
clone3(&(0x7f0000005880)={0xd000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:29 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

03:44:29 executing program 7:
clone3(&(0x7f0000005880)={0x11000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:29 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x28, {{0xb}}}, 0x414d02)

03:44:29 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 1)

[  652.319904] loop3: detected capacity change from 0 to 512
[  652.320980] loop5: detected capacity change from 0 to 512
[  652.322423] FAULT_INJECTION: forcing a failure.
[  652.322423] name failslab, interval 1, probability 0, space 0, times 0
[  652.324559] CPU: 1 UID: 0 PID: 6882 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  652.324613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  652.324632] Call Trace:
[  652.324643]  <TASK>
[  652.324656]  dump_stack_lvl+0xfa/0x120
[  652.324730]  should_fail_ex+0x4d7/0x5e0
[  652.324784]  ? __do_sys_memfd_create+0x1e5/0xaa0
[  652.324830]  should_failslab+0xc2/0x120
[  652.324889]  __kmalloc_cache_noprof+0x80/0x730
[  652.324977]  ? __do_sys_memfd_create+0x1e5/0xaa0
[  652.325036]  __do_sys_memfd_create+0x1e5/0xaa0
[  652.325084]  ? ksys_write+0x1a3/0x240
[  652.325136]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  652.325176]  ? irqentry_exit+0xee/0x650
[  652.325239]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  652.325296]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  652.325369]  do_syscall_64+0xbf/0x420
[  652.325415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.325456] RIP: 0033:0x7f6a11ca6b19
[  652.325485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  652.325524] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  652.325560] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca6b19
[  652.325587] RDX: 0000000000002c00 RSI: 0000000000000000 RDI: 00007f6a11d000fb
[  652.325612] RBP: 0000000000000003 R08: 0000000000001600 R09: ffffffffffffffff
[  652.325636] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  652.325659] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  652.325709]  </TASK>
[  652.327188] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  652.348089] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  652.348853] EXT4-fs (loop3): group descriptors corrupted!
03:44:29 executing program 2:
clone3(&(0x7f0000005880)={0x10000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:29 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

03:44:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4", 0x2e, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:44:29 executing program 1:
clone3(&(0x7f0000005880)={0x11000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  652.456548] loop3: detected capacity change from 0 to 512
03:44:29 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 2)

03:44:29 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xf}}}, 0x414d02)

[  652.466414] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  652.467195] EXT4-fs (loop3): group descriptors corrupted!
[  652.505671] loop5: detected capacity change from 0 to 512
[  652.510671] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
03:44:29 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x9f0a0000)

03:44:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

[  652.563218] loop6: detected capacity change from 0 to 512
03:44:29 executing program 2:
clone3(&(0x7f0000005880)={0x10000200, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  652.593197] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:44:29 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

[  652.603106] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  652.626956] loop5: detected capacity change from 0 to 512
[  652.633239] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
03:44:29 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 3)

03:44:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:44:29 executing program 7:
clone3(&(0x7f0000005880)={0x1fffefff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:29 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0x20000}}}, 0x414d02)

[  652.715488] loop3: detected capacity change from 0 to 512
[  652.739124] loop5: detected capacity change from 0 to 512
[  652.746217] FAULT_INJECTION: forcing a failure.
[  652.746217] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  652.746481] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  652.748041] CPU: 1 UID: 0 PID: 6929 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  652.748071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  652.748084] Call Trace:
[  652.748091]  <TASK>
[  652.748100]  dump_stack_lvl+0xfa/0x120
[  652.748143]  should_fail_ex+0x4d7/0x5e0
[  652.748174]  strncpy_from_user+0x3b/0x2f0
[  652.748212]  __do_sys_memfd_create+0x21d/0xaa0
[  652.748240]  ? ksys_write+0x1a3/0x240
[  652.748269]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  652.748293]  ? irqentry_exit+0xee/0x650
[  652.748326]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  652.748358]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  652.748396]  do_syscall_64+0xbf/0x420
[  652.748421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.748444] RIP: 0033:0x7f6a11ca6b19
[  652.748462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  652.748482] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  652.748504] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca6b19
[  652.748519] RDX: 0000000000002c00 RSI: 0000000000000000 RDI: 00007f6a11d000fb
[  652.748533] RBP: 0000000000000003 R08: 0000000000001600 R09: ffffffffffffffff
[  652.748547] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  652.748560] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  652.748590]  </TASK>
03:44:29 executing program 2:
clone3(&(0x7f0000005880)={0x11000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:29 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xfbffffff)

03:44:29 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

03:44:29 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 4)

03:44:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

[  652.889291] loop5: detected capacity change from 0 to 512
[  652.897586] FAULT_INJECTION: forcing a failure.
[  652.897586] name failslab, interval 1, probability 0, space 0, times 0
[  652.898529] CPU: 0 UID: 0 PID: 6944 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  652.898544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  652.898551] Call Trace:
[  652.898555]  <TASK>
[  652.898560]  dump_stack_lvl+0xfa/0x120
[  652.898585]  should_fail_ex+0x4d7/0x5e0
[  652.898602]  ? shmem_alloc_inode+0x27/0x50
[  652.898616]  should_failslab+0xc2/0x120
[  652.898633]  kmem_cache_alloc_lru_noprof+0x84/0x720
[  652.898652]  ? shmem_alloc_inode+0x27/0x50
[  652.898664]  shmem_alloc_inode+0x27/0x50
[  652.898676]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  652.898688]  alloc_inode+0x67/0x250
[  652.898701]  new_inode+0x1e/0x160
[  652.898713]  __shmem_get_inode+0x17c/0xe80
[  652.898732]  __shmem_file_setup+0x108/0x370
[  652.898749]  __do_sys_memfd_create+0x2ce/0xaa0
[  652.898767]  ? ksys_write+0x1a3/0x240
[  652.898785]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  652.898797]  ? irqentry_exit+0xee/0x650
[  652.898815]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  652.898832]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  652.898853]  do_syscall_64+0xbf/0x420
[  652.898866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.898878] RIP: 0033:0x7f6a11ca6b19
[  652.898887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  652.898898] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  652.898909] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca6b19
[  652.898917] RDX: 0000000000002c00 RSI: 0000000000000000 RDI: 00007f6a11d000fb
[  652.898924] RBP: 0000000000000003 R08: 0000000000001600 R09: ffffffffffffffff
[  652.898931] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  652.898938] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  652.898955]  </TASK>
[  652.904590] loop3: detected capacity change from 0 to 512
[  652.932710] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  652.987644] Process accounting resumed
03:44:39 executing program 2:
clone3(&(0x7f0000005880)={0x1fffefff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:39 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

03:44:39 executing program 1:
clone3(&(0x7f0000005880)={0x1fffefff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:39 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

03:44:39 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 5)

03:44:39 executing program 7:
clone3(&(0x7f0000005880)={0x20000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:39 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xfeffffff)

03:44:39 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef0100010000", 0x3f, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

[  662.435341] loop6: detected capacity change from 0 to 512
[  662.449688] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  662.456224] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  662.483968] loop3: detected capacity change from 0 to 512
[  662.496805] loop5: detected capacity change from 0 to 512
03:44:39 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 6)

[  662.521591] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  662.523302] EXT4-fs (loop5): group descriptors corrupted!
03:44:39 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

03:44:39 executing program 7:
clone3(&(0x7f0000005880)={0x3f000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  662.599935] FAULT_INJECTION: forcing a failure.
[  662.599935] name failslab, interval 1, probability 0, space 0, times 0
[  662.601923] CPU: 0 UID: 0 PID: 6978 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  662.601954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  662.601968] Call Trace:
[  662.601976]  <TASK>
[  662.601986]  dump_stack_lvl+0xfa/0x120
[  662.602038]  should_fail_ex+0x4d7/0x5e0
[  662.602069]  ? security_inode_alloc+0x3e/0x130
[  662.602096]  should_failslab+0xc2/0x120
[  662.602128]  kmem_cache_alloc_noprof+0x80/0x710
[  662.602152]  ? __pfx_map_id_range_down+0x10/0x10
[  662.602186]  ? __create_object+0x59/0x80
[  662.602214]  ? security_inode_alloc+0x3e/0x130
[  662.602240]  security_inode_alloc+0x3e/0x130
[  662.602269]  inode_init_always_gfp+0xc9d/0xff0
[  662.602304]  alloc_inode+0x8d/0x250
[  662.602327]  new_inode+0x1e/0x160
[  662.602350]  __shmem_get_inode+0x17c/0xe80
[  662.602389]  __shmem_file_setup+0x108/0x370
[  662.602422]  __do_sys_memfd_create+0x2ce/0xaa0
[  662.602449]  ? ksys_write+0x1a3/0x240
[  662.602478]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  662.602502]  ? irqentry_exit+0xee/0x650
[  662.602536]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  662.602568]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  662.602607]  do_syscall_64+0xbf/0x420
[  662.602631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  662.602655] RIP: 0033:0x7f6a11ca6b19
[  662.602673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  662.602694] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  662.602716] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca6b19
[  662.602731] RDX: 0000000000002c00 RSI: 0000000000000000 RDI: 00007f6a11d000fb
[  662.602745] RBP: 0000000000000003 R08: 0000000000001600 R09: ffffffffffffffff
[  662.602759] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  662.602772] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  662.602802]  </TASK>
[  662.631939] loop3: detected capacity change from 0 to 512
03:44:48 executing program 2:
clone3(&(0x7f0000005880)={0x20000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:48 executing program 7:
clone3(&(0x7f0000005880)={0x40000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:48 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x2}}}, 0x414d02)

03:44:48 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 7)

03:44:48 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:44:48 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xffffff7f)

03:44:48 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

03:44:48 executing program 1:
clone3(&(0x7f0000005880)={0x20000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  671.150721] loop3: detected capacity change from 0 to 512
[  671.167196] loop5: detected capacity change from 0 to 512
03:44:48 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

[  671.195444] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  671.197060] loop6: detected capacity change from 0 to 512
[  671.198049] EXT4-fs (loop5): group descriptors corrupted!
[  671.239434] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  671.258506] loop3: detected capacity change from 0 to 512
03:44:48 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x3}}}, 0x414d02)

[  671.273705] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:44:48 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f01", 0x35, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:44:48 executing program 2:
clone3(&(0x7f0000005880)={0x3f000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  671.360941] loop5: detected capacity change from 0 to 512
[  671.367514] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
03:44:56 executing program 2:
clone3(&(0x7f0000005880)={0x40000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:56 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x4}}}, 0x414d02)

03:44:56 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

03:44:56 executing program 1:
clone3(&(0x7f0000005880)={0x3f000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:56 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 8)

03:44:56 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xfffffffb)

03:44:56 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f01", 0x35, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:44:56 executing program 7:
clone3(&(0x7f0000005880)={0x40080000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  679.569860] loop3: detected capacity change from 0 to 8
[  679.574382] EXT4-fs (loop3): bad geometry: block count 256 exceeds size of device (4 blocks)
[  679.598830] loop5: detected capacity change from 0 to 512
03:44:56 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

[  679.615741] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  679.615930] FAULT_INJECTION: forcing a failure.
[  679.615930] name failslab, interval 1, probability 0, space 0, times 0
[  679.617784] CPU: 0 UID: 0 PID: 7048 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  679.617800] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  679.617807] Call Trace:
[  679.617811]  <TASK>
[  679.617815]  dump_stack_lvl+0xfa/0x120
[  679.617839]  should_fail_ex+0x4d7/0x5e0
[  679.617856]  ? __d_alloc+0x34/0xa10
[  679.617872]  should_failslab+0xc2/0x120
[  679.617890]  kmem_cache_alloc_lru_noprof+0x84/0x720
[  679.617903]  ? find_held_lock+0x2b/0x80
[  679.617919]  ? __d_alloc+0x34/0xa10
[  679.617934]  __d_alloc+0x34/0xa10
[  679.617949]  ? mpol_shared_policy_init+0x24f/0x390
[  679.617966]  d_alloc_pseudo+0x1d/0xc0
[  679.617978]  alloc_file_pseudo+0xbe/0x220
[  679.618002]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  679.618020]  ? __shmem_get_inode+0x684/0xe80
[  679.618039]  __shmem_file_setup+0x1a8/0x370
[  679.618056]  __do_sys_memfd_create+0x2ce/0xaa0
[  679.618070]  ? ksys_write+0x1a3/0x240
[  679.618085]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  679.618097]  ? irqentry_exit+0xee/0x650
[  679.618115]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  679.618133]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  679.618152]  do_syscall_64+0xbf/0x420
[  679.618165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  679.618177] RIP: 0033:0x7f6a11ca6b19
[  679.618187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  679.618197] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  679.618208] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca6b19
[  679.618216] RDX: 0000000000002c00 RSI: 0000000000000000 RDI: 00007f6a11d000fb
[  679.618223] RBP: 0000000000000003 R08: 0000000000001600 R09: ffffffffffffffff
[  679.618230] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  679.618237] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  679.618252]  </TASK>
[  679.652265] loop3: detected capacity change from 0 to 8
[  679.658869] EXT4-fs (loop3): bad geometry: block count 256 exceeds size of device (4 blocks)
03:44:56 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 9)

03:44:56 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012900))

[  679.727940] loop3: detected capacity change from 0 to 8
[  679.734978] EXT4-fs (loop3): bad geometry: block count 256 exceeds size of device (4 blocks)
03:44:56 executing program 2:
clone3(&(0x7f0000005880)={0x74020000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:44:56 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xfffffffe)

03:44:56 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x5}}}, 0x414d02)

03:44:56 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f01", 0x35, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:44:56 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012900))

[  679.812757] loop6: detected capacity change from 0 to 512
[  679.823560] No source specified
[  679.846060] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:44:56 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012900))

[  679.857178] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  679.875907] loop5: detected capacity change from 0 to 512
[  679.910487] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
03:44:57 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x40000000000)

[  679.953995] No source specified
03:45:05 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 10)

03:45:05 executing program 1:
clone3(&(0x7f0000005880)={0x40000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:05 executing program 2:
clone3(&(0x7f0000005880)={0x7bffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:05 executing program 7:
clone3(&(0x7f0000005880)={0x7bffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:05 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012900))

03:45:05 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x6}}}, 0x414d02)

03:45:05 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x8000000000000)

03:45:05 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff", 0x38, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

[  688.655356] No source specified
[  688.656451] loop5: detected capacity change from 0 to 512
[  688.662442] FAULT_INJECTION: forcing a failure.
[  688.662442] name failslab, interval 1, probability 0, space 0, times 0
[  688.663295] CPU: 1 UID: 0 PID: 7102 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  688.663310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  688.663318] Call Trace:
[  688.663323]  <TASK>
[  688.663329]  dump_stack_lvl+0xfa/0x120
[  688.663358]  should_fail_ex+0x4d7/0x5e0
[  688.663376]  ? alloc_empty_file+0x58/0x1e0
[  688.663396]  should_failslab+0xc2/0x120
[  688.663425]  kmem_cache_alloc_noprof+0x80/0x710
[  688.663438]  ? d_instantiate+0x92/0xb0
[  688.663459]  ? alloc_empty_file+0x58/0x1e0
[  688.663476]  ? _raw_spin_unlock+0x1e/0x40
[  688.663492]  alloc_empty_file+0x58/0x1e0
[  688.663511]  alloc_file_pseudo+0x12b/0x220
[  688.663530]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  688.663553]  __shmem_file_setup+0x1a8/0x370
[  688.663572]  __do_sys_memfd_create+0x2ce/0xaa0
[  688.663590]  ? ksys_write+0x1a3/0x240
[  688.663612]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  688.663631]  ? irqentry_exit+0xee/0x650
[  688.663658]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  688.663676]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  688.663698]  do_syscall_64+0xbf/0x420
[  688.663711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  688.663724] RIP: 0033:0x7f6a11ca6b19
[  688.663734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  688.663745] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  688.663757] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca6b19
[  688.663765] RDX: 0000000000002c00 RSI: 0000000000000000 RDI: 00007f6a11d000fb
[  688.663772] RBP: 0000000000000003 R08: 0000000000001600 R09: ffffffffffffffff
[  688.663780] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  688.663787] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  688.663802]  </TASK>
03:45:05 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}], 0x0, &(0x7f0000012900))

03:45:05 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 11)

[  688.714575] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  688.743988] loop3: detected capacity change from 0 to 512
[  688.753356] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  688.754161] EXT4-fs (loop3): group descriptors corrupted!
[  688.757619] Process accounting paused
[  688.768170] loop6: detected capacity change from 0 to 512
03:45:05 executing program 2:
clone3(&(0x7f0000005880)={0xf0ffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  688.808946] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  688.830234] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:45:15 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x7}}}, 0x414d02)

03:45:15 executing program 1:
clone3(&(0x7f0000005880)={0x50020000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:15 executing program 2:
clone3(&(0x7f0000005880)={0xf4000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:15 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}], 0x0, &(0x7f0000012900))

03:45:15 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x100000000000000)

03:45:15 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 12)

03:45:15 executing program 7:
clone3(&(0x7f0000005880)={0xf0ffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff", 0x38, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

[  698.558637] loop3: detected capacity change from 0 to 512
[  698.564642] FAULT_INJECTION: forcing a failure.
[  698.564642] name failslab, interval 1, probability 0, space 0, times 0
[  698.566494] CPU: 1 UID: 0 PID: 7139 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  698.566523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  698.566535] Call Trace:
[  698.566542]  <TASK>
[  698.566550]  dump_stack_lvl+0xfa/0x120
[  698.566590]  should_fail_ex+0x4d7/0x5e0
[  698.566619]  ? security_file_alloc+0x35/0x130
[  698.566649]  should_failslab+0xc2/0x120
[  698.566679]  kmem_cache_alloc_noprof+0x80/0x710
[  698.566702]  ? __create_object+0x59/0x80
[  698.566729]  ? security_file_alloc+0x35/0x130
[  698.566757]  security_file_alloc+0x35/0x130
[  698.566787]  init_file+0x95/0x4c0
[  698.566821]  alloc_empty_file+0x76/0x1e0
[  698.566857]  alloc_file_pseudo+0x12b/0x220
[  698.566892]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  698.566937]  __shmem_file_setup+0x1a8/0x370
[  698.566971]  __do_sys_memfd_create+0x2ce/0xaa0
[  698.566997]  ? ksys_write+0x1a3/0x240
[  698.567030]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  698.567053]  ? irqentry_exit+0xee/0x650
[  698.567084]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  698.567113]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  698.567151]  do_syscall_64+0xbf/0x420
[  698.567175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  698.567197] RIP: 0033:0x7f6a11ca6b19
[  698.567213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  698.567233] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  698.567253] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca6b19
[  698.567267] RDX: 0000000000002c00 RSI: 0000000000000000 RDI: 00007f6a11d000fb
[  698.567280] RBP: 0000000000000003 R08: 0000000000001600 R09: ffffffffffffffff
[  698.567293] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  698.567305] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  698.567336]  </TASK>
[  698.575268] loop5: detected capacity change from 0 to 512
[  698.587715] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  698.596436] EXT4-fs (loop3): group descriptors corrupted!
[  698.624654] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
03:45:15 executing program 7:
clone3(&(0x7f0000005880)={0xf4000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:15 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x8}}}, 0x414d02)

03:45:15 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 13)

03:45:15 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}], 0x0, &(0x7f0000012900))

03:45:15 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x200000000000000)

03:45:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff", 0x38, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

[  698.795975] loop3: detected capacity change from 0 to 512
[  698.799388] loop6: detected capacity change from 0 to 512
[  698.814286] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  698.815703] EXT4-fs (loop3): group descriptors corrupted!
[  698.856483] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  698.876415] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  698.891136] loop5: detected capacity change from 0 to 512
03:45:16 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xb}}}, 0x414d02)

[  698.945597] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
03:45:16 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000012900))

03:45:16 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x10}}}, 0x414d02)

03:45:16 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 14)

[  699.056916] loop3: detected capacity change from 0 to 512
[  699.066368] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  699.067829] EXT4-fs (loop3): group descriptors corrupted!
[  699.159802] FAULT_INJECTION: forcing a failure.
[  699.159802] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  699.162101] CPU: 1 UID: 0 PID: 7173 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  699.162130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  699.162142] Call Trace:
[  699.162149]  <TASK>
[  699.162157]  dump_stack_lvl+0xfa/0x120
[  699.162199]  should_fail_ex+0x4d7/0x5e0
[  699.162231]  should_fail_alloc_page+0xe0/0x110
[  699.162264]  prepare_alloc_pages+0x1eb/0x550
[  699.162295]  ? __pfx_perf_trace_lock+0x10/0x10
[  699.162332]  __alloc_frozen_pages_noprof+0x17f/0x2000
[  699.162367]  ? __is_insn_slot_addr+0x2e/0x290
[  699.162399]  ? __is_insn_slot_addr+0x136/0x290
[  699.162425]  ? lock_release+0xc8/0x270
[  699.162455]  ? 0xffffffffa0000000
[  699.162474]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  699.162513]  ? perf_trace_lock+0xb5/0x5d0
[  699.162547]  ? __pfx_perf_trace_lock+0x10/0x10
[  699.162577]  ? lock_is_held_type+0x9e/0x120
[  699.162614]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  699.162652]  ? policy_nodemask+0xeb/0x4e0
[  699.162678]  alloc_pages_mpol+0xed/0x340
[  699.162700]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  699.162719]  ? filemap_get_entry+0x1bb/0x3b0
[  699.162752]  ? __pfx_filemap_get_entry+0x10/0x10
[  699.162793]  folio_alloc_mpol_noprof+0x38/0xa0
[  699.162821]  shmem_alloc_folio+0x11b/0x140
[  699.162851]  shmem_get_folio_gfp.constprop.0+0x4ea/0x13a0
[  699.162897]  ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10
[  699.162934]  ? __pfx_perf_trace_lock+0x10/0x10
[  699.162963]  ? simple_xattr_get+0x173/0x1d0
[  699.163011]  shmem_write_begin+0x194/0x3b0
[  699.163045]  ? __pfx_shmem_write_begin+0x10/0x10
[  699.163074]  ? mark_held_locks+0x49/0x80
[  699.163101]  ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190
[  699.163124]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  699.163151]  ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0
[  699.163191]  generic_perform_write+0x391/0x810
[  699.163231]  ? __pfx_generic_perform_write+0x10/0x10
[  699.163264]  ? file_update_time_flags+0x24c/0x4f0
[  699.163304]  shmem_file_write_iter+0x111/0x140
[  699.163333]  vfs_write+0xbe9/0x1150
[  699.163362]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  699.163388]  ? __fget_files+0x34/0x3b0
[  699.163415]  ? __pfx_vfs_write+0x10/0x10
[  699.163481]  __x64_sys_pwrite64+0x1f1/0x260
[  699.163511]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[  699.163552]  do_syscall_64+0xbf/0x420
[  699.163576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  699.163598] RIP: 0033:0x7f6a11c59ab7
[  699.163614] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[  699.163634] RSP: 002b:00007f6a0f21bf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  699.163655] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11c59ab7
[  699.163669] RDX: 000000000000005a RSI: 0000000020010000 RDI: 0000000000000005
[  699.163682] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff
[  699.163695] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000005
[  699.163707] R13: 0000000000000005 R14: 0000000020000200 R15: 0000000000000000
[  699.163739]  </TASK>
[  699.296688] loop6: detected capacity change from 0 to 512
[  699.302050] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
03:45:25 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000012900))

03:45:25 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x400000000000000)

03:45:25 executing program 7:
clone3(&(0x7f0000005880)={0xf5ffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:25 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x24}}}, 0x414d02)

03:45:25 executing program 2:
clone3(&(0x7f0000005880)={0xf5ffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:25 executing program 1:
clone3(&(0x7f0000005880)={0x7bffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:25 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 15)

03:45:25 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:45:25 executing program 1:
clone3(&(0x7f0000005880)={0xf0ffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  708.565664] loop3: detected capacity change from 0 to 512
03:45:25 executing program 1:
clone3(&(0x7f0000005880)={0xf4000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  708.600402] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  708.601817] FAULT_INJECTION: forcing a failure.
[  708.601817] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  708.602108] EXT4-fs (loop3): group descriptors corrupted!
[  708.603060] CPU: 0 UID: 0 PID: 7195 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  708.603077] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  708.603084] Call Trace:
[  708.603089]  <TASK>
[  708.603093]  dump_stack_lvl+0xfa/0x120
[  708.603120]  should_fail_ex+0x4d7/0x5e0
[  708.603136]  ? page_copy_sane+0xce/0x2b0
[  708.603151]  copy_folio_from_iter_atomic+0x383/0x1820
[  708.603170]  ? _raw_read_unlock+0x1e/0x40
[  708.603187]  ? simple_xattr_get+0x173/0x1d0
[  708.603210]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  708.603225]  ? shmem_write_begin+0x1ab/0x3b0
[  708.603244]  ? __pfx_shmem_write_begin+0x10/0x10
[  708.603260]  ? mark_held_locks+0x49/0x80
[  708.603278]  ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190
[  708.603291]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  708.603305]  ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0
[  708.603327]  generic_perform_write+0x1d7/0x810
[  708.603349]  ? __pfx_generic_perform_write+0x10/0x10
[  708.603366]  ? file_update_time_flags+0x24c/0x4f0
[  708.603389]  shmem_file_write_iter+0x111/0x140
[  708.603404]  vfs_write+0xbe9/0x1150
[  708.603420]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  708.603434]  ? __fget_files+0x34/0x3b0
[  708.603449]  ? __pfx_vfs_write+0x10/0x10
[  708.603474]  __x64_sys_pwrite64+0x1f1/0x260
[  708.603490]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[  708.603524]  do_syscall_64+0xbf/0x420
[  708.603539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.603552] RIP: 0033:0x7f6a11c59ab7
[  708.603562] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[  708.603573] RSP: 002b:00007f6a0f21bf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  708.603584] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11c59ab7
[  708.603592] RDX: 000000000000005a RSI: 0000000020010000 RDI: 0000000000000005
[  708.603599] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff
[  708.603606] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000005
[  708.603613] R13: 0000000000000005 R14: 0000000020000200 R15: 0000000000000000
[  708.603629]  </TASK>
[  708.609411] loop6: detected capacity change from 0 to 512
03:45:25 executing program 7:
clone3(&(0x7f0000005880)={0xfbffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  708.630339] loop5: detected capacity change from 0 to 512
[  708.642076] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  708.665994] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  708.669163] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:45:25 executing program 2:
clone3(&(0x7f0000005880)={0xfbffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:25 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:45:25 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000012900))

03:45:25 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x600000000000000)

03:45:25 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x2f}}}, 0x414d02)

03:45:25 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 16)

[  708.774072] loop3: detected capacity change from 0 to 512
[  708.779709] loop5: detected capacity change from 0 to 512
[  708.781881] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  708.782756] EXT4-fs (loop3): group descriptors corrupted!
[  708.804547] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  708.835231] FAULT_INJECTION: forcing a failure.
[  708.835231] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  708.836718] CPU: 1 UID: 0 PID: 7221 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  708.836741] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  708.836751] Call Trace:
[  708.836757]  <TASK>
[  708.836764]  dump_stack_lvl+0xfa/0x120
[  708.836800]  should_fail_ex+0x4d7/0x5e0
[  708.836820]  ? page_copy_sane+0xce/0x2b0
[  708.836841]  copy_folio_from_iter_atomic+0x383/0x1820
[  708.836871]  ? __pfx_perf_trace_lock+0x10/0x10
[  708.836902]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  708.836924]  ? shmem_write_begin+0x1ab/0x3b0
[  708.836952]  ? __pfx_shmem_write_begin+0x10/0x10
[  708.836975]  ? mark_held_locks+0x49/0x80
[  708.837004]  ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190
[  708.837022]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  708.837044]  ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0
[  708.837077]  generic_perform_write+0x1d7/0x810
[  708.837110]  ? __pfx_generic_perform_write+0x10/0x10
[  708.837137]  ? file_update_time_flags+0x24c/0x4f0
[  708.837174]  shmem_file_write_iter+0x111/0x140
[  708.837197]  vfs_write+0xbe9/0x1150
[  708.837221]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  708.837243]  ? __fget_files+0x34/0x3b0
[  708.837265]  ? __pfx_vfs_write+0x10/0x10
[  708.837307]  __x64_sys_pwrite64+0x1f1/0x260
[  708.837331]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[  708.837363]  do_syscall_64+0xbf/0x420
[  708.837383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.837402] RIP: 0033:0x7f6a11c59ab7
[  708.837415] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[  708.837431] RSP: 002b:00007f6a0f21bf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  708.837448] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11c59ab7
[  708.837460] RDX: 0000000000000009 RSI: 0000000020010400 RDI: 0000000000000005
[  708.837470] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff
[  708.837481] R10: 0000000000000800 R11: 0000000000000293 R12: 0000000000000005
[  708.837491] R13: 0000000000000005 R14: 0000000020000218 R15: 0000000000000001
[  708.837517]  </TASK>
[  708.918551] loop6: detected capacity change from 0 to 512
[  708.941393] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  708.949592] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:45:35 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 17)

03:45:35 executing program 7:
clone3(&(0x7f0000005880)={0xffefff1f, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:35 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xc00000000000000)

03:45:35 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012900))

03:45:35 executing program 2:
clone3(&(0x7f0000005880)={0xffefff1f, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:35 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:45:35 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x64}}}, 0x414d02)

03:45:35 executing program 1:
clone3(&(0x7f0000005880)={0xf5ffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:35 executing program 7:
clone3(&(0x7f0000005880)={0xffffff7b, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  718.107130] loop5: detected capacity change from 0 to 512
03:45:35 executing program 1:
clone3(&(0x7f0000005880)={0xfbffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  718.130841] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  718.134767] loop3: detected capacity change from 0 to 512
[  718.144671] FAULT_INJECTION: forcing a failure.
[  718.144671] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  718.146869] CPU: 0 UID: 0 PID: 7250 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  718.146900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  718.146913] Call Trace:
[  718.146921]  <TASK>
[  718.146931]  dump_stack_lvl+0xfa/0x120
[  718.146974]  should_fail_ex+0x4d7/0x5e0
[  718.147013]  should_fail_alloc_page+0xe0/0x110
[  718.147048]  prepare_alloc_pages+0x1eb/0x550
[  718.147085]  __alloc_frozen_pages_noprof+0x17f/0x2000
[  718.147138]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  718.147179]  ? __lock_acquire+0x453/0x2150
[  718.147216]  ? lock_is_held_type+0x9e/0x120
[  718.147254]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  718.147293]  ? policy_nodemask+0xeb/0x4e0
[  718.147319]  alloc_pages_mpol+0xed/0x340
[  718.147342]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  718.147363]  ? filemap_get_entry+0x1bb/0x3b0
[  718.147397]  ? __pfx_filemap_get_entry+0x10/0x10
[  718.147438]  folio_alloc_mpol_noprof+0x38/0xa0
[  718.147467]  shmem_alloc_folio+0x11b/0x140
[  718.147498]  shmem_get_folio_gfp.constprop.0+0x4ea/0x13a0
[  718.147544]  ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10
[  718.147597]  ? avc_has_perm+0x12b/0x1d0
[  718.147636]  shmem_write_begin+0x194/0x3b0
[  718.147671]  ? __pfx_shmem_write_begin+0x10/0x10
[  718.147702]  ? mark_held_locks+0x49/0x80
03:45:35 executing program 7:
clone3(&(0x7f0000005880)={0xfffffff0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  718.147731]  ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190
[  718.147755]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  718.147784]  ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0
[  718.147825]  generic_perform_write+0x391/0x810
[  718.147864]  ? __pfx_generic_perform_write+0x10/0x10
[  718.147899]  ? file_update_time_flags+0x24c/0x4f0
[  718.147941]  shmem_file_write_iter+0x111/0x140
[  718.147970]  vfs_write+0xbe9/0x1150
[  718.148000]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  718.148028]  ? __fget_files+0x34/0x3b0
[  718.148057]  ? __pfx_vfs_write+0x10/0x10
[  718.148107]  __x64_sys_pwrite64+0x1f1/0x260
[  718.148139]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[  718.148180]  do_syscall_64+0xbf/0x420
[  718.148204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  718.148228] RIP: 0033:0x7f6a11c59ab7
[  718.148245] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[  718.148266] RSP: 002b:00007f6a0f21bf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  718.148288] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11c59ab7
[  718.148303] RDX: 000000000000001d RSI: 0000000020010e00 RDI: 0000000000000005
[  718.148316] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff
[  718.148330] R10: 0000000000001600 R11: 0000000000000293 R12: 0000000000000005
[  718.148343] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002
[  718.148374]  </TASK>
[  718.214329] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  718.215942] EXT4-fs (loop3): group descriptors corrupted!
[  718.239874] loop6: detected capacity change from 0 to 512
[  718.247538] EXT4-fs error (device loop6): __ext4_fill_super:5553: inode #2: comm syz-executor.6: iget: special inode unallocated
[  718.249433] EXT4-fs (loop6): get root inode failed
[  718.249846] EXT4-fs (loop6): mount failed
03:45:44 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 18)

03:45:44 executing program 1:
clone3(&(0x7f0000005880)={0xffefff1f, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:44 executing program 2:
clone3(&(0x7f0000005880)={0xffffff7b, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:44 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012900))

03:45:44 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:45:44 executing program 7:
clone3(&(0x7f0000005880)={0xfffffff5, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:44 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x70}}}, 0x414d02)

03:45:44 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x1000000000000000)

[  727.436879] loop5: detected capacity change from 0 to 512
[  727.446658] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  727.459507] loop3: detected capacity change from 0 to 512
[  727.463756] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  727.464547] EXT4-fs (loop3): group descriptors corrupted!
[  727.472975] loop6: detected capacity change from 0 to 512
[  727.474738] Process accounting resumed
03:45:44 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:45:44 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012900))

[  727.535911] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  727.542063] loop5: detected capacity change from 0 to 512
[  727.544868] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  727.571420] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  727.571654] loop3: detected capacity change from 0 to 512
[  727.579887] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  727.580879] EXT4-fs (loop3): group descriptors corrupted!
03:45:44 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xf0}}}, 0x414d02)

03:45:44 executing program 2:
clone3(&(0x7f0000005880)={0xfffffff0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:44 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900))

03:45:44 executing program 1:
clone3(&(0x7f0000005880)={0xffffff7b, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:44 executing program 7:
clone3(&(0x7f0000005880)={0xfffffffb, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:44 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="0300", 0x2, 0x800}], 0x0, &(0x7f0000012900))

[  727.643849] loop5: detected capacity change from 0 to 512
[  727.654756] loop3: detected capacity change from 0 to 512
[  727.658665] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  727.663620] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  727.664497] EXT4-fs (loop3): group descriptors corrupted!
03:45:53 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x1200000000000000)

03:45:53 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x112}}}, 0x414d02)

03:45:53 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 19)

03:45:53 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:45:53 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, 0x0)

03:45:53 executing program 1:
clone3(&(0x7f0000005880)={0xfffffff0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:53 executing program 7:
clone3(&(0x7f0000005880)={0x100000800, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:53 executing program 2:
clone3(&(0x7f0000005880)={0xfffffff5, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  736.514195] loop6: detected capacity change from 0 to 512
[  736.538645] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  736.544581] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:45:53 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x1201000000000000)

03:45:53 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x300}}}, 0x414d02)

[  736.581150] loop5: detected capacity change from 0 to 512
[  736.583417] loop3: detected capacity change from 0 to 512
03:45:53 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 20)

[  736.597402] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  736.598978] EXT4-fs (loop3): group descriptors corrupted!
03:45:53 executing program 1:
clone3(&(0x7f0000005880)={0xfffffff5, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:53 executing program 2:
clone3(&(0x7f0000005880)={0xfffffffb, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  736.646691] FAULT_INJECTION: forcing a failure.
[  736.646691] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  736.648355] CPU: 1 UID: 0 PID: 7338 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  736.648371] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  736.648378] Call Trace:
[  736.648382]  <TASK>
[  736.648387]  dump_stack_lvl+0xfa/0x120
[  736.648414]  should_fail_ex+0x4d7/0x5e0
[  736.648429]  ? page_copy_sane+0xce/0x2b0
[  736.648444]  copy_folio_from_iter_atomic+0x383/0x1820
[  736.648464]  ? __pfx_perf_trace_lock+0x10/0x10
[  736.648485]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  736.648500]  ? shmem_write_begin+0x1ab/0x3b0
[  736.648520]  ? __pfx_shmem_write_begin+0x10/0x10
[  736.648535]  ? mark_held_locks+0x49/0x80
[  736.648551]  ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190
[  736.648566]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  736.648583]  ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0
[  736.648606]  generic_perform_write+0x1d7/0x810
[  736.648628]  ? __pfx_generic_perform_write+0x10/0x10
[  736.648646]  ? file_update_time_flags+0x24c/0x4f0
[  736.648669]  shmem_file_write_iter+0x111/0x140
[  736.648685]  vfs_write+0xbe9/0x1150
[  736.648701]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  736.648715]  ? __fget_files+0x34/0x3b0
[  736.648730]  ? __pfx_vfs_write+0x10/0x10
[  736.648758]  __x64_sys_pwrite64+0x1f1/0x260
[  736.648774]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[  736.648796]  do_syscall_64+0xbf/0x420
[  736.648811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  736.648824] RIP: 0033:0x7f6a11c59ab7
[  736.648833] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[  736.648844] RSP: 002b:00007f6a0f21bf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  736.648856] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11c59ab7
[  736.648864] RDX: 000000000000001d RSI: 0000000020010e00 RDI: 0000000000000005
[  736.648871] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff
[  736.648878] R10: 0000000000001600 R11: 0000000000000293 R12: 0000000000000005
[  736.648885] R13: 0000000000000005 R14: 0000000020000230 R15: 0000000000000002
[  736.648903]  </TASK>
[  736.669292] loop6: detected capacity change from 0 to 512
[  736.684891] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:45:53 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x321}}}, 0x414d02)

[  736.696117] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:45:53 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x2103000000000000)

03:45:53 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 21)

03:45:53 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, 0x0)

03:45:53 executing program 7:
clone3(&(0x7f0000005880)={0x10000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:53 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012900))

[  736.800929] FAULT_INJECTION: forcing a failure.
[  736.800929] name failslab, interval 1, probability 0, space 0, times 0
[  736.802690] CPU: 1 UID: 0 PID: 7352 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  736.802720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  736.802732] Call Trace:
[  736.802740]  <TASK>
[  736.802749]  dump_stack_lvl+0xfa/0x120
[  736.802792]  should_fail_ex+0x4d7/0x5e0
[  736.802823]  ? getname_flags.part.0+0x48/0x540
[  736.802844]  should_failslab+0xc2/0x120
[  736.802876]  kmem_cache_alloc_noprof+0x80/0x710
[  736.802910]  ? getname_flags.part.0+0x48/0x540
[  736.802930]  getname_flags.part.0+0x48/0x540
[  736.802954]  getname_flags+0x95/0xe0
[  736.802982]  do_sys_openat2+0x9f/0x240
[  736.803011]  ? __pfx_do_sys_openat2+0x10/0x10
[  736.803047]  __x64_sys_openat+0x142/0x200
[  736.803069]  ? __pfx___x64_sys_openat+0x10/0x10
[  736.803107]  do_syscall_64+0xbf/0x420
[  736.803132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  736.803154] RIP: 0033:0x7f6a11c59a04
[  736.803172] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  736.803192] RSP: 002b:00007f6a0f21bed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  736.803213] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11c59a04
[  736.803228] RDX: 0000000000000002 RSI: 00007f6a0f21c000 RDI: 00000000ffffff9c
[  736.803241] RBP: 00007f6a0f21c000 R08: 0000000000000000 R09: ffffffffffffffff
[  736.803255] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  736.803267] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  736.803299]  </TASK>
[  736.809677] loop3: detected capacity change from 0 to 512
[  736.830832] loop5: detected capacity change from 0 to 512
03:45:53 executing program 2:
clone3(&(0x7f0000005880)={0x100000800, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:53 executing program 1:
clone3(&(0x7f0000005880)={0xfffffffb, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  736.872830] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  736.874636] EXT4-fs (loop3): group descriptors corrupted!
03:45:54 executing program 7:
clone3(&(0x7f0000005880)={0x7f0f43fabfff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:45:54 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x408}}}, 0x414d02)

03:45:54 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 22)

03:45:54 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, 0x0)

03:45:54 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012900))

03:45:54 executing program 2:
clone3(&(0x7f0000005880)={0x10000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  737.067606] loop6: detected capacity change from 0 to 512
[  737.082358] loop5: detected capacity change from 0 to 512
[  737.106451] loop3: detected capacity change from 0 to 512
[  737.108682] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  737.128107] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  737.129693] EXT4-fs (loop3): group descriptors corrupted!
[  737.133281] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:46:02 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 23)

03:46:02 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xf}}}, 0x414d02)

03:46:02 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x3f00000000000000)

03:46:02 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x480}}}, 0x414d02)

03:46:02 executing program 1:
clone3(&(0x7f0000005880)={0x100000800, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:02 executing program 7:
clone3(&(0x7f0000005880)={0x2001000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:02 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012900))

03:46:02 executing program 2:
clone3(&(0x7f0000005880)={0x7f151902bfff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  745.806769] loop3: detected capacity change from 0 to 512
[  745.810913] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  745.811698] EXT4-fs (loop3): group descriptors corrupted!
03:46:02 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="03", 0x1}], 0x0, &(0x7f0000012900))

[  745.868562] FAULT_INJECTION: forcing a failure.
[  745.868562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  745.870600] CPU: 0 UID: 0 PID: 7395 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  745.870632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  745.870645] Call Trace:
[  745.870652]  <TASK>
[  745.870660]  dump_stack_lvl+0xfa/0x120
[  745.870703]  should_fail_ex+0x4d7/0x5e0
[  745.870736]  strncpy_from_user+0x3b/0x2f0
[  745.870775]  getname_flags.part.0+0x8d/0x540
[  745.870802]  getname_flags+0x95/0xe0
[  745.870837]  do_sys_openat2+0x9f/0x240
[  745.870860]  ? __pfx_do_sys_openat2+0x10/0x10
[  745.870898]  __x64_sys_openat+0x142/0x200
[  745.870920]  ? __pfx___x64_sys_openat+0x10/0x10
[  745.870959]  do_syscall_64+0xbf/0x420
[  745.870985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  745.871019] RIP: 0033:0x7f6a11c59a04
[  745.871037] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  745.871058] RSP: 002b:00007f6a0f21bed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  745.871080] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11c59a04
[  745.871095] RDX: 0000000000000002 RSI: 00007f6a0f21c000 RDI: 00000000ffffff9c
[  745.871109] RBP: 00007f6a0f21c000 R08: 0000000000000000 R09: ffffffffffffffff
[  745.871123] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  745.871136] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  745.871169]  </TASK>
[  745.883759] loop3: detected capacity change from 0 to 512
[  745.916269] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  745.917036] EXT4-fs (loop3): group descriptors corrupted!
03:46:12 executing program 1:
clone3(&(0x7f0000005880)={0x10000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:12 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x500}}}, 0x414d02)

03:46:12 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x9f0a000000000000)

03:46:12 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 24)

03:46:12 executing program 7:
clone3(&(0x7f0000005880)={0x2020000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:12 executing program 2:
clone3(&(0x7f0000005880)={0x2001000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:12 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="03", 0x1}], 0x0, &(0x7f0000012900))

03:46:12 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 1)

03:46:12 executing program 2:
clone3(&(0x7f0000005880)={0x2020000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:12 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x600}}}, 0x414d02)

[  755.363639] FAULT_INJECTION: forcing a failure.
[  755.363639] name failslab, interval 1, probability 0, space 0, times 0
[  755.364537] loop3: detected capacity change from 0 to 512
[  755.365461] CPU: 1 UID: 0 PID: 7418 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  755.365491] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  755.365504] Call Trace:
[  755.365512]  <TASK>
[  755.365520]  dump_stack_lvl+0xfa/0x120
[  755.365565]  should_fail_ex+0x4d7/0x5e0
[  755.365596]  ? alloc_empty_file+0x58/0x1e0
[  755.365630]  should_failslab+0xc2/0x120
[  755.365662]  kmem_cache_alloc_noprof+0x80/0x710
[  755.365695]  ? alloc_empty_file+0x58/0x1e0
[  755.365728]  alloc_empty_file+0x58/0x1e0
[  755.365764]  path_openat+0xee/0x2d30
[  755.365811]  ? __pfx_path_openat+0x10/0x10
[  755.365846]  ? __pfx_perf_trace_lock+0x10/0x10
[  755.365886]  do_filp_open+0x1e8/0x450
[  755.365915]  ? __pfx_do_filp_open+0x10/0x10
[  755.365958]  ? find_held_lock+0x2b/0x80
[  755.365979]  ? alloc_fd+0x2c1/0x560
[  755.366014]  ? lock_release+0xc8/0x270
[  755.366048]  ? _raw_spin_unlock+0x1e/0x40
[  755.366077]  ? alloc_fd+0x2c1/0x560
[  755.366115]  do_sys_openat2+0x107/0x240
[  755.366136]  ? __pfx_do_sys_openat2+0x10/0x10
[  755.366173]  __x64_sys_openat+0x142/0x200
[  755.366195]  ? __pfx___x64_sys_openat+0x10/0x10
[  755.366233]  do_syscall_64+0xbf/0x420
[  755.366258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.366281] RIP: 0033:0x7f6a11c59a04
[  755.366299] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  755.366320] RSP: 002b:00007f6a0f21bed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  755.366341] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11c59a04
[  755.366356] RDX: 0000000000000002 RSI: 00007f6a0f21c000 RDI: 00000000ffffff9c
[  755.366369] RBP: 00007f6a0f21c000 R08: 0000000000000000 R09: ffffffffffffffff
[  755.366383] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  755.366395] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  755.366427]  </TASK>
[  755.375793] FAULT_INJECTION: forcing a failure.
[  755.375793] name failslab, interval 1, probability 0, space 0, times 0
[  755.387845] CPU: 1 UID: 0 PID: 7423 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  755.387875] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  755.387888] Call Trace:
[  755.387895]  <TASK>
[  755.387904]  dump_stack_lvl+0xfa/0x120
[  755.387946]  should_fail_ex+0x4d7/0x5e0
[  755.387976]  ? __do_sys_memfd_create+0x1e5/0xaa0
[  755.388007]  should_failslab+0xc2/0x120
[  755.388039]  __kmalloc_cache_noprof+0x80/0x730
[  755.388087]  ? __do_sys_memfd_create+0x1e5/0xaa0
[  755.388112]  __do_sys_memfd_create+0x1e5/0xaa0
[  755.388138]  ? ksys_write+0x1a3/0x240
[  755.388165]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  755.388188]  ? irqentry_exit+0xee/0x650
[  755.388221]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  755.388251]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  755.388290]  do_syscall_64+0xbf/0x420
[  755.388315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.388337] RIP: 0033:0x7f7208245b19
[  755.388354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  755.388374] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  755.388396] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208245b19
[  755.388411] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f720829f0fb
[  755.388424] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[  755.388437] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[  755.388449] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  755.388482]  </TASK>
[  755.407632] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  755.410284] EXT4-fs (loop3): group descriptors corrupted!
03:46:12 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x700}}}, 0x414d02)

03:46:12 executing program 2:
clone3(&(0x7f0000005880)={0x8000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:12 executing program 7:
clone3(&(0x7f0000005880)={0x8000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:12 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xbfffffffffffffff)

03:46:12 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 25)

03:46:12 executing program 1:
clone3(&(0x7f0000005880)={0x7fdfc4be8fff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:12 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="03", 0x1}], 0x0, &(0x7f0000012900))

[  755.503886] loop3: detected capacity change from 0 to 512
[  755.514799] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[  755.515593] EXT4-fs (loop3): group descriptors corrupted!
03:46:12 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 2)

03:46:12 executing program 1:
clone3(&(0x7f0000005880)={0x2001000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  755.616730] loop6: detected capacity change from 0 to 512
[  755.624260] loop5: detected capacity change from 0 to 512
[  755.637125] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  755.638764] EXT4-fs (loop5): group descriptors corrupted!
[  755.662740] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  755.684309] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:46:25 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 26)

03:46:25 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x804}}}, 0x414d02)

03:46:25 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 3)

03:46:25 executing program 1:
clone3(&(0x7f0000005880)={0x2020000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:25 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:46:25 executing program 2:
clone3(&(0x7f0000005880)={0x8000001000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:25 executing program 7:
clone3(&(0x7f0000005880)={0x8000001000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:25 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xfbffffff00000000)

[  768.437408] FAULT_INJECTION: forcing a failure.
[  768.437408] name failslab, interval 1, probability 0, space 0, times 0
[  768.438444] CPU: 0 UID: 0 PID: 7464 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  768.438460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  768.438467] Call Trace:
[  768.438471]  <TASK>
[  768.438475]  dump_stack_lvl+0xfa/0x120
[  768.438502]  should_fail_ex+0x4d7/0x5e0
[  768.438518]  ? security_file_alloc+0x35/0x130
[  768.438535]  should_failslab+0xc2/0x120
[  768.438553]  kmem_cache_alloc_noprof+0x80/0x710
[  768.438566]  ? __create_object+0x59/0x80
[  768.438581]  ? security_file_alloc+0x35/0x130
[  768.438596]  security_file_alloc+0x35/0x130
[  768.438612]  init_file+0x95/0x4c0
[  768.438631]  alloc_empty_file+0x76/0x1e0
[  768.438649]  path_openat+0xee/0x2d30
[  768.438673]  ? __pfx_path_openat+0x10/0x10
[  768.438694]  do_filp_open+0x1e8/0x450
[  768.438709]  ? __pfx_do_filp_open+0x10/0x10
[  768.438725]  ? __virt_addr_valid+0x2e8/0x5d0
[  768.438743]  ? find_held_lock+0x2b/0x80
[  768.438755]  ? alloc_fd+0x2c1/0x560
[  768.438770]  ? lock_release+0xc8/0x270
[  768.438787]  ? _raw_spin_unlock+0x1e/0x40
[  768.438804]  ? alloc_fd+0x2c1/0x560
[  768.438822]  do_sys_openat2+0x107/0x240
[  768.438834]  ? __pfx_do_sys_openat2+0x10/0x10
[  768.438851]  __x64_sys_openat+0x142/0x200
[  768.438862]  ? __pfx___x64_sys_openat+0x10/0x10
[  768.438880]  do_syscall_64+0xbf/0x420
[  768.438893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  768.438906] RIP: 0033:0x7f6a11c59a04
[  768.438915] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  768.438926] RSP: 002b:00007f6a0f21bed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  768.438938] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11c59a04
[  768.438946] RDX: 0000000000000002 RSI: 00007f6a0f21c000 RDI: 00000000ffffff9c
[  768.438953] RBP: 00007f6a0f21c000 R08: 0000000000000000 R09: ffffffffffffffff
[  768.438960] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  768.438967] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  768.438982]  </TASK>
[  768.445160] loop3: detected capacity change from 0 to 512
03:46:25 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 27)

03:46:25 executing program 1:
clone3(&(0x7f0000005880)={0x8000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  768.498793] FAULT_INJECTION: forcing a failure.
[  768.498793] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  768.500556] CPU: 1 UID: 0 PID: 7473 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  768.500585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  768.500597] Call Trace:
[  768.500605]  <TASK>
[  768.500615]  dump_stack_lvl+0xfa/0x120
[  768.500659]  should_fail_ex+0x4d7/0x5e0
[  768.500690]  strncpy_from_user+0x3b/0x2f0
[  768.500728]  __do_sys_memfd_create+0x21d/0xaa0
[  768.500755]  ? ksys_write+0x1a3/0x240
[  768.500782]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  768.500805]  ? irqentry_exit+0xee/0x650
[  768.500837]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  768.500868]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  768.500906]  do_syscall_64+0xbf/0x420
[  768.500930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  768.500952] RIP: 0033:0x7f7208245b19
[  768.500968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  768.500988] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  768.501016] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208245b19
[  768.501030] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f720829f0fb
[  768.501043] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[  768.501056] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[  768.501068] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  768.501099]  </TASK>
[  768.517038] loop6: detected capacity change from 0 to 512
03:46:25 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xa9f}}}, 0x414d02)

[  768.531415] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:46:25 executing program 1:
clone3(&(0x7f0000005880)={0x8000001000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:25 executing program 2:
clone3(&(0x7f0000005880)={0x10100000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:25 executing program 7:
clone3(&(0x7f0000005880)={0x10100000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  768.597118] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:46:25 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

[  768.614895] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:46:25 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xb00}}}, 0x414d02)

[  768.627663] Process accounting paused
03:46:25 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 4)

[  768.666885] loop3: detected capacity change from 0 to 512
[  768.670430] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  768.726376] FAULT_INJECTION: forcing a failure.
[  768.726376] name failslab, interval 1, probability 0, space 0, times 0
[  768.728162] CPU: 1 UID: 0 PID: 7496 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  768.728190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  768.728202] Call Trace:
[  768.728209]  <TASK>
[  768.728217]  dump_stack_lvl+0xfa/0x120
[  768.728258]  should_fail_ex+0x4d7/0x5e0
[  768.728286]  ? shmem_alloc_inode+0x27/0x50
[  768.728310]  should_failslab+0xc2/0x120
[  768.728340]  kmem_cache_alloc_lru_noprof+0x84/0x720
[  768.728372]  ? shmem_alloc_inode+0x27/0x50
[  768.728394]  shmem_alloc_inode+0x27/0x50
[  768.728416]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  768.728439]  alloc_inode+0x67/0x250
[  768.728460]  new_inode+0x1e/0x160
[  768.728482]  __shmem_get_inode+0x17c/0xe80
[  768.728514]  __shmem_file_setup+0x108/0x370
[  768.728545]  __do_sys_memfd_create+0x2ce/0xaa0
[  768.728570]  ? ksys_write+0x1a3/0x240
[  768.728597]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  768.728620]  ? irqentry_exit+0xee/0x650
[  768.728651]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  768.728680]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  768.728717]  do_syscall_64+0xbf/0x420
[  768.728739]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  768.728761] RIP: 0033:0x7f7208245b19
[  768.728777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  768.728797] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  768.728817] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208245b19
[  768.728832] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f720829f0fb
[  768.728844] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[  768.728857] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[  768.728869] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  768.728897]  </TASK>
03:46:34 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x1201}}}, 0x414d02)

03:46:34 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 5)

[  776.980559] loop5: detected capacity change from 0 to 512
[  776.989716] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  776.990607] EXT4-fs (loop5): group descriptors corrupted!
03:46:34 executing program 7:
clone3(&(0x7f0000005880)={0x10400000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:34 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 28)

03:46:34 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:46:34 executing program 1:
clone3(&(0x7f0000005880)={0x10100000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:34 executing program 2:
clone3(&(0x7f0000005880)={0x10400000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:34 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xfeffffff00000000)

[  777.018876] FAULT_INJECTION: forcing a failure.
[  777.018876] name failslab, interval 1, probability 0, space 0, times 0
[  777.020972] CPU: 0 UID: 0 PID: 7507 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  777.021012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  777.021027] Call Trace:
[  777.021036]  <TASK>
[  777.021046]  dump_stack_lvl+0xfa/0x120
[  777.021094]  should_fail_ex+0x4d7/0x5e0
[  777.021128]  ? __kernfs_new_node+0xd3/0x930
[  777.021153]  should_failslab+0xc2/0x120
[  777.021190]  kmem_cache_alloc_noprof+0x80/0x710
[  777.021219]  ? __pfx_avc_has_perm+0x10/0x10
[  777.021261]  ? __kernfs_new_node+0xd3/0x930
[  777.021286]  __kernfs_new_node+0xd3/0x930
[  777.021318]  ? __pfx___kernfs_new_node+0x10/0x10
[  777.021350]  ? lock_acquire+0x15e/0x2d0
[  777.021383]  ? kernfs_root+0x23/0x2a0
[  777.021408]  ? find_held_lock+0x2b/0x80
[  777.021433]  ? kernfs_root+0xee/0x2a0
[  777.021458]  ? lock_release+0xc8/0x270
[  777.021488]  ? lock_is_held_type+0x9e/0x120
[  777.021533]  kernfs_new_node+0x13c/0x1e0
[  777.021571]  kernfs_create_dir_ns+0x4d/0x1a0
[  777.021607]  internal_create_group+0x440/0xeb0
[  777.021636]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  777.021686]  ? __pfx_internal_create_group+0x10/0x10
[  777.021713]  ? blk_validate_limits+0xc27/0x15c0
[  777.021757]  ? lock_is_held_type+0x9e/0x120
[  777.021799]  loop_configure+0xc46/0x15a0
[  777.021867]  ? __pfx_loop_configure+0x10/0x10
[  777.021924]  ? avc_has_extended_perms+0x107/0xf20
[  777.021961]  ? find_held_lock+0x2b/0x80
[  777.021985]  ? avc_has_extended_perms+0x23b/0xf20
[  777.022022]  ? lock_release+0xc8/0x270
[  777.022058]  lo_ioctl+0x66d/0x1ca0
[  777.022103]  ? __pfx_lo_ioctl+0x10/0x10
[  777.022140]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  777.022186]  ? lock_acquire+0x15e/0x2d0
[  777.022217]  ? __virt_addr_valid+0x1c6/0x5d0
[  777.022247]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  777.022286]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  777.022321]  ? lock_release+0xc8/0x270
[  777.022358]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  777.022433]  ? check_irq_usage+0x210/0xb40
[  777.022464]  ? __fget_files+0x34/0x3b0
[  777.022497]  ? find_held_lock+0x2b/0x80
[  777.022520]  ? __fget_files+0x203/0x3b0
[  777.022555]  ? __pfx_lo_ioctl+0x10/0x10
[  777.022593]  blkdev_ioctl+0x365/0x6d0
[  777.022634]  ? __pfx_blkdev_ioctl+0x10/0x10
[  777.022673]  ? selinux_file_ioctl+0xb9/0x280
[  777.022705]  ? __pfx_blkdev_ioctl+0x10/0x10
[  777.022746]  __x64_sys_ioctl+0x18f/0x210
[  777.022778]  do_syscall_64+0xbf/0x420
[  777.022805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.022831] RIP: 0033:0x7f6a11ca68d7
[  777.022850] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  777.022873] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
03:46:34 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 6)

03:46:34 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 7)

[  777.022898] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11ca68d7
[  777.022915] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[  777.022929] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[  777.022944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[  777.022959] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  777.022993]  </TASK>
[  777.049837] FAULT_INJECTION: forcing a failure.
[  777.049837] name failslab, interval 1, probability 0, space 0, times 0
[  777.050257] loop6: detected capacity change from 0 to 512
[  777.050466] CPU: 1 UID: 0 PID: 7513 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  777.050481] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  777.050491] Call Trace:
[  777.050495]  <TASK>
[  777.050500]  dump_stack_lvl+0xfa/0x120
[  777.050522]  should_fail_ex+0x4d7/0x5e0
[  777.050538]  ? security_inode_alloc+0x3e/0x130
[  777.050552]  should_failslab+0xc2/0x120
[  777.050569]  kmem_cache_alloc_noprof+0x80/0x710
[  777.050581]  ? __pfx_map_id_range_down+0x10/0x10
[  777.050599]  ? __create_object+0x59/0x80
[  777.050613]  ? security_inode_alloc+0x3e/0x130
[  777.050626]  security_inode_alloc+0x3e/0x130
[  777.050640]  inode_init_always_gfp+0xc9d/0xff0
[  777.050658]  alloc_inode+0x8d/0x250
[  777.050670]  new_inode+0x1e/0x160
[  777.050681]  __shmem_get_inode+0x17c/0xe80
[  777.050700]  __shmem_file_setup+0x108/0x370
[  777.050716]  __do_sys_memfd_create+0x2ce/0xaa0
[  777.050730]  ? ksys_write+0x1a3/0x240
[  777.050744]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  777.050757]  ? irqentry_exit+0xee/0x650
[  777.050773]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  777.050789]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  777.050809]  do_syscall_64+0xbf/0x420
[  777.050821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.050833] RIP: 0033:0x7f7208245b19
03:46:34 executing program 7:
clone3(&(0x7f0000005880)={0x100000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  777.050843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  777.050854] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  777.050865] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208245b19
[  777.050873] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f720829f0fb
[  777.050879] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[  777.050886] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[  777.050893] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  777.050908]  </TASK>
[  777.097797] loop5: detected capacity change from 0 to 512
[  777.126926] loop3: detected capacity change from 0 to 512
[  777.138117] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  777.138951] EXT4-fs (loop5): group descriptors corrupted!
[  777.140393] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:46:34 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x2103}}}, 0x414d02)

[  777.176981] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:46:34 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 8)

03:46:34 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xffffff7f00000000)

[  777.225611] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  777.268834] FAULT_INJECTION: forcing a failure.
[  777.268834] name failslab, interval 1, probability 0, space 0, times 0
[  777.270733] CPU: 0 UID: 0 PID: 7536 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  777.270768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  777.270781] Call Trace:
[  777.270788]  <TASK>
[  777.270797]  dump_stack_lvl+0xfa/0x120
[  777.270842]  should_fail_ex+0x4d7/0x5e0
[  777.270872]  ? __d_alloc+0x34/0xa10
[  777.270904]  should_failslab+0xc2/0x120
[  777.270937]  kmem_cache_alloc_lru_noprof+0x84/0x720
[  777.270961]  ? find_held_lock+0x2b/0x80
[  777.270992]  ? __d_alloc+0x34/0xa10
[  777.271028]  __d_alloc+0x34/0xa10
[  777.271058]  ? mpol_shared_policy_init+0x24f/0x390
[  777.271090]  d_alloc_pseudo+0x1d/0xc0
[  777.271114]  alloc_file_pseudo+0xbe/0x220
[  777.271152]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  777.271188]  ? __shmem_get_inode+0x684/0xe80
[  777.271223]  __shmem_file_setup+0x1a8/0x370
[  777.271257]  __do_sys_memfd_create+0x2ce/0xaa0
[  777.271284]  ? ksys_write+0x1a3/0x240
[  777.271312]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  777.271336]  ? irqentry_exit+0xee/0x650
[  777.271369]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  777.271401]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  777.271439]  do_syscall_64+0xbf/0x420
[  777.271464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.271487] RIP: 0033:0x7f7208245b19
[  777.271504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  777.271526] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  777.271548] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208245b19
[  777.271563] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f720829f0fb
[  777.271576] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[  777.271590] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[  777.271603] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  777.271633]  </TASK>
03:46:42 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 9)

03:46:42 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 29)

03:46:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:46:42 executing program 1:
clone3(&(0x7f0000005880)={0x10400000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:42 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x2400}}}, 0x414d02)

03:46:42 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xffffffff00000000)

03:46:42 executing program 7:
clone3(&(0x7f0000005880)={0x200000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:42 executing program 2:
clone3(&(0x7f0000005880)={0x100000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  785.041032] loop6: detected capacity change from 0 to 512
[  785.053648] loop3: detected capacity change from 0 to 512
[  785.058858] loop5: detected capacity change from 0 to 512
[  785.068423] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  785.069429] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  785.070276] EXT4-fs (loop5): group descriptors corrupted!
[  785.099835] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:46:42 executing program 1:
clone3(&(0x7f0000005880)={0x100000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:46:42 executing program 7:
clone3(&(0x7f0000005880)={0x300000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:42 executing program 2:
clone3(&(0x7f0000005880)={0x200000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:42 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 10)

[  785.141054] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:46:42 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x2f00}}}, 0x414d02)

[  785.185754] loop3: detected capacity change from 0 to 512
[  785.197615] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:46:42 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 30)

03:46:42 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0xffffffffffffffbf)

03:46:42 executing program 2:
clone3(&(0x7f0000005880)={0x300000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  785.245402] FAULT_INJECTION: forcing a failure.
[  785.245402] name failslab, interval 1, probability 0, space 0, times 0
[  785.247188] CPU: 1 UID: 0 PID: 7575 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  785.247217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  785.247229] Call Trace:
[  785.247237]  <TASK>
[  785.247245]  dump_stack_lvl+0xfa/0x120
[  785.247286]  should_fail_ex+0x4d7/0x5e0
[  785.247315]  ? alloc_empty_file+0x58/0x1e0
[  785.247347]  should_failslab+0xc2/0x120
[  785.247378]  kmem_cache_alloc_noprof+0x80/0x710
[  785.247401]  ? d_instantiate+0x92/0xb0
[  785.247438]  ? alloc_empty_file+0x58/0x1e0
[  785.247468]  ? _raw_spin_unlock+0x1e/0x40
[  785.247495]  alloc_empty_file+0x58/0x1e0
[  785.247529]  alloc_file_pseudo+0x12b/0x220
[  785.247564]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  785.247607]  __shmem_file_setup+0x1a8/0x370
[  785.247639]  __do_sys_memfd_create+0x2ce/0xaa0
[  785.247664]  ? ksys_write+0x1a3/0x240
[  785.247690]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  785.247713]  ? irqentry_exit+0xee/0x650
[  785.247744]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  785.247773]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  785.247810]  do_syscall_64+0xbf/0x420
[  785.247832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  785.247854] RIP: 0033:0x7f7208245b19
[  785.247871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  785.247891] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  785.247912] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208245b19
[  785.247926] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f720829f0fb
[  785.247954] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[  785.247966] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[  785.247978] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  785.248012]  </TASK>
[  785.289982] loop6: detected capacity change from 0 to 512
03:46:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

[  785.328592] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  785.340670] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  785.359679] loop3: detected capacity change from 0 to 512
[  785.381474] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:46:51 executing program 1:
clone3(&(0x7f0000005880)={0x200000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:51 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={<r1=>0x0}, &(0x7f0000000100)=0xc)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0x8}}, './file0\x00'})
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x1, 0x6, 0x1, 0x3f, 0x0, 0x0, 0x2042, 0x8, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x20, 0xffffffff}, 0x1008, 0x6ad, 0x6, 0x8, 0x6, 0x1f, 0x7, 0x0, 0x5, 0x0, 0x1}, r1, 0x2, r2, 0x2)
r3 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r3, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r3, r0, 0x2)
close_range(r3, 0xffffffffffffffff, 0x0)

03:46:51 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:46:51 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 31)

03:46:51 executing program 7:
clone3(&(0x7f0000005880)={0x400000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:51 executing program 2:
clone3(&(0x7f0000005880)={0x400000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:51 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 11)

03:46:51 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x6400}}}, 0x414d02)

03:46:51 executing program 1:
clone3(&(0x7f0000005880)={0x300000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:51 executing program 2:
clone3(&(0x7f0000005880)={0x500000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  794.004782] loop6: detected capacity change from 0 to 512
[  794.006567] loop3: detected capacity change from 0 to 512
[  794.016985] loop5: detected capacity change from 0 to 512
[  794.025330] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  794.031183] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  794.032678] EXT4-fs (loop5): group descriptors corrupted!
03:46:51 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x7000}}}, 0x414d02)

[  794.052816] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:46:51 executing program 7:
clone3(&(0x7f0000005880)={0x500000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  794.066334] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:46:51 executing program 1:
clone3(&(0x7f0000005880)={0x400000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:46:51 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:46:51 executing program 2:
clone3(&(0x7f0000005880)={0x600000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  794.152025] loop3: detected capacity change from 0 to 512
[  794.157894] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:47:00 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 12)

03:47:00 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x8004}}}, 0x414d02)

03:47:00 executing program 7:
clone3(&(0x7f0000005880)={0x600000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:00 executing program 1:
clone3(&(0x7f0000005880)={0x500000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:00 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r1=>0x0, <r2=>0x0})
utimes(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)={{r1, r2/1000+60000}, {0x0, 0x2710}})

03:47:00 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 32)

03:47:00 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:47:00 executing program 2:
clone3(&(0x7f0000005880)={0x700000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  803.242216] FAULT_INJECTION: forcing a failure.
[  803.242216] name failslab, interval 1, probability 0, space 0, times 0
[  803.243150] CPU: 1 UID: 0 PID: 7634 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  803.243165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  803.243172] Call Trace:
[  803.243176]  <TASK>
[  803.243181]  dump_stack_lvl+0xfa/0x120
[  803.243206]  should_fail_ex+0x4d7/0x5e0
[  803.243223]  ? security_file_alloc+0x35/0x130
[  803.243240]  should_failslab+0xc2/0x120
[  803.243257]  kmem_cache_alloc_noprof+0x80/0x710
[  803.243270]  ? __create_object+0x59/0x80
[  803.243285]  ? security_file_alloc+0x35/0x130
[  803.243300]  security_file_alloc+0x35/0x130
[  803.243316]  init_file+0x95/0x4c0
[  803.243335]  alloc_empty_file+0x76/0x1e0
[  803.243353]  alloc_file_pseudo+0x12b/0x220
[  803.243373]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  803.243395]  __shmem_file_setup+0x1a8/0x370
[  803.243413]  __do_sys_memfd_create+0x2ce/0xaa0
[  803.243427]  ? ksys_write+0x1a3/0x240
[  803.243441]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  803.243453]  ? irqentry_exit+0xee/0x650
[  803.243471]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  803.243488]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  803.243509]  do_syscall_64+0xbf/0x420
[  803.243522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.243534] RIP: 0033:0x7f7208245b19
[  803.243544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  803.243555] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  803.243566] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208245b19
[  803.243574] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f720829f0fb
[  803.243581] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[  803.243588] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[  803.243595] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  803.243610]  </TASK>
[  803.266553] loop6: detected capacity change from 0 to 512
[  803.272890] Process accounting resumed
03:47:00 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 13)

[  803.297102] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  803.306927] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  803.308532] loop3: detected capacity change from 0 to 512
[  803.327279] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  803.340889] loop5: detected capacity change from 0 to 512
[  803.354150] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  803.354951] EXT4-fs (loop5): group descriptors corrupted!
03:47:00 executing program 1:
clone3(&(0x7f0000005880)={0x600000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:00 executing program 7:
clone3(&(0x7f0000005880)={0x700000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:00 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 33)

[  803.420879] loop6: detected capacity change from 0 to 512
[  803.433887] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  803.458263] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:47:09 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 34)

03:47:09 executing program 2:
clone3(&(0x7f0000005880)={0x900000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:09 executing program 7:
clone3(&(0x7f0000005880)={0x900000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:09 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
r1 = getpgrp(0xffffffffffffffff)
r2 = memfd_secret(0x80000)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x82, 0x3, 0xff, 0x0, 0x0, 0x6, 0x440, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_config_ext={0x9}, 0x4804, 0x0, 0x13a1, 0x2, 0x0, 0x6, 0x0, 0x0, 0x7, 0x0, 0xfffffffffffffffe}, r1, 0xd, r2, 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xc, 0x4000013, r0, 0x6)

03:47:09 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 14)

03:47:09 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1", 0x2d, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:47:09 executing program 1:
clone3(&(0x7f0000005880)={0x700000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:09 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x9f0a}}}, 0x414d02)

[  812.462665] FAULT_INJECTION: forcing a failure.
[  812.462665] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  812.464424] CPU: 1 UID: 0 PID: 7672 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  812.464452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  812.464464] Call Trace:
[  812.464472]  <TASK>
[  812.464480]  dump_stack_lvl+0xfa/0x120
[  812.464521]  should_fail_ex+0x4d7/0x5e0
[  812.464551]  should_fail_alloc_page+0xe0/0x110
[  812.464583]  prepare_alloc_pages+0x1eb/0x550
[  812.464619]  __alloc_frozen_pages_noprof+0x17f/0x2000
[  812.464654]  ? __is_insn_slot_addr+0x2e/0x290
[  812.464682]  ? __is_insn_slot_addr+0x136/0x290
[  812.464707]  ? lock_release+0xc8/0x270
[  812.464737]  ? 0xffffffffa0000000
[  812.464755]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  812.464793]  ? __lock_acquire+0x453/0x2150
[  812.464826]  ? lock_is_held_type+0x9e/0x120
[  812.464862]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  812.464898]  ? policy_nodemask+0xeb/0x4e0
[  812.464923]  alloc_pages_mpol+0xed/0x340
[  812.464944]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  812.464963]  ? filemap_get_entry+0x1bb/0x3b0
[  812.465003]  ? __pfx_filemap_get_entry+0x10/0x10
[  812.465046]  folio_alloc_mpol_noprof+0x38/0xa0
[  812.465074]  shmem_alloc_folio+0x11b/0x140
[  812.465103]  shmem_get_folio_gfp.constprop.0+0x4ea/0x13a0
[  812.465145]  ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10
[  812.465182]  ? _raw_read_unlock+0x1e/0x40
[  812.465211]  ? simple_xattr_get+0x173/0x1d0
[  812.465250]  shmem_write_begin+0x194/0x3b0
[  812.465283]  ? __pfx_shmem_write_begin+0x10/0x10
[  812.465312]  ? mark_held_locks+0x49/0x80
[  812.465338]  ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190
[  812.465360]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  812.465387]  ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0
[  812.465425]  generic_perform_write+0x391/0x810
[  812.465463]  ? __pfx_generic_perform_write+0x10/0x10
[  812.465495]  ? file_update_time_flags+0x24c/0x4f0
[  812.465533]  shmem_file_write_iter+0x111/0x140
[  812.465561]  vfs_write+0xbe9/0x1150
[  812.465589]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  812.465614]  ? __fget_files+0x34/0x3b0
[  812.465641]  ? __pfx_vfs_write+0x10/0x10
[  812.465689]  __x64_sys_pwrite64+0x1f1/0x260
[  812.465718]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[  812.465756]  do_syscall_64+0xbf/0x420
[  812.465779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.465801] RIP: 0033:0x7f72081f8ab7
[  812.465816] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[  812.465837] RSP: 002b:00007f72057baf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  812.465857] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72081f8ab7
[  812.465871] RDX: 000000000000003a RSI: 0000000020010000 RDI: 0000000000000004
[  812.465884] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff
[  812.465896] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004
[  812.465908] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000
[  812.465937]  </TASK>
[  812.524310] loop3: detected capacity change from 0 to 512
[  812.548242] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:47:09 executing program 2:
clone3(&(0x7f0000005880)={0xd00000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:09 executing program 1:
clone3(&(0x7f0000005880)={0x900000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:09 executing program 7:
clone3(&(0x7f0000005880)={0xd00000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  812.618155] loop5: detected capacity change from 0 to 512
[  812.641124] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  812.643543] FAULT_INJECTION: forcing a failure.
[  812.643543] name failslab, interval 1, probability 0, space 0, times 0
[  812.645819] CPU: 0 UID: 0 PID: 7688 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
03:47:09 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1", 0x2d, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

[  812.645851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  812.645865] Call Trace:
[  812.645873]  <TASK>
[  812.645882]  dump_stack_lvl+0xfa/0x120
[  812.645929]  should_fail_ex+0x4d7/0x5e0
[  812.645963]  ? __kernfs_new_node+0xd3/0x930
[  812.645988]  should_failslab+0xc2/0x120
[  812.646031]  kmem_cache_alloc_noprof+0x80/0x710
[  812.646069]  ? __kernfs_new_node+0xd3/0x930
[  812.646093]  __kernfs_new_node+0xd3/0x930
[  812.646125]  ? __pfx___kernfs_new_node+0x10/0x10
[  812.646157]  ? lock_acquire+0x15e/0x2d0
[  812.646189]  ? kernfs_root+0x23/0x2a0
[  812.646214]  ? find_held_lock+0x2b/0x80
[  812.646238]  ? kernfs_root+0xee/0x2a0
[  812.646263]  ? lock_release+0xc8/0x270
[  812.646291]  ? lock_is_held_type+0x9e/0x120
[  812.646337]  kernfs_new_node+0x13c/0x1e0
[  812.646374]  __kernfs_create_file+0x55/0x360
[  812.646416]  sysfs_add_file_mode_ns+0x21c/0x430
[  812.646444]  ? __pfx_dev_attr_store+0x10/0x10
[  812.646489]  internal_create_group+0x662/0xeb0
[  812.646528]  ? __pfx_internal_create_group+0x10/0x10
[  812.646555]  ? blk_validate_limits+0xc27/0x15c0
[  812.646599]  ? lock_is_held_type+0x9e/0x120
[  812.646641]  loop_configure+0xc46/0x15a0
[  812.646712]  ? __pfx_loop_configure+0x10/0x10
[  812.646772]  ? avc_has_extended_perms+0x107/0xf20
[  812.646810]  ? find_held_lock+0x2b/0x80
[  812.646833]  ? avc_has_extended_perms+0x23b/0xf20
[  812.646869]  ? lock_release+0xc8/0x270
[  812.646905]  lo_ioctl+0x66d/0x1ca0
[  812.646950]  ? __pfx_lo_ioctl+0x10/0x10
[  812.646986]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  812.647033]  ? lock_acquire+0x15e/0x2d0
[  812.647063]  ? __virt_addr_valid+0x1c6/0x5d0
[  812.647093]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  812.647130]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  812.647164]  ? lock_release+0xc8/0x270
[  812.647201]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  812.647282]  ? check_irq_usage+0x210/0xb40
[  812.647311]  ? __fget_files+0x34/0x3b0
[  812.647343]  ? find_held_lock+0x2b/0x80
[  812.647366]  ? __fget_files+0x203/0x3b0
[  812.647400]  ? __pfx_lo_ioctl+0x10/0x10
[  812.647437]  blkdev_ioctl+0x365/0x6d0
[  812.647476]  ? __pfx_blkdev_ioctl+0x10/0x10
[  812.647515]  ? selinux_file_ioctl+0xb9/0x280
[  812.647547]  ? __pfx_blkdev_ioctl+0x10/0x10
[  812.647587]  __x64_sys_ioctl+0x18f/0x210
[  812.647618]  do_syscall_64+0xbf/0x420
[  812.647653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.647678] RIP: 0033:0x7f6a11ca68d7
[  812.647697] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  812.647720] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  812.647743] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11ca68d7
[  812.647760] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[  812.647774] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[  812.647788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[  812.647803] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  812.647841]  </TASK>
[  812.720666] loop6: detected capacity change from 0 to 512
03:47:09 executing program 2:
clone3(&(0x7f0000005880)={0x1000000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:09 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xf000}}}, 0x414d02)

03:47:09 executing program 1:
clone3(&(0x7f0000005880)={0xd00000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:09 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="10000000020000000b0000005e849f37407dd418d58aca000000000000000000c711817b0d0eb75260e88297eb2663f004749841077f2c7cc0113ca22a4d4bef5451f04cc7cffbb27e8326cb139551e9bd14684009f402a81a"], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[  812.839194] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  812.842463] loop3: detected capacity change from 0 to 512
[  812.844152] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  812.861537] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:47:10 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 35)

03:47:10 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 15)

03:47:10 executing program 7:
clone3(&(0x7f0000005880)={0x1000000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:10 executing program 2:
clone3(&(0x7f0000005880)={0x1100000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:10 executing program 1:
clone3(&(0x7f0000005880)={0x1000000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:10 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x40000}}}, 0x414d02)

[  812.983769] FAULT_INJECTION: forcing a failure.
[  812.983769] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  812.985465] CPU: 1 UID: 0 PID: 7711 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  812.985492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  812.985503] Call Trace:
[  812.985510]  <TASK>
[  812.985518]  dump_stack_lvl+0xfa/0x120
[  812.985559]  should_fail_ex+0x4d7/0x5e0
[  812.985582]  ? page_copy_sane+0xce/0x2b0
[  812.985607]  copy_folio_from_iter_atomic+0x383/0x1820
[  812.985641]  ? __pfx_perf_trace_lock+0x10/0x10
[  812.985670]  ? simple_xattr_get+0x173/0x1d0
[  812.985706]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  812.985732]  ? shmem_write_begin+0x1ab/0x3b0
[  812.985763]  ? __pfx_shmem_write_begin+0x10/0x10
[  812.985791]  ? mark_held_locks+0x49/0x80
[  812.985817]  ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190
[  812.985838]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  812.985863]  ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0
[  812.985901]  generic_perform_write+0x1d7/0x810
[  812.985939]  ? __pfx_generic_perform_write+0x10/0x10
[  812.985970]  ? file_update_time_flags+0x24c/0x4f0
[  812.986015]  shmem_file_write_iter+0x111/0x140
[  812.986042]  vfs_write+0xbe9/0x1150
[  812.986069]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  812.986094]  ? __fget_files+0x34/0x3b0
[  812.986120]  ? __pfx_vfs_write+0x10/0x10
[  812.986168]  __x64_sys_pwrite64+0x1f1/0x260
[  812.986196]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[  812.986234]  do_syscall_64+0xbf/0x420
[  812.986257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.986278] RIP: 0033:0x7f72081f8ab7
[  812.986294] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[  812.986313] RSP: 002b:00007f72057baf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  812.986332] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72081f8ab7
[  812.986346] RDX: 000000000000003a RSI: 0000000020010000 RDI: 0000000000000004
[  812.986357] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff
[  812.986369] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004
[  812.986380] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000
[  812.986410]  </TASK>
[  813.043420] loop6: detected capacity change from 0 to 512
[  813.046699] loop5: detected capacity change from 0 to 512
[  813.088637] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  813.090266] EXT4-fs (loop5): group descriptors corrupted!
[  813.109147] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  813.125147] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:47:19 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 36)

03:47:19 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="41000000010000000200000001000000"], 0x414d02)
io_setup(0x7fff, &(0x7f0000000040)=<r2=>0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000000bc0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32=<r3=>r0, @ANYBLOB="00000000422f66694c65190016d78a5c4e352015998d2becabc143e9bd5cfe67747cd70b47a3eb04bb57bdca83d952e548ea3b9c847c01fd68f5b02fff71e9e7b76d326afffbd34488e3bc89fd3be7b43f1e7abe0316ba4a48b994ba0555f9b18721d148c7a76f5ae21031e90bcf76f85cddd6ab9d4a6911e3ed672e25a0be3b945b3ed881a19b39f59026f5c9"])
r4 = openat(r1, &(0x7f0000000240)='./file0\x00', 0x202501, 0x8)
r5 = syz_open_pts(r1, 0x480002)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000007c0)={{0x1, 0x1, 0x18, <r6=>r1, {0x0, 0xffffffffffffffff}}, './file0\x00'})
r7 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000840), 0x44002, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000c80)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r8=>0xffffffffffffffff, @ANYBLOB="09000000050000002e39c1696c653000f8d131f1748b8cc8b2be5bd3310c581b0e10fc50997ccf5924597d24ed8d6a78279fe99944be84deea770950e1c6fec263d8af4929fe1cdf91df9437f8af3ea1a602e98ec3bd8e959909fc4215615755e1855def778c629090f43212260f6b8cdd43352acef516045d369373e2a57540a0d5fd577e31f818e0cddb994a057e40cf5ff3b348b0dbd4da5471ee00a803190146d3e2e33e779de4a502cce4b1333d7ae2f6e1385bf21f055b814eb83de39249c505e2b42003be257eb18719bf017a42"])
accept$unix(r8, &(0x7f0000000b00)=@abs, &(0x7f0000000b80)=0x6e)
io_submit(r2, 0xa, &(0x7f0000000a40)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x1, r1, &(0x7f0000000080)="12c50b9c7c126a5617e2ef357e2efd6d433410412b759dc283a5e7eacd436c089a7e5dd9f6ddd64a197400691d68aa04e7e31e41f36c6137b21b5f9bf5b221741baea74ea124beba7b6eb0e71fc8e8aed4a40a55fa8fac2dbf37f31817b02478a7b783171cf98ddbd398e62e84061355", 0x70, 0x1, 0x0, 0x1}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xb, 0x3, r3, &(0x7f0000000180)="a7fb868bfdefa31f367becb7b07c82bd4aa323bc6f4c4d532bdbf52dad7d3a8b5e941eabf907cd64c152231cedb440b2a075c4cdb11a69a5a85361b72277381bdbb6423e760a8a10a725d73870e567f95da98b3b564ba7d1bbff514da78c0597a581ce12dacfe8e15131480ebc25080ef60a21fc5905da0ed34215c94456692b86914f7f21620be801a6c3c1db347cee927a7b9c30966e442e23d490721862ffa4203a5a54dc24284cc711913331cbc273f1", 0xb2, 0x8, 0x0, 0x0, r4}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0xd004, r0, &(0x7f00000002c0)="59609834fd4d3dc9ddb24784ddacbb61c3ff6eca823e7b72caea49113da06d91eafe549825648aeb560432968a08f23757458e8aa08117177b996fd2dd2a886bcd0b03a3d315d6b2", 0x48, 0x6, 0x0, 0x1}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7, 0x7, r0, &(0x7f0000000440)="88157708b54b0a418e43e8fda1a3c37f2a2469712e009e370af243c958baab83a96f9bdf5e1bb1714f9d0572d4f934c5b19d985505f6d80338e6fc9826d86de8f730c0fd8c5497442ec994e82688da6fd2ca66a22fc4c8da7ce74a13bbf8f120ef5a72e6d398522a5c7c605462e7d0b0671a569e61e6885aaac3f8ca8f0b9b16ea0969038226b166308b8be99e64e57338474988c5e6edb0355ff775561f04ae95fc000936984d633dac99123b7177485876f5f44cf4cf4012b97f5347f18374ddd76bbf27df4253cc58af6d405e067f13bf5c9e3550d495c8a5", 0xda, 0xffffffff}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x5135, r1, &(0x7f0000000580)="9911c31fac8c1675a940a7dd912b50b6ccb812f47d74b54ad562cb34914037ee0c7e735b36c26e7832f2cd328123ba24be32f66ace7e7935c3d84188b17c6893c6d6204d8a3c733cbb28a8fc2acd10731d4ef5f5d064a83f42d892b88ba6e5ebbbce2c8ea857ec4aa1b347f3600dd796a1f05909c519ee79f43480b915ad1b6eb2e68cdaf43650d1ca263fa008a94a35de3fe75d098637468178ae31a6fb42d849ee8b8ebf9f3fc7146b72d58df77f", 0xaf, 0x7, 0x0, 0x3}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x7, 0x7fff, 0xffffffffffffffff, &(0x7f0000000680)="684721d1f53188f6fe3b4f7d22ae962d9b97775d0075d8adeddef3eac1c779", 0x1f, 0x4, 0x0, 0x1, r1}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x8, 0x2, r5, &(0x7f0000000700)="f1245da31048159a19d4c0b9cf6628cb40e143d5b9e9c163f08f4a6d67a25301e5ad29ff016e71518e0b76049158fa05a6a43f8726d703f710c4623ee795301d47c8c72747eeabecbdb74b8eddc2cc3428d4b870cf51278211b412e148919817c9da6b4913b549c35d", 0x69, 0x9, 0x0, 0x1}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x1, 0x6, r6, &(0x7f0000000800)="710a2eb69b379e6773672f7ae6b3db67004a502d92ef8216b484a23f897de759d4a55b18dce81024720c1833d72d6c", 0x2f, 0xfffffffffffffffc, 0x0, 0x3, r7}, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x6, 0x5, r1, &(0x7f00000008c0)="4f18529f876857f97ababe41c7460254", 0x10, 0xfffffffffffffffb, 0x0, 0x5, r1}, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x5, 0x1ff, r1, &(0x7f0000000940)="ee78a0516c40d012e6e7e9ffdabca5bca3f5c220827f1f1efabb41a64714a792c09fb4038145636c4cbdd5fbd1d617912e7e8636555c4418d319c38e947245c283f5a316121c5603897f007f286c37237332c04199368fa8aed6e4da99c0bc6b567a12be75aafc4475fe15578883accdc9e1f57fd1e7a89c9e84666a2e197db4372b9fcc9bb8e5925a5a514bff90e0b3a4519d0a0e336570716127104513f57b823bc28c684b31d057556303c32ee8e07bae", 0xb2, 0x277, 0x0, 0x0, r1}])
close_range(r1, 0xffffffffffffffff, 0x0)

03:47:19 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1", 0x2d, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:47:19 executing program 2:
clone3(&(0x7f0000005880)={0x2000000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:19 executing program 7:
clone3(&(0x7f0000005880)={0x1002000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:19 executing program 1:
clone3(&(0x7f0000005880)={0x1100000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:19 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x80000}}}, 0x414d02)

03:47:19 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 16)

[  822.694751] FAULT_INJECTION: forcing a failure.
[  822.694751] name failslab, interval 1, probability 0, space 0, times 0
[  822.695845] CPU: 0 UID: 0 PID: 7730 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  822.695864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  822.695872] Call Trace:
[  822.695877]  <TASK>
[  822.695882]  dump_stack_lvl+0xfa/0x120
[  822.695911]  should_fail_ex+0x4d7/0x5e0
[  822.695930]  ? __kernfs_new_node+0xd3/0x930
[  822.695945]  should_failslab+0xc2/0x120
[  822.695966]  kmem_cache_alloc_noprof+0x80/0x710
[  822.695987]  ? __kernfs_new_node+0xd3/0x930
[  822.696005]  __kernfs_new_node+0xd3/0x930
[  822.696022]  ? __pfx___kernfs_new_node+0x10/0x10
[  822.696039]  ? lock_acquire+0x15e/0x2d0
[  822.696058]  ? kernfs_root+0x23/0x2a0
[  822.696072]  ? find_held_lock+0x2b/0x80
[  822.696085]  ? kernfs_root+0xee/0x2a0
[  822.696099]  ? lock_release+0xc8/0x270
[  822.696115]  ? lock_is_held_type+0x9e/0x120
[  822.696140]  kernfs_new_node+0x13c/0x1e0
[  822.696159]  __kernfs_create_file+0x55/0x360
[  822.696191]  sysfs_add_file_mode_ns+0x21c/0x430
[  822.696206]  ? __pfx_dev_attr_store+0x10/0x10
[  822.696231]  internal_create_group+0x662/0xeb0
[  822.696252]  ? __pfx_internal_create_group+0x10/0x10
[  822.696267]  ? blk_validate_limits+0xc27/0x15c0
[  822.696291]  ? lock_is_held_type+0x9e/0x120
[  822.696313]  loop_configure+0xc46/0x15a0
[  822.696350]  ? __pfx_loop_configure+0x10/0x10
[  822.696381]  ? avc_has_extended_perms+0x107/0xf20
[  822.696402]  ? find_held_lock+0x2b/0x80
[  822.696414]  ? avc_has_extended_perms+0x23b/0xf20
[  822.696434]  ? lock_release+0xc8/0x270
[  822.696453]  lo_ioctl+0x66d/0x1ca0
[  822.696477]  ? __pfx_lo_ioctl+0x10/0x10
[  822.696497]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  822.696521]  ? lock_acquire+0x15e/0x2d0
[  822.696538]  ? __virt_addr_valid+0x1c6/0x5d0
[  822.696555]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  822.696576]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  822.696595]  ? lock_release+0xc8/0x270
[  822.696614]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  822.696655]  ? check_irq_usage+0x210/0xb40
[  822.696671]  ? __fget_files+0x34/0x3b0
[  822.696689]  ? find_held_lock+0x2b/0x80
[  822.696702]  ? __fget_files+0x203/0x3b0
[  822.696721]  ? __pfx_lo_ioctl+0x10/0x10
[  822.696741]  blkdev_ioctl+0x365/0x6d0
[  822.696763]  ? __pfx_blkdev_ioctl+0x10/0x10
[  822.696784]  ? selinux_file_ioctl+0xb9/0x280
[  822.696801]  ? __pfx_blkdev_ioctl+0x10/0x10
[  822.696823]  __x64_sys_ioctl+0x18f/0x210
[  822.696840]  do_syscall_64+0xbf/0x420
[  822.696855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  822.696870] RIP: 0033:0x7f6a11ca68d7
[  822.696881] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  822.696894] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  822.696907] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11ca68d7
[  822.696917] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[  822.696925] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[  822.696933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[  822.696941] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  822.696959]  </TASK>
03:47:19 executing program 1:
clone3(&(0x7f0000005880)={0x2000000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  822.755523] FAULT_INJECTION: forcing a failure.
[  822.755523] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  822.757842] CPU: 1 UID: 0 PID: 7741 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  822.757875] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  822.757889] Call Trace:
[  822.757897]  <TASK>
[  822.757906]  dump_stack_lvl+0xfa/0x120
[  822.757954]  should_fail_ex+0x4d7/0x5e0
[  822.757985] loop3: detected capacity change from 0 to 512
[  822.757981]  ? page_copy_sane+0xce/0x2b0
[  822.758019]  copy_folio_from_iter_atomic+0x383/0x1820
[  822.758061]  ? avc_has_perm+0x12b/0x1d0
[  822.758101]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  822.758132]  ? shmem_write_begin+0x1ab/0x3b0
[  822.758169]  ? __pfx_shmem_write_begin+0x10/0x10
[  822.758203]  ? mark_held_locks+0x49/0x80
[  822.758243]  ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190
[  822.758270]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  822.758303]  ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0
[  822.758353]  generic_perform_write+0x1d7/0x810
[  822.758403]  ? __pfx_generic_perform_write+0x10/0x10
[  822.758446]  ? file_update_time_flags+0x24c/0x4f0
[  822.758495]  shmem_file_write_iter+0x111/0x140
[  822.758530]  vfs_write+0xbe9/0x1150
[  822.758562]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  822.758599]  ? __fget_files+0x34/0x3b0
[  822.758630]  ? __pfx_vfs_write+0x10/0x10
[  822.758691]  __x64_sys_pwrite64+0x1f1/0x260
[  822.758725]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[  822.758775]  do_syscall_64+0xbf/0x420
[  822.758802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  822.758834] RIP: 0033:0x7f72081f8ab7
[  822.758854] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[  822.758876] RSP: 002b:00007f72057baf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  822.758900] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72081f8ab7
[  822.758924] RDX: 0000000000000005 RSI: 0000000020010400 RDI: 0000000000000004
[  822.758941] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff
[  822.758955] R10: 0000000000000800 R11: 0000000000000293 R12: 0000000000000004
[  822.758969] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001
[  822.759007]  </TASK>
[  822.769744] loop5: detected capacity change from 0 to 512
[  822.781623] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:47:19 executing program 7:
clone3(&(0x7f0000005880)={0x1100000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  822.798698] loop6: detected capacity change from 0 to 512
03:47:19 executing program 7:
clone3(&(0x7f0000005880)={0x2000000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  822.825079] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  822.842066] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:47:19 executing program 2:
clone3(&(0x7f0000005880)={0x3f00000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  822.864879] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  822.865872] EXT4-fs (loop5): group descriptors corrupted!
03:47:20 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f", 0x44, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:47:20 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 37)

03:47:20 executing program 7:
clone3(&(0x7f0000005880)={0x3f00000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:20 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x80ffff}}}, 0x414d02)

[  822.943892] loop6: detected capacity change from 0 to 512
03:47:20 executing program 1:
clone3(&(0x7f0000005880)={0x3f00000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:20 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 17)

[  822.988478] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:47:20 executing program 7:
clone3(&(0x7f0000005880)={0x4000000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  822.997370] loop3: detected capacity change from 0 to 512
[  823.002641] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  823.004130] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  823.005639] EXT4-fs (loop3): group descriptors corrupted!
[  823.089653] FAULT_INJECTION: forcing a failure.
[  823.089653] name failslab, interval 1, probability 0, space 0, times 0
[  823.090731] CPU: 0 UID: 0 PID: 7772 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  823.090748] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  823.090756] Call Trace:
[  823.090760]  <TASK>
[  823.090764]  dump_stack_lvl+0xfa/0x120
[  823.090793]  should_fail_ex+0x4d7/0x5e0
[  823.090809]  ? getname_flags.part.0+0x48/0x540
[  823.090822]  should_failslab+0xc2/0x120
[  823.090840]  kmem_cache_alloc_noprof+0x80/0x710
[  823.090857]  ? getname_flags.part.0+0x48/0x540
[  823.090867]  getname_flags.part.0+0x48/0x540
[  823.090880]  getname_flags+0x95/0xe0
[  823.090894]  do_sys_openat2+0x9f/0x240
[  823.090906]  ? __pfx_do_sys_openat2+0x10/0x10
[  823.090923]  __x64_sys_openat+0x142/0x200
[  823.090935]  ? __pfx___x64_sys_openat+0x10/0x10
[  823.090952]  do_syscall_64+0xbf/0x420
[  823.090966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  823.090979] RIP: 0033:0x7f72081f8a04
[  823.090988] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  823.091003] RSP: 002b:00007f72057baed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  823.091015] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72081f8a04
[  823.091023] RDX: 0000000000000002 RSI: 00007f72057bb000 RDI: 00000000ffffff9c
[  823.091030] RBP: 00007f72057bb000 R08: 0000000000000000 R09: ffffffffffffffff
[  823.091038] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  823.091045] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  823.091060]  </TASK>
03:47:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 18)

03:47:29 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000040)=@orangefs_parent={0x28, 0x2, {{"f2fbd183a26bb06b032a8852303aaa57", 0xdd0}, {"25495de68cfd6b77ac2d3f3ca7da4ed5", 0x3}}}, 0x80)
creat(&(0x7f0000000000)='./file0\x00', 0x43)
close_range(r0, 0xffffffffffffffff, 0x0)

03:47:29 executing program 7:
clone3(&(0x7f0000005880)={0x4008000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:29 executing program 1:
clone3(&(0x7f0000005880)={0x4000000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:29 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xf0ffff}}}, 0x414d02)

03:47:29 executing program 2:
clone3(&(0x7f0000005880)={0x4000000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:29 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 38)

03:47:29 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4", 0x2e, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

[  832.754359] loop3: detected capacity change from 0 to 512
[  832.760241] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  832.773882] loop5: detected capacity change from 0 to 512
03:47:29 executing program 7:
clone3(&(0x7f0000005880)={0x7bffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  832.780259] FAULT_INJECTION: forcing a failure.
[  832.780259] name failslab, interval 1, probability 0, space 0, times 0
[  832.782318] CPU: 0 UID: 0 PID: 7791 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  832.782351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  832.782366] Call Trace:
[  832.782375]  <TASK>
[  832.782385]  dump_stack_lvl+0xfa/0x120
[  832.782434]  should_fail_ex+0x4d7/0x5e0
[  832.782470]  ? __kernfs_new_node+0xd3/0x930
[  832.782495]  should_failslab+0xc2/0x120
[  832.782533]  kmem_cache_alloc_noprof+0x80/0x710
[  832.782572]  ? __kernfs_new_node+0xd3/0x930
[  832.782597]  __kernfs_new_node+0xd3/0x930
[  832.782630]  ? __pfx___kernfs_new_node+0x10/0x10
[  832.782664]  ? lock_acquire+0x15e/0x2d0
[  832.782697]  ? kernfs_root+0x23/0x2a0
[  832.782723]  ? find_held_lock+0x2b/0x80
[  832.782748]  ? kernfs_root+0xee/0x2a0
[  832.782774]  ? lock_release+0xc8/0x270
[  832.782803]  ? lock_is_held_type+0x9e/0x120
[  832.782851]  kernfs_new_node+0x13c/0x1e0
[  832.782890]  __kernfs_create_file+0x55/0x360
[  832.782933]  sysfs_add_file_mode_ns+0x21c/0x430
[  832.782962]  ? __pfx_dev_attr_store+0x10/0x10
[  832.783017]  internal_create_group+0x662/0xeb0
[  832.783058]  ? __pfx_internal_create_group+0x10/0x10
03:47:29 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4", 0x2e, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

[  832.783086]  ? blk_validate_limits+0xc27/0x15c0
[  832.783131]  ? lock_is_held_type+0x9e/0x120
[  832.783175]  loop_configure+0xc46/0x15a0
[  832.783249]  ? __pfx_loop_configure+0x10/0x10
[  832.783311]  ? avc_has_extended_perms+0x107/0xf20
[  832.783351]  ? find_held_lock+0x2b/0x80
[  832.783375]  ? avc_has_extended_perms+0x23b/0xf20
[  832.783413]  ? lock_release+0xc8/0x270
[  832.783450]  lo_ioctl+0x66d/0x1ca0
[  832.783497]  ? __pfx_lo_ioctl+0x10/0x10
[  832.783534]  ? __pfx_avc_has_extended_perms+0x10/0x10
03:47:29 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x1000000}}}, 0x414d02)

[  832.783582]  ? lock_acquire+0x15e/0x2d0
[  832.783614]  ? __virt_addr_valid+0x1c6/0x5d0
[  832.783645]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  832.783684]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  832.783719]  ? lock_release+0xc8/0x270
[  832.783757]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  832.783841]  ? check_irq_usage+0x210/0xb40
[  832.783871]  ? __fget_files+0x34/0x3b0
[  832.783905]  ? find_held_lock+0x2b/0x80
[  832.783929]  ? __fget_files+0x203/0x3b0
[  832.783965]  ? __pfx_lo_ioctl+0x10/0x10
[  832.784003]  blkdev_ioctl+0x365/0x6d0
[  832.784044]  ? __pfx_blkdev_ioctl+0x10/0x10
[  832.784084]  ? selinux_file_ioctl+0xb9/0x280
[  832.784117]  ? __pfx_blkdev_ioctl+0x10/0x10
[  832.784159]  __x64_sys_ioctl+0x18f/0x210
[  832.784192]  do_syscall_64+0xbf/0x420
[  832.784220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  832.784261] RIP: 0033:0x7f6a11ca68d7
[  832.784281] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  832.784306] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  832.784331] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11ca68d7
[  832.784349] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[  832.784364] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[  832.784380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[  832.784395] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  832.784433]  </TASK>
[  832.845824] loop3: detected capacity change from 0 to 512
[  832.856218] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  832.857491] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  832.859274] EXT4-fs (loop5): group descriptors corrupted!
[  832.870709] loop6: detected capacity change from 0 to 512
03:47:29 executing program 7:
clone3(&(0x7f0000005880)={0xf0ffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  832.896579] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  832.909687] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:47:39 executing program 7:
clone3(&(0x7f0000005880)={0xf400000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:39 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x2000000}}}, 0x414d02)

03:47:39 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 39)

03:47:39 executing program 2:
clone3(&(0x7f0000005880)={0x7402000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:39 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 19)

03:47:39 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4", 0x2e, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:47:39 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x8020, 0x6, 0x0, 0x0, 0x3}, 0x0, 0xf, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000080)={0x0, 0x4, 0xfffffffffffffffb, 0x167e})
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x400cc0, 0xe0)

03:47:39 executing program 1:
clone3(&(0x7f0000005880)={0x5002000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  842.293319] loop6: detected capacity change from 0 to 512
[  842.305422] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  842.311508] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:47:39 executing program 7:
clone3(&(0x7f0000005880)={0xf5ffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  842.360269] FAULT_INJECTION: forcing a failure.
[  842.360269] name fail_usercopy, interval 1, probability 0, space 0, times 0
03:47:39 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 40)

03:47:39 executing program 7:
clone3(&(0x7f0000005880)={0xfbffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  842.361354] CPU: 0 UID: 0 PID: 7828 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  842.361375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  842.361383] Call Trace:
[  842.361388]  <TASK>
[  842.361392]  dump_stack_lvl+0xfa/0x120
[  842.361422]  should_fail_ex+0x4d7/0x5e0
[  842.361441]  strncpy_from_user+0x3b/0x2f0
[  842.361461]  getname_flags.part.0+0x8d/0x540
[  842.361477]  getname_flags+0x95/0xe0
[  842.361492]  do_sys_openat2+0x9f/0x240
[  842.361505]  ? __pfx_do_sys_openat2+0x10/0x10
[  842.361524]  __x64_sys_openat+0x142/0x200
[  842.361535]  ? __pfx___x64_sys_openat+0x10/0x10
[  842.361555]  do_syscall_64+0xbf/0x420
[  842.361570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.361583] RIP: 0033:0x7f72081f8a04
[  842.361593] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  842.361606] RSP: 002b:00007f72057baed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  842.361618] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72081f8a04
[  842.361626] RDX: 0000000000000002 RSI: 00007f72057bb000 RDI: 00000000ffffff9c
[  842.361633] RBP: 00007f72057bb000 R08: 0000000000000000 R09: ffffffffffffffff
[  842.361641] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  842.361648] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  842.361665]  </TASK>
[  842.364452] loop3: detected capacity change from 0 to 512
03:47:39 executing program 1:
clone3(&(0x7f0000005880)={0x7bffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  842.402668] Process accounting paused
[  842.411930] FAULT_INJECTION: forcing a failure.
[  842.411930] name failslab, interval 1, probability 0, space 0, times 0
[  842.413108] CPU: 0 UID: 0 PID: 7836 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  842.413125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  842.413133] Call Trace:
[  842.413137]  <TASK>
[  842.413141]  dump_stack_lvl+0xfa/0x120
[  842.413168]  should_fail_ex+0x4d7/0x5e0
[  842.413186]  ? __kernfs_new_node+0xd3/0x930
[  842.413201]  should_failslab+0xc2/0x120
[  842.413219]  kmem_cache_alloc_noprof+0x80/0x710
[  842.413238]  ? __kernfs_new_node+0xd3/0x930
[  842.413249]  __kernfs_new_node+0xd3/0x930
[  842.413264]  ? __pfx___kernfs_new_node+0x10/0x10
[  842.413280]  ? lock_acquire+0x15e/0x2d0
[  842.413296]  ? kernfs_root+0x23/0x2a0
[  842.413308]  ? find_held_lock+0x2b/0x80
[  842.413320]  ? kernfs_root+0xee/0x2a0
[  842.413332]  ? lock_release+0xc8/0x270
[  842.413345]  ? lock_is_held_type+0x9e/0x120
[  842.413368]  kernfs_new_node+0x13c/0x1e0
[  842.413386]  __kernfs_create_file+0x55/0x360
[  842.413405]  sysfs_add_file_mode_ns+0x21c/0x430
[  842.413419]  ? __pfx_dev_attr_store+0x10/0x10
[  842.413442]  internal_create_group+0x662/0xeb0
[  842.413461]  ? __pfx_internal_create_group+0x10/0x10
[  842.413474]  ? blk_validate_limits+0xc27/0x15c0
[  842.413498]  ? lock_is_held_type+0x9e/0x120
[  842.413519]  loop_configure+0xc46/0x15a0
[  842.413554]  ? __pfx_loop_configure+0x10/0x10
[  842.413582]  ? avc_has_extended_perms+0x107/0xf20
[  842.413601]  ? find_held_lock+0x2b/0x80
[  842.413612]  ? avc_has_extended_perms+0x23b/0xf20
[  842.413629]  ? lock_release+0xc8/0x270
[  842.413646]  lo_ioctl+0x66d/0x1ca0
[  842.413667]  ? __pfx_lo_ioctl+0x10/0x10
[  842.413684]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  842.413706]  ? lock_acquire+0x15e/0x2d0
[  842.413720]  ? __virt_addr_valid+0x1c6/0x5d0
[  842.413736]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  842.413755]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  842.413770]  ? lock_release+0xc8/0x270
[  842.413788]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  842.413827]  ? check_irq_usage+0x210/0xb40
[  842.413841]  ? __fget_files+0x34/0x3b0
[  842.413858]  ? find_held_lock+0x2b/0x80
[  842.413869]  ? __fget_files+0x203/0x3b0
[  842.413885]  ? __pfx_lo_ioctl+0x10/0x10
[  842.413902]  blkdev_ioctl+0x365/0x6d0
[  842.413923]  ? __pfx_blkdev_ioctl+0x10/0x10
[  842.413941]  ? selinux_file_ioctl+0xb9/0x280
[  842.413959]  ? __pfx_blkdev_ioctl+0x10/0x10
[  842.413978]  __x64_sys_ioctl+0x18f/0x210
[  842.413998]  do_syscall_64+0xbf/0x420
[  842.414011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.414024] RIP: 0033:0x7f6a11ca68d7
[  842.414034] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  842.414046] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  842.414058] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11ca68d7
[  842.414066] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[  842.414073] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[  842.414080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[  842.414088] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  842.414105]  </TASK>
03:47:39 executing program 2:
clone3(&(0x7f0000005880)={0x7bffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:39 executing program 7:
clone3(&(0x7f0000005880)={0xffbffa430f7f0000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:39 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 20)

03:47:39 executing program 1:
clone3(&(0x7f0000005880)={0xf0ffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  842.481921] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:47:39 executing program 7:
clone3(&(0x7f0000005880)={0xffefff1f00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  842.516610] loop6: detected capacity change from 0 to 512
03:47:39 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x3000000}}}, 0x414d02)

03:47:39 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xdb0e, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x4001, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

[  842.541198] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:47:39 executing program 1:
clone3(&(0x7f0000005880)={0xf400000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  842.559485] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:47:39 executing program 2:
clone3(&(0x7f0000005880)={0xf0ffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  842.570717] FAULT_INJECTION: forcing a failure.
[  842.570717] name failslab, interval 1, probability 0, space 0, times 0
[  842.571702] CPU: 0 UID: 0 PID: 7852 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  842.571719] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  842.571726] Call Trace:
[  842.571730]  <TASK>
[  842.571735]  dump_stack_lvl+0xfa/0x120
[  842.571763]  should_fail_ex+0x4d7/0x5e0
[  842.571781]  ? alloc_empty_file+0x58/0x1e0
[  842.571800]  should_failslab+0xc2/0x120
[  842.571818]  kmem_cache_alloc_noprof+0x80/0x710
[  842.571836]  ? alloc_empty_file+0x58/0x1e0
[  842.571853]  alloc_empty_file+0x58/0x1e0
[  842.571871]  path_openat+0xee/0x2d30
[  842.571895]  ? __pfx_path_openat+0x10/0x10
[  842.571917]  do_filp_open+0x1e8/0x450
[  842.571932]  ? __pfx_do_filp_open+0x10/0x10
[  842.571948]  ? __virt_addr_valid+0x2e8/0x5d0
[  842.571968]  ? find_held_lock+0x2b/0x80
[  842.571981]  ? alloc_fd+0x2c1/0x560
[  842.572000]  ? lock_release+0xc8/0x270
[  842.572017]  ? _raw_spin_unlock+0x1e/0x40
[  842.572034]  ? alloc_fd+0x2c1/0x560
[  842.572052]  do_sys_openat2+0x107/0x240
[  842.572064]  ? __pfx_do_sys_openat2+0x10/0x10
[  842.572081]  __x64_sys_openat+0x142/0x200
[  842.572093]  ? __pfx___x64_sys_openat+0x10/0x10
[  842.572111]  do_syscall_64+0xbf/0x420
[  842.572124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.572137] RIP: 0033:0x7f72081f8a04
[  842.572147] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  842.572159] RSP: 002b:00007f72057baed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  842.572171] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72081f8a04
[  842.572179] RDX: 0000000000000002 RSI: 00007f72057bb000 RDI: 00000000ffffff9c
[  842.572187] RBP: 00007f72057bb000 R08: 0000000000000000 R09: ffffffffffffffff
[  842.572195] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  842.572201] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  842.572217]  </TASK>
03:47:49 executing program 1:
clone3(&(0x7f0000005880)={0xf5ffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:49 executing program 7:
clone3(&(0x7f0000005880)={0xffffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:49 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = syz_mount_image$nfs4(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x3, 0x5, &(0x7f0000000600)=[{&(0x7f00000000c0)="9d5eb83f9d70dbb7a89b8cd4f926a0583cfb3b0ea4c71c8eff22472ff1f75673aa8c7d09cf75ddbb4c814deeadeccf7a7686978f4b20f8c10121aa5d42b861c373c2a8584b0510e3513c96f8d52038d9371d1d7577edfdcb395af5ea94bb75769a04c77362b83f0dc0605363a23ea9ab97a35655cbed7f2884c0964302ac87c8e0d05c820906fc748fbc1bd4baa83b367019c00e86074eade7f67b026d6b49be38f8523a4297d43114c33ef7d67e431887f9907ec6e61737191155eb34efe0d00eb45270da20d4a95575fe122f6645eba29e346eb8be7b55b52e225bd02578563a8f758062d12ec247b47f", 0xeb, 0x5}, {&(0x7f00000001c0)="2443015ddcc0fe508ea5c5525a890dfe3e13b6ffc5ce94cefd4755a77d91eec8e70a6fd81b3270d60300eb5672c6afc221846b8a5419fa76ce756e2e9f31c27f47ee7dda2a12a52f5152e1fbdf21193031be0ea28911a1c6f5495d8e9884e7572140b262127279960fc7cf1befe2e5ac6aeb05e037f6dbcd2657811095d0022f48b0876b4765877d01e7170da432f28d72a7f4679524adf575e52b9e8060d7f55ddcb402e12fbaa6cc3d4b31", 0xac, 0x800}, {&(0x7f0000000280)="146bd9dbf8d63d0363f8e99d7ce4b54e38436204254ba1918a8066371c6d5f76a5ba370396e61f8c7a03c2c84268f279fd51478a300dc501615432f343a485d896366d960f63bffe7df52c213180b89181123ee3fb9fa2673439523593bd53d1eb", 0x61, 0x80000000}, {&(0x7f0000000400)="447d6dc859f9b97defc07ff9f68516e4a960a2c79f0f98cdb1e727fd00eea5a04667c08ccc879b61aea80f5db3c040be9775d3a7b98c4fa272215141df18486d15c7b3902a455c3d65793116837936e3a096bfb18d1abb0d066a08ee6f732cdd20ba0fb2226f371822fc184fd884405c7f381726642794e7d56caed4e6881bb8891cbec8ec2896465852b89d8d61f422804da8e1c4e5336b509ea15d830a3ec52731087e298a9a6f60c370b34bb39d67c05c003524c30e9997c5a664f44c292ed6bc020aed87fa65517a05436de86d4a6044d248646608ba6c1b45d949fc727a14407a4af233bf8cb26f047bad7e3776476663c854eaa5445036", 0xfa, 0xfffffffffffffffd}, {&(0x7f0000000500)="fb7ad58aebfd9ef1083928ed8dce4db4588d9c024e2e7c01efe63ee227b51918186042f4c4c7f00db74d7657293416c7c992ba8fcf4fe12333356b3e78ece2db7731847a8a9f3117e7a49c682546ac287eb256f8d92a3aaccfd8941568fecaab0697ccc08a911106565f603623efffa5269a063b69ade7976b46ef0946bfa36db5f25177ccc338274daab308a24ce9472b6051feca5d3ca1b0473611494b44c0000bf4375fc97a176ebd4d66f0eb301336e9b520656896b84581491cb5cdb070e46b7c8a4a8c9a7fdcb409263fb6a17eb0", 0xd1, 0xcdf}], 0x200488a, &(0x7f0000000680)=ANY=[@ANYBLOB="2f2a282a29245b7b272c2c2d2c3ad72c2c2c2c2c6f626a5f747970653d5c3a212d285b5d272f5b5c2a5c2c61707072616973655f747970653d696d617369672c6f626a5f757365723d31f222a19d1755f6f41f072fc8de3577146f7ea0193ee58a692cc2fb752c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',uid<', @ANYRESDEC=0x0, @ANYBLOB="2c6d6561737572652c0034c10000000003718d25"])
fsetxattr$security_selinux(r1, &(0x7f0000000300), &(0x7f0000000740)='system_u:object_r:xen_device_t:s0\x00', 0x22, 0x3)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:47:49 executing program 2:
clone3(&(0x7f0000005880)={0xf400000000000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:49 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:47:49 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 41)

03:47:49 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 21)

03:47:49 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x4000000}}}, 0x414d02)

[  852.241142] loop5: detected capacity change from 0 to 512
[  852.248493] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  852.249281] EXT4-fs (loop5): group descriptors corrupted!
[  852.251377] loop4: detected capacity change from 0 to 264192
[  852.253709] nfs4: Unknown parameter '/*(*)$[{''
[  852.257646] loop3: detected capacity change from 0 to 512
[  852.262325] loop6: detected capacity change from 0 to 512
[  852.279763] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:47:49 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x5000000}}}, 0x414d02)

03:47:49 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 22)

[  852.318565] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  852.321575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  852.336216] FAULT_INJECTION: forcing a failure.
[  852.336216] name failslab, interval 1, probability 0, space 0, times 0
[  852.337178] CPU: 0 UID: 0 PID: 7890 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  852.337194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  852.337202] Call Trace:
[  852.337206]  <TASK>
[  852.337211]  dump_stack_lvl+0xfa/0x120
[  852.337238]  should_fail_ex+0x4d7/0x5e0
[  852.337256]  ? security_file_alloc+0x35/0x130
[  852.337273]  should_failslab+0xc2/0x120
[  852.337293]  kmem_cache_alloc_noprof+0x80/0x710
03:47:49 executing program 2:
clone3(&(0x7f0000005880)={0xf5ffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  852.337306]  ? __create_object+0x59/0x80
[  852.337322]  ? security_file_alloc+0x35/0x130
[  852.337337]  security_file_alloc+0x35/0x130
[  852.337353]  init_file+0x95/0x4c0
[  852.337371]  alloc_empty_file+0x76/0x1e0
[  852.337390]  path_openat+0xee/0x2d30
[  852.337414]  ? __pfx_path_openat+0x10/0x10
[  852.337435]  do_filp_open+0x1e8/0x450
[  852.337450]  ? __pfx_do_filp_open+0x10/0x10
[  852.337466]  ? __virt_addr_valid+0x2e8/0x5d0
[  852.337486]  ? find_held_lock+0x2b/0x80
[  852.337498]  ? alloc_fd+0x2c1/0x560
[  852.337513]  ? lock_release+0xc8/0x270
[  852.337531]  ? _raw_spin_unlock+0x1e/0x40
[  852.337547]  ? alloc_fd+0x2c1/0x560
[  852.337566]  do_sys_openat2+0x107/0x240
[  852.337578]  ? __pfx_do_sys_openat2+0x10/0x10
[  852.337595]  __x64_sys_openat+0x142/0x200
[  852.337607]  ? __pfx___x64_sys_openat+0x10/0x10
[  852.337624]  do_syscall_64+0xbf/0x420
[  852.337639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.337651] RIP: 0033:0x7f72081f8a04
[  852.337662] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  852.337673] RSP: 002b:00007f72057baed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  852.337685] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72081f8a04
[  852.337693] RDX: 0000000000000002 RSI: 00007f72057bb000 RDI: 00000000ffffff9c
[  852.337701] RBP: 00007f72057bb000 R08: 0000000000000000 R09: ffffffffffffffff
[  852.337708] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  852.337716] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  852.337731]  </TASK>
03:47:49 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x9)

03:47:59 executing program 1:
clone3(&(0x7f0000005880)={0xfbffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:59 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 42)

03:47:59 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="106fdc2526c5000100020000000b00"/29], 0x414d02)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8001, 0xa0)
close_range(r0, 0xffffffffffffffff, 0x0)

03:47:59 executing program 2:
clone3(&(0x7f0000005880)={0xfbffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:59 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:47:59 executing program 7:
clone3(&(0x7f0000005880)={0xffffffffffffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:59 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x6000000}}}, 0x414d02)

03:47:59 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 23)

[  862.338911] loop5: detected capacity change from 0 to 512
[  862.353079] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  862.354417] EXT4-fs (loop5): group descriptors corrupted!
[  862.360741] loop6: detected capacity change from 0 to 512
[  862.369029] FAULT_INJECTION: forcing a failure.
[  862.369029] name failslab, interval 1, probability 0, space 0, times 0
[  862.370609] CPU: 0 UID: 0 PID: 7915 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  862.370635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  862.370646] Call Trace:
[  862.370652]  <TASK>
[  862.370658]  dump_stack_lvl+0xfa/0x120
[  862.370696]  should_fail_ex+0x4d7/0x5e0
[  862.370723]  ? kobject_uevent_env+0x22e/0xf90
[  862.370746]  should_failslab+0xc2/0x120
[  862.370773]  __kmalloc_cache_noprof+0x80/0x730
[  862.370802]  ? ___ratelimit+0x3c0/0x910
[  862.370837]  ? kobject_uevent_env+0x22e/0xf90
[  862.370860]  kobject_uevent_env+0x22e/0xf90
[  862.370888]  ? lock_is_held_type+0x9e/0x120
[  862.370920]  loop_configure+0xe31/0x15a0
[  862.370971]  ? __pfx_loop_configure+0x10/0x10
[  862.371021]  ? avc_has_extended_perms+0x107/0xf20
[  862.371051]  ? find_held_lock+0x2b/0x80
[  862.371070]  ? avc_has_extended_perms+0x23b/0xf20
[  862.371095]  ? lock_release+0xc8/0x270
[  862.371122]  lo_ioctl+0x66d/0x1ca0
[  862.371155]  ? __pfx_lo_ioctl+0x10/0x10
[  862.371180]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  862.371213]  ? lock_acquire+0x15e/0x2d0
[  862.371235]  ? __virt_addr_valid+0x1c6/0x5d0
[  862.371257]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  862.371285]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  862.371309]  ? lock_release+0xc8/0x270
[  862.371343]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  862.371402]  ? check_irq_usage+0x210/0xb40
[  862.371429]  ? __fget_files+0x34/0x3b0
[  862.371455]  ? find_held_lock+0x2b/0x80
[  862.371472]  ? __fget_files+0x203/0x3b0
[  862.371500]  ? __pfx_lo_ioctl+0x10/0x10
[  862.371529]  blkdev_ioctl+0x365/0x6d0
[  862.371559]  ? __pfx_blkdev_ioctl+0x10/0x10
[  862.371587]  ? selinux_file_ioctl+0xb9/0x280
[  862.371613]  ? __pfx_blkdev_ioctl+0x10/0x10
[  862.371642]  __x64_sys_ioctl+0x18f/0x210
[  862.371665]  do_syscall_64+0xbf/0x420
[  862.371686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.371705] RIP: 0033:0x7f6a11ca68d7
[  862.371708] loop3: detected capacity change from 0 to 512
[  862.371720] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  862.371737] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  862.371754] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11ca68d7
[  862.371767] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[  862.371777] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[  862.371788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[  862.371799] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  862.371825]  </TASK>
03:47:59 executing program 2:
clone3(&(0x7f0000005880)={0xffbf0219157f0000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:47:59 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 24)

03:47:59 executing program 1:
clone3(&(0x7f0000005880)={0xff8fbec4df7f0000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  862.454258] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  862.456828] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  862.461825] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  862.515339] FAULT_INJECTION: forcing a failure.
[  862.515339] name failslab, interval 1, probability 0, space 0, times 0
[  862.516864] CPU: 0 UID: 0 PID: 7927 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  862.516887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  862.516898] Call Trace:
[  862.516903]  <TASK>
[  862.516910]  dump_stack_lvl+0xfa/0x120
[  862.516946]  should_fail_ex+0x4d7/0x5e0
[  862.516969]  ? __kernfs_new_node+0xd3/0x930
[  862.516987]  should_failslab+0xc2/0x120
[  862.517019]  kmem_cache_alloc_noprof+0x80/0x710
[  862.517038]  ? __pfx_avc_has_perm+0x10/0x10
[  862.517067]  ? __kernfs_new_node+0xd3/0x930
[  862.517082]  __kernfs_new_node+0xd3/0x930
[  862.517103]  ? __pfx___kernfs_new_node+0x10/0x10
[  862.517124]  ? lock_acquire+0x15e/0x2d0
[  862.517147]  ? kernfs_root+0x23/0x2a0
[  862.517164]  ? find_held_lock+0x2b/0x80
[  862.517180]  ? kernfs_root+0xee/0x2a0
[  862.517196]  ? lock_release+0xc8/0x270
[  862.517215]  ? lock_is_held_type+0x9e/0x120
[  862.517245]  kernfs_new_node+0x13c/0x1e0
[  862.517269]  kernfs_create_dir_ns+0x4d/0x1a0
[  862.517293]  internal_create_group+0x440/0xeb0
[  862.517312]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  862.517345]  ? __pfx_internal_create_group+0x10/0x10
[  862.517363]  ? blk_validate_limits+0xc27/0x15c0
[  862.517393]  ? lock_is_held_type+0x9e/0x120
[  862.517420]  loop_configure+0xc46/0x15a0
[  862.517467]  ? __pfx_loop_configure+0x10/0x10
[  862.517506]  ? avc_has_extended_perms+0x107/0xf20
[  862.517529]  ? find_held_lock+0x2b/0x80
[  862.517545]  ? avc_has_extended_perms+0x23b/0xf20
[  862.517569]  ? lock_release+0xc8/0x270
[  862.517592]  lo_ioctl+0x66d/0x1ca0
[  862.517621]  ? __pfx_lo_ioctl+0x10/0x10
[  862.517644]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  862.517674]  ? __pfx_perf_trace_lock+0x10/0x10
[  862.517704]  ? perf_trace_lock+0xb5/0x5d0
[  862.517725]  ? __lock_acquire+0x453/0x2150
[  862.517747]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  862.517800]  ? check_irq_usage+0x210/0xb40
[  862.517819]  ? __fget_files+0x34/0x3b0
[  862.517841]  ? find_held_lock+0x2b/0x80
[  862.517856]  ? __fget_files+0x203/0x3b0
[  862.517879]  ? __pfx_lo_ioctl+0x10/0x10
[  862.517903]  blkdev_ioctl+0x365/0x6d0
[  862.517930]  ? __pfx_blkdev_ioctl+0x10/0x10
[  862.517955]  ? selinux_file_ioctl+0xb9/0x280
[  862.517977]  ? __pfx_blkdev_ioctl+0x10/0x10
[  862.518003]  __x64_sys_ioctl+0x18f/0x210
[  862.518024]  do_syscall_64+0xbf/0x420
[  862.518043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.518060] RIP: 0033:0x7f72082458d7
[  862.518073] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  862.518089] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  862.518106] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72082458d7
[  862.518117] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  862.518127] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  862.518137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  862.518147] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  862.518170]  </TASK>
[  862.550602] loop5: detected capacity change from 0 to 512
[  862.603562] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  862.604649] EXT4-fs (loop5): group descriptors corrupted!
03:48:08 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:08 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x7000000}}}, 0x414d02)

03:48:08 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 25)

03:48:08 executing program 4:
io_uring_enter(0xffffffffffffffff, 0x2760, 0x55f1, 0x1, &(0x7f0000000040)={[0x2]}, 0x8)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:48:08 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:48:08 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 43)

03:48:08 executing program 2:
clone3(&(0x7f0000005880)={0xffefff1f00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:08 executing program 1:
clone3(&(0x7f0000005880)={0xffefff1f00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  871.865697] loop6: detected capacity change from 0 to 512
03:48:09 executing program 2:
clone3(&(0x7f0000005880)={0xffffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  871.891647] loop3: detected capacity change from 0 to 512
03:48:09 executing program 1:
clone3(&(0x7f0000005880)={0xffffffff00000000, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  871.901806] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  871.904323] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  871.913509] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  871.936375] loop5: detected capacity change from 0 to 512
03:48:09 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef0100010000", 0x3f, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:48:09 executing program 2:
clone3(&(0x7f0000005880)={0xffffffffffffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:09 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 44)

[  871.971923] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  871.973599] EXT4-fs (loop5): group descriptors corrupted!
03:48:09 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x8040000}}}, 0x414d02)

[  871.998255] FAULT_INJECTION: forcing a failure.
[  871.998255] name failslab, interval 1, probability 0, space 0, times 0
[  871.999307] CPU: 1 UID: 0 PID: 7964 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  871.999323] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  871.999331] Call Trace:
[  871.999335]  <TASK>
[  871.999339]  dump_stack_lvl+0xfa/0x120
[  871.999366]  should_fail_ex+0x4d7/0x5e0
[  871.999384]  ? __kernfs_new_node+0xd3/0x930
[  871.999397]  should_failslab+0xc2/0x120
[  871.999415]  kmem_cache_alloc_noprof+0x80/0x710
[  871.999433]  ? __kernfs_new_node+0xd3/0x930
[  871.999444]  __kernfs_new_node+0xd3/0x930
[  871.999458]  ? __pfx___kernfs_new_node+0x10/0x10
[  871.999473]  ? lock_acquire+0x15e/0x2d0
[  871.999489]  ? kernfs_root+0x23/0x2a0
[  871.999501]  ? find_held_lock+0x2b/0x80
[  871.999513]  ? kernfs_root+0xee/0x2a0
[  871.999525]  ? lock_release+0xc8/0x270
[  871.999538]  ? lock_is_held_type+0x9e/0x120
[  871.999560]  kernfs_new_node+0x13c/0x1e0
[  871.999577]  __kernfs_create_file+0x55/0x360
[  871.999596]  sysfs_add_file_mode_ns+0x21c/0x430
[  871.999609]  ? __pfx_dev_attr_store+0x10/0x10
[  871.999632]  internal_create_group+0x662/0xeb0
[  871.999650]  ? __pfx_internal_create_group+0x10/0x10
[  871.999663]  ? blk_validate_limits+0xc27/0x15c0
[  871.999685]  ? lock_is_held_type+0x9e/0x120
[  871.999704]  loop_configure+0xc46/0x15a0
[  871.999736]  ? __pfx_loop_configure+0x10/0x10
[  871.999762]  ? avc_has_extended_perms+0x107/0xf20
[  871.999781]  ? find_held_lock+0x2b/0x80
[  871.999792]  ? avc_has_extended_perms+0x23b/0xf20
[  871.999809]  ? lock_release+0xc8/0x270
[  871.999825]  lo_ioctl+0x66d/0x1ca0
[  871.999845]  ? __pfx_lo_ioctl+0x10/0x10
[  871.999862]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  871.999883]  ? lock_acquire+0x15e/0x2d0
[  871.999897]  ? __virt_addr_valid+0x1c6/0x5d0
[  871.999912]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  871.999931]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  871.999947]  ? lock_release+0xc8/0x270
[  871.999963]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  872.000003]  ? check_irq_usage+0x210/0xb40
[  872.000017]  ? __fget_files+0x34/0x3b0
[  872.000033]  ? find_held_lock+0x2b/0x80
[  872.000044]  ? __fget_files+0x203/0x3b0
[  872.000059]  ? __pfx_lo_ioctl+0x10/0x10
[  872.000076]  blkdev_ioctl+0x365/0x6d0
[  872.000097]  ? __pfx_blkdev_ioctl+0x10/0x10
[  872.000115]  ? selinux_file_ioctl+0xb9/0x280
[  872.000130]  ? __pfx_blkdev_ioctl+0x10/0x10
[  872.000149]  __x64_sys_ioctl+0x18f/0x210
[  872.000164]  do_syscall_64+0xbf/0x420
[  872.000176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  872.000189] RIP: 0033:0x7f6a11ca68d7
[  872.000199] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  872.000211] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  872.000223] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11ca68d7
[  872.000232] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[  872.000239] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[  872.000246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[  872.000253] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  872.000269]  </TASK>
03:48:09 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:09 executing program 1:
clone3(&(0x7f0000005880)={0xffffffffffffffff, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  872.072410] loop6: detected capacity change from 0 to 512
03:48:09 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 26)

[  872.089684] loop3: detected capacity change from 0 to 512
[  872.098010] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  872.106665] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  872.107438] EXT4-fs (loop3): group descriptors corrupted!
[  872.110049] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  872.181230] loop5: detected capacity change from 0 to 512
[  872.201047] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  872.202866] EXT4-fs (loop5): group descriptors corrupted!
03:48:17 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="76dda6464d49296cbf95859b3d4da140100000ff00001000"], 0x414d02)
pidfd_open(0xffffffffffffffff, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

03:48:17 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 45)

03:48:17 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xb000000}}}, 0x414d02)

03:48:17 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:48:17 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x2}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:17 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:17 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 27)

03:48:17 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x2}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  880.495196] loop3: detected capacity change from 0 to 512
[  880.499257] loop5: detected capacity change from 0 to 512
[  880.502701] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  880.503632] EXT4-fs (loop3): group descriptors corrupted!
[  880.505464] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  880.506420] EXT4-fs (loop5): group descriptors corrupted!
[  880.545842] Process accounting resumed
03:48:17 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 28)

03:48:17 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f01", 0x35, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

[  880.571283] loop6: detected capacity change from 0 to 512
[  880.603564] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  880.607859] FAULT_INJECTION: forcing a failure.
[  880.607859] name failslab, interval 1, probability 0, space 0, times 0
[  880.608955] CPU: 0 UID: 0 PID: 8011 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  880.608971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  880.608979] Call Trace:
[  880.608984]  <TASK>
[  880.608992]  dump_stack_lvl+0xfa/0x120
[  880.609020]  should_fail_ex+0x4d7/0x5e0
[  880.609038]  ? __kernfs_new_node+0xd3/0x930
[  880.609052]  should_failslab+0xc2/0x120
[  880.609070]  kmem_cache_alloc_noprof+0x80/0x710
[  880.609089]  ? __kernfs_new_node+0xd3/0x930
[  880.609101]  __kernfs_new_node+0xd3/0x930
[  880.609116]  ? __pfx___kernfs_new_node+0x10/0x10
[  880.609131]  ? lock_acquire+0x15e/0x2d0
[  880.609148]  ? kernfs_root+0x23/0x2a0
[  880.609160]  ? find_held_lock+0x2b/0x80
[  880.609172]  ? kernfs_root+0xee/0x2a0
[  880.609183]  ? lock_release+0xc8/0x270
[  880.609197]  ? lock_is_held_type+0x9e/0x120
[  880.609222]  kernfs_new_node+0x13c/0x1e0
[  880.609242]  __kernfs_create_file+0x55/0x360
[  880.609264]  sysfs_add_file_mode_ns+0x21c/0x430
[  880.609279]  ? __pfx_dev_attr_store+0x10/0x10
[  880.609306]  internal_create_group+0x662/0xeb0
[  880.609327]  ? __pfx_internal_create_group+0x10/0x10
[  880.609342]  ? blk_validate_limits+0xc27/0x15c0
[  880.609367]  ? lock_is_held_type+0x9e/0x120
[  880.609389]  loop_configure+0xc46/0x15a0
[  880.609428]  ? __pfx_loop_configure+0x10/0x10
[  880.609460]  ? avc_has_extended_perms+0x107/0xf20
[  880.609480]  ? find_held_lock+0x2b/0x80
[  880.609491]  ? avc_has_extended_perms+0x23b/0xf20
[  880.609508]  ? lock_release+0xc8/0x270
[  880.609525]  lo_ioctl+0x66d/0x1ca0
[  880.609546]  ? __pfx_lo_ioctl+0x10/0x10
[  880.609563]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  880.609585]  ? lock_acquire+0x15e/0x2d0
[  880.609599]  ? __virt_addr_valid+0x1c6/0x5d0
[  880.609614]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  880.609633]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  880.609649]  ? lock_release+0xc8/0x270
[  880.609666]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  880.609705]  ? check_irq_usage+0x210/0xb40
[  880.609719]  ? __fget_files+0x34/0x3b0
[  880.609737]  ? find_held_lock+0x2b/0x80
[  880.609748]  ? __fget_files+0x203/0x3b0
[  880.609764]  ? __pfx_lo_ioctl+0x10/0x10
[  880.609781]  blkdev_ioctl+0x365/0x6d0
[  880.609802]  ? __pfx_blkdev_ioctl+0x10/0x10
[  880.609820]  ? selinux_file_ioctl+0xb9/0x280
[  880.609836]  ? __pfx_blkdev_ioctl+0x10/0x10
[  880.609855]  __x64_sys_ioctl+0x18f/0x210
[  880.609871]  do_syscall_64+0xbf/0x420
[  880.609884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  880.609897] RIP: 0033:0x7f72082458d7
[  880.609907] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  880.609918] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  880.609930] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72082458d7
[  880.609939] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  880.609947] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  880.609955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  880.609962] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  880.609980]  </TASK>
[  880.619239] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  880.631645] loop3: detected capacity change from 0 to 512
[  880.653616] loop5: detected capacity change from 0 to 512
[  880.672548] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  880.674142] EXT4-fs (loop5): group descriptors corrupted!
03:48:17 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x3}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  880.708056] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:48:17 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x10000000}}}, 0x414d02)

03:48:17 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x2}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:17 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 46)

03:48:17 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 29)

03:48:17 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = eventfd2(0xfffffffd, 0x801)
io_setup(0x3f, &(0x7f00000001c0)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001740)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000200)="992bee7a575534f3", 0x8}])
r3 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r3, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r3, 0xffffffffffffffff, 0x0)
r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r4, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r4, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000500)={{0x1, 0x1, 0x18, <r5=>r0}, './file0\x00'})
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
r7 = creat(&(0x7f00000003c0)='./file0\x00', 0x8)
open_by_handle_at(r7, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r7, 0xffffffffffffffff, 0x0)
r8 = syz_open_procfs$userns(0x0, &(0x7f0000000940))
io_submit(r2, 0x9, &(0x7f00000019c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x7, 0x3, r3, &(0x7f0000000040)="a33edb8702282659d3ef7ce39c7da2dda8d77f5cd90a3ae94d01e05965f9e3c5162700a061e4ee17231b344d9a3ac7611cf91d39f20ad69389c130a225bab1b91d93057e6f5e3384107dc90ca5c0398e0ab7b3511c8e29f75ab236e01bcb84bf191e51d742a475d7b842be5ab2e79cea587c0b2585135c777dac78990874a4e9b8ee740701892783bcf824fd5cdf44507be62f6e20951af26dabe8ba4cf69e8c08a390c4fcc81f675b9e8fff2e00cfcf6472e78a7d3827c2ad55", 0xba, 0xfffffffffffffffc, 0x0, 0x3}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x2, 0xee, r0, &(0x7f0000000140)="7036fe1f21c424dfc8864cc3a289028bcc4fc7f1735e579f2ef8eab5a1e894029ff7cb4ebac8b146f5c7328e5accbbae029eaa1c18e2303a2bc9e29e3bf22c4802ef70f21f20252e21fca6bbfb01b122c50c6406b9ca98a474ebbfcfa85620f55434a141200eed9fefd0b1a979829ace2b0b4bc8b20ae28ee435a20a585c2117a5", 0x81, 0xb39}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0xfffa, r0, &(0x7f0000000240)="676d76969a8038a2dc0590d8d08a00599f7a8ac568d4b1dabc30a24558160ff7094301aa17980961162d1605cb06cc22302f47164dc767753989e02877fba66e1f27dd9c5a44dbc936950c991c337c", 0x4f, 0x1ff, 0x0, 0x1, r4}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x7, r0, &(0x7f0000000400)="06d6cb63bdaeed5b0a91b71f491c0d077dba8dd1cd2cba28f8da10ea7d7a5d6e7d808f06fe736de296ffbb59ac80369549b6383bf633babc3c42e3366789399e31bc180e32480c761f07ff89860d86027324797923c3421f147f9f92a522908958596bdcd9d42fd0bc7cf92e3fa0384c1b979a3da021914a9c11fed5db9191f5c9de71b032761cc7436584be0f228eeb0a7fc4cd94c9d862a83396cecaa3d32d4235a336e9f057f0dbefcf8d8025fa9d7dd437ac4ba7521bb9b6bbeed8e86b60c8992bfaaa151cd1a22ef5cb7c38985055c08ae1c0d4a61040fc8b92874e78", 0xdf, 0x800, 0x0, 0x2}, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x800, r5, &(0x7f0000000540)="9ea17b0555bd7f03873fd5db2df4a07d63a1e7e2753261ce4e39a5e9a3e4cba9843f5dbd15943cd5490b340d44d6e76018ce766da0fee9895b606002cb4f1a8a6247c947395ed5b482ebe7f6871e7de0992ff5305e4e7b8598375ef938852ee5239f0adb4f746328233eb0a2ab66460d787c5803270e8eaf8ea96b0222ad3204b7ba2a24fa", 0x85, 0x5, 0x0, 0x2}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x7, 0x1, r6, &(0x7f0000000640)="b0f9fe01347bb8952f8aef8c31846e5bc614c5cf8dd12e21ef", 0x19, 0x2, 0x0, 0x2}, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x5, 0x9, r7, &(0x7f00000006c0)="dda12e2e4e291a5d7ef64af33d7f0f9bce952aa93d88e2f10e7082e4fdd766defa33662a649da9b50d4a304886b973a8efcc7ef79e51aadc85e892e35fb80f16c18bb33d899268c4ee5ea782c91d6567da108c6c9bf3750efe64b0d0ef51bc43d2a48e7f21adad0c7c427ea89e4d9c746bfc2c92006b1235760ff291084fbfe3f3648bac926f0ef1e0a4db4fcbb6495457f25896a01a3628a0a9a5e27a8e4b6b6e7e0d8fc3c75225bd3fdaedbbcbdd41d5534d33e3ce65971ff1b8c796e6155326c001408d359d87086be53bddfbc8c55b11d43221c4fb080c1f75a0c10ede7cdbff5cd61c64d80083aa7dfdda16708431ce5408", 0xf4, 0x10000}, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x2, 0x2, r0, &(0x7f0000000800)="764f8df10b714b5f2f2cc96c295a244c7e0d6dc00509c3bd81804ccd9b4884ea3c1bc5663cc73706454e5ef67e9075142bfc6639069993e7bdf65c19526febab0118dbde9ef893accacc5f7f12a72d85406be836d10ec1e9942f65c588bef5a2d5a6c1b8d350aadc8c7724477c9a5a2bfcab5959218fcfebeb4fbe89a14d6f71f1e870286f5008ee320d913441bb488061233c48a30ced04fb79410cee30c9dc4ea2cc4859b8dcc40d157e674478408841e4db9034515f9c39ada2a1db8a700f3eef5fcaea8e90b44dca7fba98e8f00194d86399bd88b1d000d8706d509704a1770a27c19d40de38d3", 0xe9, 0x3, 0x0, 0x3}, &(0x7f0000001980)={0x0, 0x0, 0x0, 0x1, 0x7, r8, &(0x7f0000000980)="978b4fe719a273464252226e2f24e4118f98f0dce674380cdaecbb072bc9d79cc26da1749b026299563054344ab4bb9f51aa1dafb81e6894a450f7f39d19f92b32395d954387e94adcfa4ea8d1d6c2c94eda444190a5e76b9643bfbb252007735077c51e80f36346eacc36491951ca4d5536df0a21b34aa35fd44b2d00acfb83503416cef88ab84f73f90f5248b41c54984b4707bdbef34d3685de92be49fefc4fd8c59b3684635bb2f3d340a4d288acf710064343f1a5886c859540161da1adfd50ab8e69e0800313d3118a4087a1ae0f8b39672d944b8f23dcdccea493643e5d4d7fdd1acbf49eb04380c2e972d0094df305c72b00a1561dd86007857d1e8670f535d632b58ea2b2cd539eb29dc968fea0986f5dba638225be2d22cb054148e9901c9a5ae34e4e7c5e1e895c3348dcaca4b1805a7454bbb2cb57b1c9c75a5c60b42048adb051114785d3a9dc1369871c3daaa8f472b4b2b6055472f450e4308953e408fe11253339328b44a5623bcdd98c3ffd25c641c23c685dab5e444e30865cd073f2dfa9a6bdb14436d802c4d762ef2daa7ac25717cf85a03cd78820048b6a5908f051ed5812be43d33593f0c0b423297078c3fc87a22e8d2d6ca17de206199fd62e2e4163120ed304b2080511d56ca1b37d9bed1138558e590ba2aadef7b298276b290e8c9b110ca5abf3363187b7055ba228e17205f4bcc14b2a57ab998145646465ad43f7f963d116c36c7d515b83c68a7f7f0d5c4ab643a046762c02bb284a3f5d92d4ef755631c34210690987d0fbd32db650faecfa5d77971ba3c18217ea8bc97cdaf5f84f93411a9ac889cb019af9549a5a09d4633e51811600126c25c44b68b9f604d8748497d96273c97a30ca7c361eff20f53ab70d7cfefd3a7a00db00875f97f2909da76019e3a0daa40b88915a734ef6b4a4e250d22ef610bf847132630c33121e2e72139a516edfcfabe9aed7bd849bd27a69f43d0740387a41aa63dc09e654d978a67f36eed319e523c18a79d2a0385d3bd3b1ad8c5546ec3a993e35eb600b47a8d60e27f743293eba56e55f7645117aa4cbeeaaef860a4c523ce005839466d8356193d4d74ebca0c5885609ed1ac98c397aeeb87069cefce9eca70a8393e16ed5f6ca42f586b83c2356de8becb6b0cc44fac528806eb68964eac7c8cc67937aaee3d048a06897c64a43eb2d1f99b35500d4105fa10abdbfa1335087f74c275d7316db1bea14a0aadb827eaeebdeb532fa3f8ad8214c03e5158aaeca859b5e3e7f97eb5559aba1ecfa5a4f554312634941666fba764454faedb939e26bbad4ca5e81f6b95a4a34bb6879e3e616c339679023c2f7cadbc2c3d7aafbd40bf7b7271620cb2f0ae0cc77776670a59e464fb184d6ebce667530ea5815a0341f90527c9414d67684ee457497b45c964dbbe6ab847f5f2f2c82ad8347aaa8d3b78903554eda5fdf6aa4a933bdcbffdc8c26c3f306a10211b6dd675c77f4b7976d00289c91eb82f3c945d56faf6788941cbbe96fc8e1997520ec3950638f7fed1788c8bd71f0eefc590825bce40612a83bd15b4f3bfa0d28f33aeadc2baea898711792162617977cdcf26640862cb2d0955397dea1135c5247ecd0c9f41be01183db530b63be819a422bd3d3e1e9b7641a7f87589cf62f06f91a2eb9d68624cb2f380ab2dd82800983ff0f5695e60ed43d758f3809b0030cba6db75980b3e29ddd1a9cadeb28fc256b9356f28e54e01ad42cecf2de249dc92d445acd5378eed03d91d6ec59e5f0cf6e40193b72ea6f14821645f65fe4e7046c95aec9e5c91869c95fd9151d971ab09d0c52596df5826558535b7dbe4217661fa21eebdd20a709c3e1ff3b9a85d8f0e4d0c38a1d016d8938a55e647042990e4910311009ee9c74f527039146d70890b94a2bf3a749eef63229026d88609add82645578f8c40c963ca1aa90b1cfcee576b0dbb06581b796b33aa3cb9014cf07e6abef4f2d2d37356376c26cd46b5552d8ff28f41fd3a7cdc733a7980629e60209f8b538bea8b183cbaefa363b6c3ed06f91e178fcc1b34465e28d0b86eee2221440bfb089e56e052165d2024ee4cbed215b1893dcfe62cd7b924c97ec75011e716f796b7c3c1e66b5326a6b89c97af675cf315527a2cd31e2a1db1852c89f6613c33b07f5acccdbcf57e1a378559e414fa1511643c9af2e2d03c66a38e08fe58c60cf2a0369ca8e5d0f7a729e8a712246eb1a96514ec646501292841186543e6614ba1ba0be358d198a22f27846b81efd8e84c9c46584ea2fdcd38711a506351266ce729d4f1da57f367f5047e83f04822c971243f8a199bcff95b132b3e084c2de0c52a41c192496dbd634b71308984dbc1a9fb6b6c253f14ce58a4d6de1763f11508c839fc1be558ff11888f425400a2eb4993fd050ed5527fe36304994320a5a6d0c27a45a245bf7f9b4221e6bbe147a8145dc3cb50359b8437416ab3712d9f2240dafbc0fe5a8cf9eb0566e10434a45435a5534a139e63d8b0662b8d07410a38807dc4c6efd6aed53b89bd3d123662319d1ed04800a505e90ea537b6158af06fbd1c925668c48c9b0b2923505fa78e2535d7ee4839eba4a0159973b549f67a1b86d0e3f1e04d827ffec690255c27f80502d050fd2b8a35e8181d6604b25b3ab586a92dccf4e4a08f1f01f2b56a44165c03b6820b475f8dab43d935f4e5ea6a0177533eb02647abc3b2f370aa4c55586692a5312a652caf43f4677512152a87fcc248d532ab77bf4de2c6156fe9ac16a04f7d67195f4e858fd7a7922d2a7a460a7ad5e4b678d8e00b8af05fe2f0be2e50ad28edf3b0e5effc38ac9f126516a04caae73137119791b2517df6bfd0f1102e644e05689d7194f67a4da3c70193cff7d010207b86de8e073c773a1893f05f21b84c98f90d3e0f8f9daa67df6e66325d4a3b75b09a16f2361decf1e6883b3c79ad7cf2bf3e21f95619c279453776af24ed09a9d4a38d124b68b231131c96e98f6e010dc7101a5b33f51b409686986bb8746d9d2eaa2108502fad674a29ac605c19c33420afc51117329d0ae10e204118fc3a432ae1285734d52c80481944ac13768c3f93252760d414cb68b490ada10a209e8899fc0ddede7b88d2f6f1fe02d48908a113e5a934e7cefd1688c11018fdca246f316142a67a94462b82654d43c72eba5ffe4238d23b1eb62e683f2e9ef38afefa804d2e935347a9dd28a730d84a38164356763665fa57385c1e23c21628f69e3a215df670a68f099ff7d7b48f099bcd253f40d94e617a41108d3939a73ff432924b4eccbd9ac1bf9113c0a60e46bb0df6d5f625ab297778906314276d8d44994df119bb1bd46b70a38d79ebcad4ca4043bd630755d2b1844f386426cf6a0d22c7ed9dbeff96cdb25862dcf8ca08d754a5add3b00a06f567638cd51a1c1d68bc19ace53c601c3055ed6a989c5576f0ea727d1685c86cce48d1ca4e835032e45a8e2fd0a7975f9ab4f0b4ec98b2a3da819bb41431f5e6fbe18d85522ca3997db6d595f8862843f9b1a280ccd76c1cb45c3fb690fefdea53ca4b017cdf5ebb1a5d6a7645fe0c853e8f607acd97852198bc195facfc7297cabcbbf2433f3d9a931d48fece357448b07c9845ba4a6265966db7896fd386484e1126ba722dbef9df80839e1820d4d961da34013b679a4458e22653213ec8e64760d1f63a60f2a93dec45186d87d7fca77e3871643455c1cb59f1eb62aeb196220f47b51139d39ae4fabbda8bf11e9249eb9cd338c34877b6962bd52b9d3e8d413581b6c90f5604344d153fb4c5f617e3e74dfbc81183b99a6b7b57ceee9279eeb9ab24d137b132809acf160a38d1211eff6bee512812ce43e2219e4a3beb8c7adb5b874d4851271167a045d51c821594633ba731b278cd5cb1d7855b099d6ae104a2b0a11de06846f78710eee833d306d412645628f2c53749f09f9db6c221509733f1186e91a5c02146155d7bcaee209db3ade04603c6a334212e98032d3335d6f55955c3383c8a05af28dc065e1a8e79a39c07b5e4dda42f8ed5d6ea6bf38f9032632fda6b154353626371c48200902489793702bb3abf8132cb5ed3822f35038c5c437a5d5c6ff57b5fd1d355309fb2072f69a0437f680a39fca3da6298e36a68d61cdff33cba58e16aa1d938003cd259526cc75611123b130b656fef6d90845a6213259ec852d85c8512eac2fdfa923715009c0c8b72c458222d600b82a56e37c01510821ff11bdfcf5d39c2b94ed34e28701741287bb70573f5df23877cf7e000c14ddfe179765eccc1cb25ddc0de6f3b4cf694d152b9749da6a754f21be89e50f7b66bd72fc579d13735165cd6415c1099cb126c275bd56a475362b6cfbe2305da93ef817d88ca29b4c04726f4e857b230c1efec88b9cc3027d9f0a1e4d98b207b5670ff3b1ea5c4c3d37faa72e00b000aa50c03d15ca31f6fe46c5ccd4c26cca864ad4e48087000f0c31c429bdd494696b5dff3ba178edb23681ba351c67c794d189a12fffb98422d88a3c463176ba43da7245c2ed0ac12a97acf7f611ec883c36f7083fd675380933d6c86ebc905be9678f76a1254b3cf33c470e50d4247485ee436f1863e9ee4234bf2557e423160836d9838b61ce10b5c8bb703eed09a0737d62b856590f6ca49ebf7176ecae3a81245076a4ce4ce2dab544504876bf340730e39157c11df7ed677d863f187d6ff790a84afc94153b40d22c1813831c8a968faf223d3d791aa86d9690719fb6554c853513c33451e2533522b382b979908c0213a26e40fdaab185bad0785f73dd1596e2ba8492bae437b9604c041a6e1236e9c5acc252762009b2ac28cea70fa0712bc2b5072793718042e06521991369f09dee26a0959406ae18172aa1cf562743f21f64e428ec16f3c997c3364a58a9b8ea8cc67af81441de73b7b5fa3ea87ff968e9a20153022a264256c919a78154938f3d5575f8da495a2890510970461a0f89263aefbb02b42be85d4e5bfe7184e40869a4281a78792e4949bf3d6482306de8de73dc0889c5c3a2959879bc92d06ddb10d6a42a979d1086e523f96be7103dc8f99bbe9c4440ceed20a7dd22957ec000b1a75bba900a0fddfdc0064765a48c0aa137deae95b9789aa50e5ff0a0c26a29834caa29211dfe0592fec069ad2e60f64f28ce058ad71426d4dc8e014583597b5454b7dc30ce57881e2eb01adc78afe81087227fa91b9540de1924b1d86d4aaf23d98e94c92ebd85b44fb3a71436760f9bb7b23c5996834d23367839825eddaa021216cf8439542ac33ff136fa585408aacadc442a0a3f2538848abcab7306443ccd238854123757068086ed3bebbff18e78f7eee68d7fdce2c56e7038daec982b5539a940258db624a37fd2b9b55f564d2c9233dba210da413fd12aecbf6665f11e4a514193f9996b04550a187c37fc51b2fbef678ada589535f71de06dfe803711ffa78a86758d13788c00399db49a843d092aca46d3cb4e3cad10e8d921eec3f890ed1b3958380b1cfb0d2b22e6bba0281bf70cfbd34255da747f9db45f4487a7eaecfd773f91ad14f40b703c1301c651e8cc1871a183a132b1cda472075e0a4ec49c9a51882cd050b9da0624f37fc2e70edf761c63e03936082d38a13889b10af8afe70b1b3e1d9b95eb1797f4bf6587a5d0b3bcf2b476c85a6049314219b56c1c526533bdec4d072b995d1c9ec9fa44f5b6fad55417bc28199a572c89ae182f0e8bf595a597078495c4987bcd0bfd107d25c033ee25795beed77b71a0ec1dc7", 0x1000, 0x5}])
r9 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r9, &(0x7f0000001a40)=ANY=[@ANYBLOB="10000000060000000b00000000000000000000a99ea63d00bb27cd015cb66ed3dc6f76fe851ea61e3eac5782a4f98f1c8b8ca0304156c1ff629f011ab3dfdcedd185d88ede98fdf7914452b3951c82b8664f465c90327d59e045432e2dcb6560398a378989313dc5a9210b78d7274e9f43a87a1771307da895e9fd04"], 0x414d02)
close_range(r9, 0xffffffffffffffff, 0x0)

03:48:17 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x4}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  880.891447] loop5: detected capacity change from 0 to 512
[  880.903435] loop6: detected capacity change from 0 to 512
[  880.904556] FAULT_INJECTION: forcing a failure.
[  880.904556] name failslab, interval 1, probability 0, space 0, times 0
[  880.906586] CPU: 1 UID: 0 PID: 8034 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  880.906617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  880.906631] Call Trace:
[  880.906639]  <TASK>
[  880.906648]  dump_stack_lvl+0xfa/0x120
[  880.906693]  should_fail_ex+0x4d7/0x5e0
[  880.906724]  should_failslab+0xc2/0x120
[  880.906757]  kmem_cache_alloc_node_noprof+0x87/0x730
[  880.906784]  ? mark_held_locks+0x49/0x80
[  880.906812]  ? __alloc_skb+0x159/0x430
[  880.906843]  ? __alloc_skb+0x159/0x430
[  880.906864]  __alloc_skb+0x159/0x430
[  880.906886]  ? __alloc_skb+0x369/0x430
[  880.906909]  ? __pfx___alloc_skb+0x10/0x10
[  880.906932]  ? lock_acquire+0x15e/0x2d0
[  880.906959]  ? netlink_has_listeners+0x7f/0x430
[  880.906997]  ? netlink_has_listeners+0x20d/0x430
[  880.907024]  ? lock_release+0xc8/0x270
[  880.907056]  alloc_uevent_skb+0x7b/0x210
[  880.907090]  kobject_uevent_env+0xa8c/0xf90
[  880.907125]  ? lock_is_held_type+0x9e/0x120
[  880.907163]  loop_configure+0xe31/0x15a0
[  880.907223]  ? __pfx_loop_configure+0x10/0x10
[  880.907275]  ? avc_has_extended_perms+0x107/0xf20
[  880.907310]  ? find_held_lock+0x2b/0x80
[  880.907332]  ? avc_has_extended_perms+0x23b/0xf20
[  880.907366]  ? lock_release+0xc8/0x270
[  880.907398]  lo_ioctl+0x66d/0x1ca0
[  880.907438]  ? __pfx_lo_ioctl+0x10/0x10
[  880.907471]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  880.907512]  ? lock_acquire+0x15e/0x2d0
[  880.907541]  ? __virt_addr_valid+0x1c6/0x5d0
[  880.907568]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  880.907603]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  880.907634]  ? lock_release+0xc8/0x270
[  880.907667]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  880.907735]  ? check_irq_usage+0x210/0xb40
[  880.907762]  ? __fget_files+0x34/0x3b0
[  880.907793]  ? find_held_lock+0x2b/0x80
[  880.907814]  ? __fget_files+0x203/0x3b0
[  880.907846]  ? __pfx_lo_ioctl+0x10/0x10
[  880.907879]  blkdev_ioctl+0x365/0x6d0
[  880.907915]  ? __pfx_blkdev_ioctl+0x10/0x10
[  880.907951]  ? selinux_file_ioctl+0xb9/0x280
[  880.907980]  ? __pfx_blkdev_ioctl+0x10/0x10
[  880.908017]  __x64_sys_ioctl+0x18f/0x210
[  880.908046]  do_syscall_64+0xbf/0x420
[  880.908070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  880.908094] RIP: 0033:0x7f6a11ca68d7
[  880.908112] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  880.908134] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  880.908156] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11ca68d7
[  880.908172] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[  880.908186] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[  880.908199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[  880.908213] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  880.908244]  </TASK>
[  880.954587] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  880.956307] EXT4-fs (loop5): group descriptors corrupted!
[  880.990151] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  881.007778] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:48:27 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x12010000}}}, 0x414d02)

03:48:27 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 47)

03:48:27 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x5}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:27 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f01", 0x35, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:48:27 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x3}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:27 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 30)

03:48:27 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:48:27 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x3}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  890.042542] loop3: detected capacity change from 0 to 512
[  890.045130] FAULT_INJECTION: forcing a failure.
[  890.045130] name failslab, interval 1, probability 0, space 0, times 0
[  890.046090] CPU: 0 UID: 0 PID: 8056 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  890.046106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  890.046113] Call Trace:
[  890.046117]  <TASK>
[  890.046122]  dump_stack_lvl+0xfa/0x120
[  890.046148]  should_fail_ex+0x4d7/0x5e0
[  890.046164]  ? __kernfs_new_node+0xd3/0x930
[  890.046178]  should_failslab+0xc2/0x120
[  890.046195]  kmem_cache_alloc_noprof+0x80/0x710
[  890.046212]  ? __kernfs_new_node+0xd3/0x930
[  890.046223]  __kernfs_new_node+0xd3/0x930
[  890.046237]  ? __pfx___kernfs_new_node+0x10/0x10
[  890.046252]  ? lock_acquire+0x15e/0x2d0
[  890.046268]  ? kernfs_root+0x23/0x2a0
[  890.046279]  ? find_held_lock+0x2b/0x80
[  890.046291]  ? kernfs_root+0xee/0x2a0
[  890.046302]  ? lock_release+0xc8/0x270
[  890.046316]  ? lock_is_held_type+0x9e/0x120
[  890.046337]  kernfs_new_node+0x13c/0x1e0
[  890.046353]  __kernfs_create_file+0x55/0x360
[  890.046372]  sysfs_add_file_mode_ns+0x21c/0x430
[  890.046384]  ? __pfx_dev_attr_store+0x10/0x10
[  890.046406]  internal_create_group+0x662/0xeb0
[  890.046423]  ? __pfx_internal_create_group+0x10/0x10
[  890.046436]  ? blk_validate_limits+0xc27/0x15c0
[  890.046456]  ? lock_is_held_type+0x9e/0x120
[  890.046475]  loop_configure+0xc46/0x15a0
[  890.046507]  ? __pfx_loop_configure+0x10/0x10
[  890.046532]  ? avc_has_extended_perms+0x107/0xf20
[  890.046551]  ? find_held_lock+0x2b/0x80
[  890.046561]  ? avc_has_extended_perms+0x23b/0xf20
[  890.046578]  ? lock_release+0xc8/0x270
[  890.046595]  lo_ioctl+0x66d/0x1ca0
[  890.046615]  ? __pfx_lo_ioctl+0x10/0x10
[  890.046631]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  890.046652]  ? lock_acquire+0x15e/0x2d0
[  890.046666]  ? __virt_addr_valid+0x1c6/0x5d0
[  890.046680]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  890.046699]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  890.046714]  ? lock_release+0xc8/0x270
[  890.046731]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  890.046765]  ? check_irq_usage+0x210/0xb40
[  890.046779]  ? __fget_files+0x34/0x3b0
[  890.046795]  ? find_held_lock+0x2b/0x80
[  890.046805]  ? __fget_files+0x203/0x3b0
[  890.046821]  ? __pfx_lo_ioctl+0x10/0x10
[  890.046838]  blkdev_ioctl+0x365/0x6d0
[  890.046857]  ? __pfx_blkdev_ioctl+0x10/0x10
[  890.046875]  ? selinux_file_ioctl+0xb9/0x280
[  890.046890]  ? __pfx_blkdev_ioctl+0x10/0x10
[  890.046908]  __x64_sys_ioctl+0x18f/0x210
[  890.046923]  do_syscall_64+0xbf/0x420
[  890.046936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  890.046948] RIP: 0033:0x7f72082458d7
[  890.046958] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  890.046969] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  890.046981] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72082458d7
[  890.046994] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  890.047001] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  890.047008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  890.047015] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  890.047030]  </TASK>
[  890.057987] loop6: detected capacity change from 0 to 512
[  890.068312] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  890.105738] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  890.113712] loop5: detected capacity change from 0 to 512
[  890.124242] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  890.125056] EXT4-fs (loop5): group descriptors corrupted!
[  890.128910] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:48:27 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x21030000}}}, 0x414d02)

03:48:27 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x4)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:48:27 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f01", 0x35, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:48:27 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 31)

03:48:27 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x6}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  890.226834] loop3: detected capacity change from 0 to 512
[  890.242895] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:48:27 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x4}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:27 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff", 0x38, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:48:27 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 48)

03:48:27 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x4}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  890.337233] loop5: detected capacity change from 0 to 512
[  890.357809] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  890.359321] EXT4-fs (loop5): group descriptors corrupted!
[  890.368896] loop6: detected capacity change from 0 to 512
[  890.370759] FAULT_INJECTION: forcing a failure.
[  890.370759] name failslab, interval 1, probability 0, space 0, times 0
[  890.371696] CPU: 0 UID: 0 PID: 8092 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  890.371712] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  890.371723] Call Trace:
[  890.371728]  <TASK>
[  890.371733]  dump_stack_lvl+0xfa/0x120
[  890.371758]  should_fail_ex+0x4d7/0x5e0
[  890.371775]  ? skb_clone+0x191/0x400
[  890.371789]  should_failslab+0xc2/0x120
[  890.371806]  kmem_cache_alloc_noprof+0x80/0x710
[  890.371819]  ? netlink_broadcast_filtered+0xe6/0xe90
[  890.371838]  ? skb_clone+0x191/0x400
[  890.371850]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  890.371866]  skb_clone+0x191/0x400
[  890.371882]  netlink_broadcast_filtered+0xab1/0xe90
[  890.371903]  ? __pfx_netlink_broadcast_filtered+0x10/0x10
[  890.371923]  netlink_broadcast+0x39/0x50
[  890.371937]  kobject_uevent_env+0xa58/0xf90
[  890.371955]  ? lock_is_held_type+0x9e/0x120
[  890.371975]  loop_configure+0xe31/0x15a0
[  890.372006]  ? __pfx_loop_configure+0x10/0x10
[  890.372033]  ? avc_has_extended_perms+0x107/0xf20
[  890.372051]  ? find_held_lock+0x2b/0x80
[  890.372062]  ? avc_has_extended_perms+0x23b/0xf20
[  890.372079]  ? lock_release+0xc8/0x270
[  890.372095]  lo_ioctl+0x66d/0x1ca0
[  890.372115]  ? __pfx_lo_ioctl+0x10/0x10
[  890.372132]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  890.372153]  ? lock_acquire+0x15e/0x2d0
[  890.372167]  ? __virt_addr_valid+0x1c6/0x5d0
[  890.372182]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  890.372200]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  890.372216]  ? lock_release+0xc8/0x270
[  890.372233]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  890.372267]  ? check_irq_usage+0x210/0xb40
[  890.372281]  ? __fget_files+0x34/0x3b0
[  890.372297]  ? find_held_lock+0x2b/0x80
[  890.372308]  ? __fget_files+0x203/0x3b0
[  890.372324]  ? __pfx_lo_ioctl+0x10/0x10
[  890.372341]  blkdev_ioctl+0x365/0x6d0
[  890.372360]  ? __pfx_blkdev_ioctl+0x10/0x10
[  890.372378]  ? selinux_file_ioctl+0xb9/0x280
[  890.372394]  ? __pfx_blkdev_ioctl+0x10/0x10
[  890.372412]  __x64_sys_ioctl+0x18f/0x210
[  890.372426]  do_syscall_64+0xbf/0x420
[  890.372439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  890.372451] RIP: 0033:0x7f6a11ca68d7
[  890.372461] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  890.372473] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  890.372484] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11ca68d7
[  890.372493] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[  890.372500] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[  890.372506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[  890.372513] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  890.372529]  </TASK>
[  890.464099] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  890.468254] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:48:35 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x5}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:35 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 49)

03:48:35 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x5}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:35 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(&(0x7f0000000080)={0x3, 0x80, 0x5, 0x81, 0x92, 0x4, 0x0, 0x7ff, 0x90440, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000040), 0x14}, 0x4000, 0x1f, 0x0, 0x2, 0x3f, 0x1, 0x7, 0x0, 0xf8, 0x0, 0x2}, r1, 0x9, 0xffffffffffffffff, 0xc)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:48:35 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x7}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:35 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x24000000}}}, 0x414d02)

03:48:35 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 32)

03:48:35 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff", 0x38, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:48:35 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x2f000000}}}, 0x414d02)

[  898.766424] FAULT_INJECTION: forcing a failure.
[  898.766424] name failslab, interval 1, probability 0, space 0, times 0
[  898.768584] CPU: 0 UID: 0 PID: 8116 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  898.768618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  898.768633] Call Trace:
[  898.768642]  <TASK>
[  898.768652]  dump_stack_lvl+0xfa/0x120
[  898.768718]  should_fail_ex+0x4d7/0x5e0
[  898.768754]  ? __kernfs_new_node+0xd3/0x930
[  898.768780]  should_failslab+0xc2/0x120
[  898.768817]  kmem_cache_alloc_noprof+0x80/0x710
[  898.768857]  ? __kernfs_new_node+0xd3/0x930
[  898.768882]  __kernfs_new_node+0xd3/0x930
[  898.768915]  ? __pfx___kernfs_new_node+0x10/0x10
[  898.768948]  ? lock_acquire+0x15e/0x2d0
[  898.768982]  ? kernfs_root+0x23/0x2a0
[  898.769016]  ? find_held_lock+0x2b/0x80
[  898.769041]  ? kernfs_root+0xee/0x2a0
[  898.769067]  ? lock_release+0xc8/0x270
[  898.769097]  ? lock_is_held_type+0x9e/0x120
[  898.769145]  kernfs_new_node+0x13c/0x1e0
[  898.769187]  __kernfs_create_file+0x55/0x360
[  898.769230]  sysfs_add_file_mode_ns+0x21c/0x430
[  898.769260]  ? __pfx_dev_attr_store+0x10/0x10
[  898.769306]  internal_create_group+0x662/0xeb0
[  898.769348]  ? __pfx_internal_create_group+0x10/0x10
[  898.769376]  ? blk_validate_limits+0xc27/0x15c0
[  898.769421]  ? lock_is_held_type+0x9e/0x120
[  898.769465]  loop_configure+0xc46/0x15a0
[  898.769539]  ? __pfx_loop_configure+0x10/0x10
[  898.769601]  ? avc_has_extended_perms+0x107/0xf20
[  898.769640]  ? find_held_lock+0x2b/0x80
[  898.769665]  ? avc_has_extended_perms+0x23b/0xf20
[  898.769702]  ? lock_release+0xc8/0x270
[  898.769740]  lo_ioctl+0x66d/0x1ca0
[  898.769787]  ? __pfx_lo_ioctl+0x10/0x10
[  898.769825]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  898.769873]  ? lock_acquire+0x15e/0x2d0
[  898.769905]  ? __virt_addr_valid+0x1c6/0x5d0
[  898.769937]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  898.769976]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  898.770012]  ? lock_release+0xc8/0x270
[  898.770051]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  898.770134]  ? check_irq_usage+0x210/0xb40
[  898.770165]  ? __fget_files+0x34/0x3b0
[  898.770199]  ? find_held_lock+0x2b/0x80
[  898.770223]  ? __fget_files+0x203/0x3b0
[  898.770259]  ? __pfx_lo_ioctl+0x10/0x10
[  898.770297]  blkdev_ioctl+0x365/0x6d0
[  898.770338]  ? __pfx_blkdev_ioctl+0x10/0x10
[  898.770378]  ? selinux_file_ioctl+0xb9/0x280
[  898.770411]  ? __pfx_blkdev_ioctl+0x10/0x10
[  898.770454]  __x64_sys_ioctl+0x18f/0x210
[  898.770487]  do_syscall_64+0xbf/0x420
[  898.770516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  898.770542] RIP: 0033:0x7f72082458d7
[  898.770562] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  898.770587] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  898.770612] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72082458d7
[  898.770630] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  898.770645] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  898.770661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  898.770676] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  898.770714]  </TASK>
[  898.773192] loop3: detected capacity change from 0 to 512
[  898.786458] loop5: detected capacity change from 0 to 512
[  898.802852] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  898.805362] loop6: detected capacity change from 0 to 512
[  898.832567] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  898.833446] EXT4-fs (loop5): group descriptors corrupted!
03:48:35 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x6}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:35 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x64000000}}}, 0x414d02)

[  898.875352] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  898.903870] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:48:45 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 50)

03:48:45 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 33)

03:48:45 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x70000000}}}, 0x414d02)

03:48:45 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x6}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:45 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x8}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:45 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x7}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000020000000b00000000000000"], 0x414d02)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x2e4040, 0x0)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r2, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r2, 0xffffffffffffffff, 0x0)
close_range(r2, r1, 0x2)

03:48:45 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff", 0x38, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

[  908.049059] loop3: detected capacity change from 0 to 512
[  908.068480] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  908.075384] loop6: detected capacity change from 0 to 512
[  908.076657] FAULT_INJECTION: forcing a failure.
[  908.076657] name failslab, interval 1, probability 0, space 0, times 0
[  908.078440] CPU: 1 UID: 0 PID: 8163 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  908.078470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  908.078483] Call Trace:
[  908.078491]  <TASK>
[  908.078500]  dump_stack_lvl+0xfa/0x120
[  908.078543]  should_fail_ex+0x4d7/0x5e0
[  908.078575]  ? __kernfs_new_node+0xd3/0x930
[  908.078598]  should_failslab+0xc2/0x120
[  908.078631]  kmem_cache_alloc_noprof+0x80/0x710
[  908.078664]  ? __kernfs_new_node+0xd3/0x930
[  908.078686]  __kernfs_new_node+0xd3/0x930
[  908.078714]  ? __pfx___kernfs_new_node+0x10/0x10
[  908.078743]  ? lock_acquire+0x15e/0x2d0
[  908.078773]  ? kernfs_root+0x23/0x2a0
[  908.078795]  ? find_held_lock+0x2b/0x80
[  908.078817]  ? kernfs_root+0xee/0x2a0
[  908.078840]  ? lock_release+0xc8/0x270
[  908.078866]  ? lock_is_held_type+0x9e/0x120
[  908.078908]  kernfs_new_node+0x13c/0x1e0
[  908.078940]  __kernfs_create_file+0x55/0x360
[  908.078977]  sysfs_add_file_mode_ns+0x21c/0x430
[  908.079010]  ? __pfx_dev_attr_store+0x10/0x10
[  908.079050]  internal_create_group+0x662/0xeb0
[  908.079085]  ? __pfx_internal_create_group+0x10/0x10
[  908.079110]  ? blk_validate_limits+0xc27/0x15c0
[  908.079149]  ? lock_is_held_type+0x9e/0x120
[  908.079187]  loop_configure+0xc46/0x15a0
[  908.079246]  ? __pfx_loop_configure+0x10/0x10
[  908.079301]  ? avc_has_extended_perms+0x107/0xf20
[  908.079336]  ? find_held_lock+0x2b/0x80
[  908.079357]  ? avc_has_extended_perms+0x23b/0xf20
[  908.079390]  ? lock_release+0xc8/0x270
[  908.079423]  lo_ioctl+0x66d/0x1ca0
[  908.079462]  ? __pfx_lo_ioctl+0x10/0x10
[  908.079495]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  908.079536]  ? lock_acquire+0x15e/0x2d0
[  908.079565]  ? __virt_addr_valid+0x1c6/0x5d0
[  908.079592]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  908.079627]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  908.079658]  ? lock_release+0xc8/0x270
[  908.079691]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  908.079758]  ? check_irq_usage+0x210/0xb40
[  908.079785]  ? __fget_files+0x34/0x3b0
[  908.079815]  ? find_held_lock+0x2b/0x80
[  908.079837]  ? __fget_files+0x203/0x3b0
[  908.079868]  ? __pfx_lo_ioctl+0x10/0x10
[  908.079902]  blkdev_ioctl+0x365/0x6d0
[  908.079938]  ? __pfx_blkdev_ioctl+0x10/0x10
[  908.079973]  ? selinux_file_ioctl+0xb9/0x280
[  908.080002]  ? __pfx_blkdev_ioctl+0x10/0x10
[  908.080039]  __x64_sys_ioctl+0x18f/0x210
[  908.080067]  do_syscall_64+0xbf/0x420
[  908.080092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  908.080115] RIP: 0033:0x7f72082458d7
[  908.080133] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  908.080156] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  908.080178] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72082458d7
[  908.080193] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  908.080207] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  908.080221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  908.080234] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  908.080264]  </TASK>
03:48:45 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x9}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  908.175335] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:48:45 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x7}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  908.198979] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  908.199879] loop5: detected capacity change from 0 to 512
03:48:45 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:48:45 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x80040000}}}, 0x414d02)

[  908.244623] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  908.245828] EXT4-fs (loop5): group descriptors corrupted!
[  908.268899] loop3: detected capacity change from 0 to 512
[  908.275080] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:48:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
pwritev2(r0, &(0x7f0000000180)=[{&(0x7f0000000040)="dbc91486a1a9ddc7cb7cd05f285c5bbb6466196e5f735fb7967a64f6ad687ae5b60f1f214aa6632dc9d9046296beb67c37bbb80038978eb46691dc724ee27cb48972fc89509ee9db96ca322df50133f486cb1b4aa9ce0b9fca6d14c04f56c2e3d9121b11e6a64e4e7bd50f86743c71e2034e63c93393fe5663af85c1c231e8c1a7063bd4e15f0a24ec4b26ddfec9502545b280c407", 0x95}, {&(0x7f0000000100)="4bc86df748910d29efdcf4f4b4763114e0ff2190d63ffdaa39d5f5ecc49995a9666cfde4cdaf55422afd4d60a1c406fb525895a446374517818aad76c410de158775332e", 0x44}], 0x2, 0x400, 0x1, 0x18)
close_range(r0, 0xffffffffffffffff, 0x0)

03:48:45 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x8}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:45 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 51)

03:48:45 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:48:45 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 34)

[  908.414797] loop6: detected capacity change from 0 to 512
[  908.425494] FAULT_INJECTION: forcing a failure.
[  908.425494] name failslab, interval 1, probability 0, space 0, times 0
[  908.427321] CPU: 1 UID: 0 PID: 8193 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  908.427350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  908.427363] Call Trace:
[  908.427370]  <TASK>
[  908.427378]  dump_stack_lvl+0xfa/0x120
[  908.427421]  should_fail_ex+0x4d7/0x5e0
[  908.427450]  ? skb_clone+0x191/0x400
[  908.427475]  should_failslab+0xc2/0x120
[  908.427506]  kmem_cache_alloc_noprof+0x80/0x710
[  908.427529]  ? netlink_broadcast_filtered+0xe6/0xe90
[  908.427563]  ? skb_clone+0x191/0x400
[  908.427586]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  908.427616]  skb_clone+0x191/0x400
[  908.427643]  netlink_broadcast_filtered+0xab1/0xe90
[  908.427682]  ? __pfx_netlink_broadcast_filtered+0x10/0x10
[  908.427719]  netlink_broadcast+0x39/0x50
[  908.427746]  kobject_uevent_env+0xa58/0xf90
[  908.427779]  ? lock_is_held_type+0x9e/0x120
[  908.427815]  loop_configure+0xe31/0x15a0
[  908.427872]  ? __pfx_loop_configure+0x10/0x10
[  908.427928]  ? avc_has_extended_perms+0x107/0xf20
[  908.427961]  ? find_held_lock+0x2b/0x80
[  908.427982]  ? avc_has_extended_perms+0x23b/0xf20
[  908.428013]  ? lock_release+0xc8/0x270
[  908.428043]  lo_ioctl+0x66d/0x1ca0
[  908.428081]  ? __pfx_lo_ioctl+0x10/0x10
[  908.428112]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  908.428150]  ? lock_acquire+0x15e/0x2d0
[  908.428176]  ? __virt_addr_valid+0x1c6/0x5d0
[  908.428202]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  908.428234]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  908.428264]  ? lock_release+0xc8/0x270
[  908.428295]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  908.428358]  ? check_irq_usage+0x210/0xb40
[  908.428384]  ? __fget_files+0x34/0x3b0
[  908.428412]  ? find_held_lock+0x2b/0x80
[  908.428432]  ? __fget_files+0x203/0x3b0
[  908.428461]  ? __pfx_lo_ioctl+0x10/0x10
[  908.428493]  blkdev_ioctl+0x365/0x6d0
[  908.428527]  ? __pfx_blkdev_ioctl+0x10/0x10
[  908.428560]  ? selinux_file_ioctl+0xb9/0x280
[  908.428587]  ? __pfx_blkdev_ioctl+0x10/0x10
[  908.428622]  __x64_sys_ioctl+0x18f/0x210
[  908.428648]  do_syscall_64+0xbf/0x420
[  908.428672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  908.428694] RIP: 0033:0x7f6a11ca68d7
[  908.428711] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  908.428749] RSP: 002b:00007f6a0f21bf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  908.428770] RAX: ffffffffffffffda RBX: 00007f6a11cf0970 RCX: 00007f6a11ca68d7
[  908.428785] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[  908.428797] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[  908.428811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[  908.428823] R13: 0000000000000005 R14: 0000000020000248 R15: 0000000000000003
[  908.428852]  </TASK>
[  908.477588] FAULT_INJECTION: forcing a failure.
[  908.477588] name failslab, interval 1, probability 0, space 0, times 0
[  908.478598] CPU: 0 UID: 0 PID: 8196 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  908.478614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  908.478623] Call Trace:
[  908.478628]  <TASK>
[  908.478632]  dump_stack_lvl+0xfa/0x120
[  908.478662]  should_fail_ex+0x4d7/0x5e0
[  908.478681]  ? __kernfs_new_node+0xd3/0x930
[  908.478695]  should_failslab+0xc2/0x120
[  908.478715]  kmem_cache_alloc_noprof+0x80/0x710
[  908.478733]  ? __kernfs_new_node+0xd3/0x930
[  908.478745]  __kernfs_new_node+0xd3/0x930
[  908.478760]  ? __pfx___kernfs_new_node+0x10/0x10
[  908.478774]  ? lock_acquire+0x15e/0x2d0
[  908.478792]  ? kernfs_root+0x23/0x2a0
[  908.478804]  ? find_held_lock+0x2b/0x80
[  908.478816]  ? kernfs_root+0xee/0x2a0
[  908.478828]  ? lock_release+0xc8/0x270
[  908.478841]  ? lock_is_held_type+0x9e/0x120
[  908.478864]  kernfs_new_node+0x13c/0x1e0
[  908.478880]  __kernfs_create_file+0x55/0x360
[  908.478900]  sysfs_add_file_mode_ns+0x21c/0x430
[  908.478913]  ? __pfx_dev_attr_store+0x10/0x10
[  908.478936]  internal_create_group+0x662/0xeb0
[  908.478955]  ? __pfx_internal_create_group+0x10/0x10
[  908.478968]  ? blk_validate_limits+0xc27/0x15c0
[  908.478995]  ? lock_is_held_type+0x9e/0x120
[  908.479015]  loop_configure+0xc46/0x15a0
[  908.479048]  ? __pfx_loop_configure+0x10/0x10
[  908.479074]  ? avc_has_extended_perms+0x107/0xf20
[  908.479093]  ? find_held_lock+0x2b/0x80
[  908.479104]  ? avc_has_extended_perms+0x23b/0xf20
[  908.479121]  ? lock_release+0xc8/0x270
[  908.479137]  lo_ioctl+0x66d/0x1ca0
[  908.479157]  ? __pfx_lo_ioctl+0x10/0x10
[  908.479174]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  908.479195]  ? lock_acquire+0x15e/0x2d0
[  908.479209]  ? __virt_addr_valid+0x1c6/0x5d0
[  908.479224]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  908.479245]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  908.479261]  ? lock_release+0xc8/0x270
[  908.479278]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  908.479314]  ? check_irq_usage+0x210/0xb40
[  908.479328]  ? __fget_files+0x34/0x3b0
[  908.479346]  ? find_held_lock+0x2b/0x80
[  908.479356]  ? __fget_files+0x203/0x3b0
[  908.479372]  ? __pfx_lo_ioctl+0x10/0x10
[  908.479389]  blkdev_ioctl+0x365/0x6d0
[  908.479411]  ? __pfx_blkdev_ioctl+0x10/0x10
[  908.479429]  ? selinux_file_ioctl+0xb9/0x280
[  908.479447]  ? __pfx_blkdev_ioctl+0x10/0x10
[  908.479466]  __x64_sys_ioctl+0x18f/0x210
[  908.479481]  do_syscall_64+0xbf/0x420
[  908.479494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  908.479507] RIP: 0033:0x7f72082458d7
[  908.479517] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  908.479529] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  908.479541] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72082458d7
[  908.479549] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  908.479556] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  908.479563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  908.479571] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  908.479586]  </TASK>
[  908.504853] loop5: detected capacity change from 0 to 512
[  908.512312] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  908.513107] EXT4-fs (loop5): group descriptors corrupted!
[  908.557700] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  908.567453] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:48:55 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x8}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:55 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xd}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:55 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 52)

03:48:55 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x9}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:48:55 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000480), 0x2, 0x0)
r3 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000020000100b00"/24], 0x414d02)
close_range(r3, 0xffffffffffffffff, 0x0)
r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r4, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r5, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = openat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)={0x80000, 0x3c, 0x15}, 0x18)
r7 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r7, &(0x7f0000000400)=@FILEID_NILFS_WITHOUT_PARENT={0x20, 0x61, {0x0, 0x40, 0x200002, 0x1, 0x6}}, 0x414d02)
close_range(r7, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000b40)={<r8=>0xffffffffffffffff}, 0x4000)
io_submit(0x0, 0xa, &(0x7f0000000bc0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x8000, 0xffffffffffffffff, &(0x7f0000000080)="d56051ab453ec9f084b27cfd897be8b0b8fcd71d", 0x14, 0x0, 0x0, 0x1}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x3, 0x1000, r0, &(0x7f0000000100)="dee776ca2948fc37364ade9e6614207b39e1d31c42bdf9d3b8c5abf1d57e11acf6bdcb66ed3be6857cdfa4f0bf9b3ff89833fcc36b3b2732e579ef1dea090ec08981438b26d296be8ff03db3562b0fa6d8c566950a68e3b5a9eb430e7bc9af6a8c843dab052e6ef22a50d4f489e88eb8cd4aa8f73ae6e83c9145cb1e9d6f2d5febd3268961ced62710384b35a46677d07eaee0863ae1ab74d05c14a32e7e068279317992525d606f9ffa072f14a18b6b237b228f337f43ccc8e2a06e87891f0ed96e6509cb4a05528236f5bc34258399301fd2365167e929562a2700ff182bf2961116573d5c89700182", 0xea, 0x9, 0x0, 0x2, r1}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x2, 0x81, r0, &(0x7f0000000240)="70ba3e0fd326e5ac6250a4a952fe1eaa9bdf2f8e3c96277408f3d91052550247eab05853891d6a73a23d7d183b7e7402d1d40b82df401fc49a2f6eca8d06c59fd9f3b67645bf1a5961dad99a0cbff5f57dba9914bc58ed42f6d0bad1ea5cc944857913f8791de832bc56f38467f3df4c3e3e8e0cd9dffc8def7865272a29c25b7986c9d1efda871388a8d43fb597e9b1403d76f6719363d18868c4108bd5435e05a40907b890fd9635658cbea1c4bd08f8680849d2e575a940192883657482dc78a47db59c4ee3cb8ffff8fa059b4aacf9cd5ea1ff4a01d5ce7ae5eba0db90131ed893ac096a58830b4b9b1446dd46390755", 0xf2, 0x4, 0x0, 0x3}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x5, 0x12b9, r2, &(0x7f00000004c0)="8ac84e2c20977c3dbc56f4212570ed6a5801ab26a915827484355d9e6df75c47cf4fb4fbb07ec06a81a08dbb528fabb8780020df712e5e8eb5567a51c1fabb7caca7686d763b42457ae6b4036daf9cfae3430332d7e4713a527815062f7269688212333783e4fac954f8c27046a278e68895e0a68f8a05a40b01da76197a73acd28b5584aeeb8ae1b40de7feefc1863a8148895376d54211ff83b8ceb13b86e54721d4a2e2c74bca06166b240adbc84b2e9f6b121b2ba7ade4dbe1f575a62a8f89191ee1138d4f5126ff67cbc8230653ca28e768b15c8277fa1aa8", 0xdb, 0x80, 0x0, 0x1, r3}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x8, 0x1, r0, &(0x7f0000000600)="1c1f06773ad978b7d0853876126588c6793c706b71f6c2ad76846602ddedc8c3e17081d60350211d63840410872e4fd6fe9a0825b34f23defdf326b5c96ca93ec35a397734bf6d5859ad93b8c10e306171b1dadddb64616653a64995348d6e14c2dd816e36775504846529c1b1ded2d555d187468df86133bc8e119bde4881b921382dbb9f6c23ccf0c1e0143db8698b2ad01fdea97c3e8ce7e8250b4edc99c695c718409c197fa27a6ec09069", 0xad, 0xea8, 0x0, 0x2, r4}, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x3, 0x8000, r5, &(0x7f0000000700)="860a7c01298f8091f45e4c5058c6994e261e7380c7363ef88ce27797056b31c271b0bdf0747bc4b280f15f3510fcf43432145e1257db0d5a84c1ecbbc657ec90c06dc14a3b3d57ddf412a53156a810bb19a56d515c93564bd2c1232863a67c08734bdfa5463cc0aec9befb5ddda8a2a7cb7f69513c0cd49c815c6d06", 0x7c, 0x3ff, 0x0, 0x2, r6}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x4, r0, &(0x7f0000000840)="0d3288eb1b09cef818676f8c95e3aa21883f5c33e7d225285ff5928616ed71324cf9b45827f293f42d77b751", 0x2c, 0x10001, 0x0, 0x3}, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x1, 0x400, r1, &(0x7f00000008c0)="34e9059b7a06b18797596c10db821df7e797d6d950b7631689b1c0390a30d97f95318a9d37b85acb6b0cc97c5c870f2f9b821960d52ee0c5df291f8e2f98ab71a38d2e6bedd568e4fd26a50ef8ba5c43fb4e888fbde1b72d2af25261b63a260c237e4da1d482f66e1a156cd1d50d94e032d3d02db4f3026e4ef14b017b0bec7718456b15d384e3e6c75fc82e13065d408dadd78acdfff005beb37ffce7f235496e32feeb6445055d29020e5ce54d67af54fb55c0c8e9b34ee6db8426fc487dbf2c7bc818686effb80da2a35de6ed8f017db4ec0962b13746f2e6a6ecf8ae0e", 0xdf, 0x48f, 0x0, 0x2, r1}, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x5, 0x743d, 0xffffffffffffffff, &(0x7f0000000a00)="9d76c3fb8cec720d17f4fb80d0bb92b2009d2bc5c23fb34c199f25c83a49c327a7496ae793d3f95db19eb02d7677ac2687a75f2e503d01b05fe1af9c1910e285dbd315c09756cce82ed708aece79eff2f2b4215f2567c0c892021a7d030e8d8f494d5aabd5da931f49d13810c8e2d2e64aaa7e0a0bf16fcd687fce64172c39fce88963cfd2140eb94d99013b7696862bdc98a7657efe6638", 0x98, 0xfffffffffffffff9, 0x0, 0x1, r7}, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x8, 0xfff, r0, &(0x7f0000000b00)="e6019f7ab91d7c4f56abc5d579f24895a6e2a3f3fb500a938cdfc836503532de3a34b978afd46d05655177", 0x2b, 0xffffffffffffffff, 0x0, 0x1, r8}])

03:48:55 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:48:55 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x9f0a0000}}}, 0x414d02)

03:48:55 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 35)

[  917.913927] loop5: detected capacity change from 0 to 512
[  917.923732] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  917.924712] EXT4-fs (loop5): group descriptors corrupted!
03:48:55 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xa1ffffff}}}, 0x414d02)

[  917.964283] loop3: detected capacity change from 0 to 512
[  917.968546] loop6: detected capacity change from 0 to 512
[  917.975622] FAULT_INJECTION: forcing a failure.
[  917.975622] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  917.977757] CPU: 0 UID: 0 PID: 8218 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  917.977789] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  917.977802] Call Trace:
[  917.977810]  <TASK>
[  917.977818]  dump_stack_lvl+0xfa/0x120
[  917.977863]  should_fail_ex+0x4d7/0x5e0
[  917.977895]  strncpy_from_user+0x3b/0x2f0
[  917.977937]  getname_flags.part.0+0x8d/0x540
[  917.977964]  __x64_sys_mkdir+0xdb/0x140
[  917.978006]  do_syscall_64+0xbf/0x420
[  917.978033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  917.978059] RIP: 0033:0x7f6a11ca5c27
[  917.978076] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  917.978098] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  917.978120] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca5c27
[  917.978136] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100
[  917.978150] RBP: 00007f6a0f21c040 R08: 0000000000000000 R09: ffffffffffffffff
[  917.978164] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[  917.978177] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[  917.978211]  </TASK>
[  917.983051] Process accounting paused
[  917.987241] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:48:55 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 36)

[  918.043032] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  918.072167] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:48:55 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3ff, 0x80000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x20001, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r2, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r2, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'})
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000"/24], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:48:55 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

[  918.119674] FAULT_INJECTION: forcing a failure.
[  918.119674] name failslab, interval 1, probability 0, space 0, times 0
[  918.121722] CPU: 0 UID: 0 PID: 8234 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  918.121753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  918.121767] Call Trace:
[  918.121774]  <TASK>
[  918.121782]  dump_stack_lvl+0xfa/0x120
[  918.121826]  should_fail_ex+0x4d7/0x5e0
[  918.121856]  ? __kernfs_new_node+0xd3/0x930
[  918.121880]  should_failslab+0xc2/0x120
[  918.121912]  kmem_cache_alloc_noprof+0x80/0x710
[  918.121945]  ? __kernfs_new_node+0xd3/0x930
[  918.121968]  __kernfs_new_node+0xd3/0x930
[  918.122003]  ? __pfx___kernfs_new_node+0x10/0x10
[  918.122032]  ? lock_acquire+0x15e/0x2d0
[  918.122062]  ? kernfs_root+0x23/0x2a0
[  918.122084]  ? find_held_lock+0x2b/0x80
[  918.122106]  ? kernfs_root+0xee/0x2a0
[  918.122129]  ? lock_release+0xc8/0x270
[  918.122155]  ? lock_is_held_type+0x9e/0x120
[  918.122197]  kernfs_new_node+0x13c/0x1e0
[  918.122230]  __kernfs_create_file+0x55/0x360
[  918.122266]  sysfs_add_file_mode_ns+0x21c/0x430
[  918.122292]  ? __pfx_dev_attr_store+0x10/0x10
[  918.122332]  internal_create_group+0x662/0xeb0
[  918.122366]  ? __pfx_internal_create_group+0x10/0x10
[  918.122391]  ? blk_validate_limits+0xc27/0x15c0
[  918.122430]  ? lock_is_held_type+0x9e/0x120
[  918.122468]  loop_configure+0xc46/0x15a0
[  918.122528]  ? __pfx_loop_configure+0x10/0x10
[  918.122580]  ? avc_has_extended_perms+0x107/0xf20
[  918.122615]  ? find_held_lock+0x2b/0x80
[  918.122637]  ? avc_has_extended_perms+0x23b/0xf20
[  918.122672]  ? lock_release+0xc8/0x270
[  918.122704]  lo_ioctl+0x66d/0x1ca0
[  918.122744]  ? __pfx_lo_ioctl+0x10/0x10
[  918.122778]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  918.122819]  ? lock_acquire+0x15e/0x2d0
[  918.122847]  ? __virt_addr_valid+0x1c6/0x5d0
[  918.122874]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  918.122909]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  918.122940]  ? lock_release+0xc8/0x270
[  918.122974]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  918.123041]  ? check_irq_usage+0x210/0xb40
[  918.123068]  ? __fget_files+0x34/0x3b0
[  918.123098]  ? find_held_lock+0x2b/0x80
[  918.123120]  ? __fget_files+0x203/0x3b0
[  918.123150]  ? __pfx_lo_ioctl+0x10/0x10
[  918.123184]  blkdev_ioctl+0x365/0x6d0
[  918.123220]  ? __pfx_blkdev_ioctl+0x10/0x10
[  918.123255]  ? selinux_file_ioctl+0xb9/0x280
[  918.123284]  ? __pfx_blkdev_ioctl+0x10/0x10
[  918.123321]  __x64_sys_ioctl+0x18f/0x210
[  918.123348]  do_syscall_64+0xbf/0x420
[  918.123373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  918.123396] RIP: 0033:0x7f72082458d7
[  918.123414] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  918.123436] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  918.123458] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72082458d7
[  918.123474] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  918.123488] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  918.123501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  918.123515] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  918.123546]  </TASK>
[  918.132647] loop3: detected capacity change from 0 to 512
[  918.158476] loop5: detected capacity change from 0 to 512
03:48:55 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 53)

03:48:55 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xfbffffff}}}, 0x414d02)

03:48:55 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x9}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  918.181506] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  918.183228] EXT4-fs (loop5): group descriptors corrupted!
03:48:55 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xd}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  918.219463] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:48:55 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 37)

[  918.274281] loop6: detected capacity change from 0 to 512
[  918.309491] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  918.321266] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  918.360206] loop5: detected capacity change from 0 to 512
[  918.375116] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  918.375886] EXT4-fs (loop5): group descriptors corrupted!
03:49:05 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 38)

03:49:05 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 54)

03:49:05 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:49:05 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x10}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:05 executing program 4:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x130)
getsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, &(0x7f0000000040))
r1 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000140)={0x0, <r2=>0x0})
perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0xfa, 0x5, 0x7f, 0x6, 0x0, 0x9, 0x8801, 0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x40, 0x0, @perf_bp={&(0x7f0000000080), 0x5}, 0x200, 0x9, 0x7, 0x6, 0x1, 0x5, 0x0, 0x0, 0x8000, 0x0, 0x7}, r2, 0x1, r1, 0x0)
r3 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r3, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r3, 0xffffffffffffffff, 0x0)

03:49:05 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xfeffffff}}}, 0x414d02)

03:49:05 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xd}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:05 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x10}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  928.121463] loop3: detected capacity change from 0 to 512
[  928.127621] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:49:05 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x11}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  928.167733] FAULT_INJECTION: forcing a failure.
[  928.167733] name failslab, interval 1, probability 0, space 0, times 0
[  928.169671] CPU: 1 UID: 0 PID: 8279 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  928.169703] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  928.169717] Call Trace:
[  928.169725]  <TASK>
[  928.169734]  dump_stack_lvl+0xfa/0x120
[  928.169780]  should_fail_ex+0x4d7/0x5e0
[  928.169812]  ? __kernfs_new_node+0xd3/0x930
[  928.169836]  should_failslab+0xc2/0x120
[  928.169871]  kmem_cache_alloc_noprof+0x80/0x710
[  928.169908]  ? __kernfs_new_node+0xd3/0x930
[  928.169932]  __kernfs_new_node+0xd3/0x930
[  928.169962]  ? __pfx___kernfs_new_node+0x10/0x10
[  928.170001]  ? lock_acquire+0x15e/0x2d0
[  928.170032]  ? kernfs_root+0x23/0x2a0
[  928.170055]  ? find_held_lock+0x2b/0x80
[  928.170079]  ? kernfs_root+0xee/0x2a0
[  928.170102]  ? lock_release+0xc8/0x270
[  928.170130]  ? lock_is_held_type+0x9e/0x120
[  928.170174]  kernfs_new_node+0x13c/0x1e0
[  928.170210]  __kernfs_create_file+0x55/0x360
[  928.170250]  sysfs_add_file_mode_ns+0x21c/0x430
[  928.170278]  ? __pfx_dev_attr_store+0x10/0x10
[  928.170320]  internal_create_group+0x662/0xeb0
[  928.170359]  ? __pfx_internal_create_group+0x10/0x10
[  928.170385]  ? blk_validate_limits+0xc27/0x15c0
[  928.170427]  ? lock_is_held_type+0x9e/0x120
[  928.170467]  loop_configure+0xc46/0x15a0
[  928.170536]  ? __pfx_loop_configure+0x10/0x10
[  928.170595]  ? avc_has_extended_perms+0x107/0xf20
[  928.170631]  ? find_held_lock+0x2b/0x80
[  928.170653]  ? avc_has_extended_perms+0x23b/0xf20
[  928.170688]  ? lock_release+0xc8/0x270
[  928.170723]  lo_ioctl+0x66d/0x1ca0
[  928.170766]  ? __pfx_lo_ioctl+0x10/0x10
[  928.170801]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  928.170846]  ? lock_acquire+0x15e/0x2d0
[  928.170875]  ? __virt_addr_valid+0x1c6/0x5d0
[  928.170904]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  928.170940]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  928.170973]  ? lock_release+0xc8/0x270
[  928.171009]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  928.171086]  ? insn_get_displacement+0x110/0x950
[  928.171110]  ? trace_hardirqs_off_finish+0xe3/0x110
[  928.171152]  ? __pfx_lo_ioctl+0x10/0x10
[  928.171188]  blkdev_ioctl+0x365/0x6d0
[  928.171225]  ? __pfx_blkdev_ioctl+0x10/0x10
[  928.171263]  ? selinux_file_ioctl+0xb9/0x280
[  928.171288]  ? __sanitizer_cov_trace_pc+0x4/0x80
[  928.171327]  ? __pfx_blkdev_ioctl+0x10/0x10
[  928.171366]  __x64_sys_ioctl+0x18f/0x210
[  928.171396]  do_syscall_64+0xbf/0x420
[  928.171422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.171446] RIP: 0033:0x7f72082458d7
[  928.171465] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  928.171488] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  928.171511] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72082458d7
[  928.171527] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  928.171541] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  928.171555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  928.171569] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  928.171607]  </TASK>
[  928.223645] loop6: detected capacity change from 0 to 512
[  928.228053] FAULT_INJECTION: forcing a failure.
[  928.228053] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  928.229915] CPU: 1 UID: 0 PID: 8277 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  928.229946] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  928.229959] Call Trace:
[  928.229967]  <TASK>
[  928.229976]  dump_stack_lvl+0xfa/0x120
[  928.230026]  should_fail_ex+0x4d7/0x5e0
[  928.230058]  strncpy_from_user+0x3b/0x2f0
[  928.230098]  getname_flags.part.0+0x8d/0x540
[  928.230125]  __x64_sys_mkdir+0xdb/0x140
[  928.230159]  do_syscall_64+0xbf/0x420
[  928.230185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.230209] RIP: 0033:0x7f6a11ca5c27
[  928.230227] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  928.230250] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  928.230272] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca5c27
[  928.230287] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100
[  928.230302] RBP: 00007f6a0f21c040 R08: 0000000000000000 R09: ffffffffffffffff
[  928.230316] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[  928.230330] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[  928.230364]  </TASK>
[  928.233115] loop5: detected capacity change from 0 to 512
03:49:05 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900))

03:49:05 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x11}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:05 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xffff8000}}}, 0x414d02)

[  928.289011] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  928.306689] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:49:05 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2, 0xfffffffffffffc1f, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4002, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x40500, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x4800, 0x0)
ioctl$CDROMPLAYMSF(r1, 0x5303, &(0x7f0000000040))
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x3, 0x9, 0xa8, 0x3, 0x0, 0x200, 0x3282, 0xd, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8001, 0x4, @perf_config_ext={0x8, 0x80}, 0x800, 0x6ed4, 0x1, 0x0, 0x26f63e74, 0x6, 0x0, 0x0, 0x4ff, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[  928.340036] loop3: detected capacity change from 0 to 512
[  928.340088] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  928.341814] EXT4-fs (loop5): group descriptors corrupted!
03:49:05 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x10}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  928.375082] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:49:05 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf4}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:05 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 55)

03:49:05 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 39)

03:49:05 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x250}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:05 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, 0x0)

03:49:05 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xfffff000}}}, 0x414d02)

03:49:05 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x300}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  928.560077] loop5: detected capacity change from 0 to 512
[  928.563405] loop6: detected capacity change from 0 to 512
[  928.564585] FAULT_INJECTION: forcing a failure.
[  928.564585] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  928.565656] CPU: 0 UID: 0 PID: 8314 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  928.565673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  928.565681] Call Trace:
[  928.565686]  <TASK>
[  928.565691]  dump_stack_lvl+0xfa/0x120
[  928.565718]  should_fail_ex+0x4d7/0x5e0
[  928.565737]  _copy_from_user+0x30/0xd0
[  928.565753]  memdup_user+0x7e/0xe0
[  928.565774]  strndup_user+0x78/0xe0
[  928.565792]  __x64_sys_mount+0x136/0x310
[  928.565812]  ? __pfx___x64_sys_mount+0x10/0x10
[  928.565834]  do_syscall_64+0xbf/0x420
[  928.565848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.565861] RIP: 0033:0x7f6a11ca804a
[  928.565871] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  928.565882] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  928.565894] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca804a
[  928.565903] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6a0f21c000
[  928.565910] RBP: 00007f6a0f21c040 R08: 00007f6a0f21c040 R09: 0000000020000000
[  928.565918] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[  928.565926] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[  928.565941]  </TASK>
[  928.577188] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  928.578733] EXT4-fs (loop5): group descriptors corrupted!
03:49:05 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x11}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:05 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1008}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = fork()
tkill(r1, 0x6)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r2, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r2, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x4, 0x20, 0x1f, 0x8, 0x0, 0xdf5, 0x8400, 0x6, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0xa0, 0x2, @perf_config_ext={0x5}, 0x1004, 0x0, 0x7, 0x9, 0x6, 0xffffffff, 0xd321, 0x0, 0x8000, 0x0, 0xa04}, r1, 0x4, r2, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[  928.588349] loop3: detected capacity change from 0 to 512
03:49:05 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 56)

03:49:05 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 40)

03:49:05 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, 0x0)

[  928.691816] loop6: detected capacity change from 0 to 512
[  928.775027] loop5: detected capacity change from 0 to 512
[  928.780494] loop3: detected capacity change from 0 to 512
[  928.784203] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  928.785739] EXT4-fs (loop5): group descriptors corrupted!
03:49:14 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xffffff7f}}}, 0x414d02)

03:49:14 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf4}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:14 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 57)

03:49:14 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 41)

03:49:14 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, 0x0)

03:49:14 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000040)={0x4, [0x0, 0x0, 0x0, 0x0]})
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r2, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r2, 0xffffffffffffffff, 0x0)
ioctl$TIOCSCTTY(r2, 0x540e, 0x1)
unlink(&(0x7f0000000080)='./file0\x00')

03:49:14 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x500}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:14 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf4}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  937.880907] loop5: detected capacity change from 0 to 512
[  937.896678] loop3: detected capacity change from 0 to 512
[  937.898355] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  937.899872] EXT4-fs (loop5): group descriptors corrupted!
[  937.911586] loop6: detected capacity change from 0 to 512
03:49:15 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x600}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  937.986277] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  938.020919] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:49:24 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x274}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:24 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xffffffa1}}}, 0x414d02)

03:49:24 executing program 4:
r0 = getpgrp(0xffffffffffffffff)
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x10000045, 0x100, 0xffff, 0x8, 0x80000001, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = fork()
syz_open_dev$vcsa(&(0x7f0000000100), 0xffff, 0x84200)
sched_setattr(r0, &(0x7f0000000080)={0x38, 0x2, 0x2c, 0x7, 0x2, 0x2, 0xf817, 0x0, 0x9, 0x8}, 0x0)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r3 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000020000000b0000ff0087ef000000000000000000"], 0x414d02)
r4 = getpgid(r1)
ptrace(0x8, r4)
close_range(r3, 0xffffffffffffffff, 0x0)
open_by_handle_at(r2, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r3], 0x414d02)
close_range(r2, 0xffffffffffffffff, 0x0)

03:49:24 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x700}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:24 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 42)

03:49:24 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 58)

03:49:24 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x210}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:24 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
pwritev2(r0, &(0x7f0000000180)=[{&(0x7f0000000040)="dbc91486a1a9ddc7cb7cd05f285c5bbb6466196e5f735fb7967a64f6ad687ae5b60f1f214aa6632dc9d9046296beb67c37bbb80038978eb46691dc724ee27cb48972fc89509ee9db96ca322df50133f486cb1b4aa9ce0b9fca6d14c04f56c2e3d9121b11e6a64e4e7bd50f86743c71e2034e63c93393fe5663af85c1c231e8c1a7063bd4e15f0a24ec4b26ddfec9502545b280c407", 0x95}, {&(0x7f0000000100)="4bc86df748910d29efdcf4f4b4763114e0ff2190d63ffdaa39d5f5ecc49995a9666cfde4cdaf55422afd4d60a1c406fb525895a446374517818aad76c410de158775332e", 0x44}], 0x2, 0x400, 0x1, 0x18)
close_range(r0, 0xffffffffffffffff, 0x0)

[  947.171762] loop5: detected capacity change from 0 to 512
[  947.176247] FAULT_INJECTION: forcing a failure.
[  947.176247] name failslab, interval 1, probability 0, space 0, times 0
[  947.177997] CPU: 0 UID: 0 PID: 8372 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  947.178026] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  947.178038] Call Trace:
[  947.178046]  <TASK>
[  947.178054]  dump_stack_lvl+0xfa/0x120
[  947.178096]  should_fail_ex+0x4d7/0x5e0
[  947.178125]  ? kobject_uevent_env+0x22e/0xf90
[  947.178152]  should_failslab+0xc2/0x120
[  947.178183]  __kmalloc_cache_noprof+0x80/0x730
[  947.178218]  ? ___ratelimit+0x3c0/0x910
[  947.178258]  ? kobject_uevent_env+0x22e/0xf90
[  947.178286]  kobject_uevent_env+0x22e/0xf90
[  947.178319]  ? lock_is_held_type+0x9e/0x120
[  947.178355]  loop_configure+0xe31/0x15a0
[  947.178411]  ? __pfx_loop_configure+0x10/0x10
[  947.178459]  ? avc_has_extended_perms+0x107/0xf20
[  947.178492]  ? find_held_lock+0x2b/0x80
[  947.178513]  ? avc_has_extended_perms+0x23b/0xf20
[  947.178544]  ? lock_release+0xc8/0x270
[  947.178575]  lo_ioctl+0x66d/0x1ca0
[  947.178612]  ? __pfx_lo_ioctl+0x10/0x10
[  947.178643]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  947.178681]  ? lock_acquire+0x15e/0x2d0
[  947.178707]  ? __virt_addr_valid+0x1c6/0x5d0
[  947.178733]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  947.178764]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  947.178794]  ? lock_release+0xc8/0x270
[  947.178824]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  947.178887]  ? check_irq_usage+0x210/0xb40
[  947.178912]  ? __fget_files+0x34/0x3b0
[  947.178939]  ? find_held_lock+0x2b/0x80
[  947.178959]  ? __fget_files+0x203/0x3b0
[  947.178988]  ? __pfx_lo_ioctl+0x10/0x10
[  947.179019]  blkdev_ioctl+0x365/0x6d0
[  947.179054]  ? __pfx_blkdev_ioctl+0x10/0x10
[  947.179087]  ? selinux_file_ioctl+0xb9/0x280
[  947.179114]  ? __pfx_blkdev_ioctl+0x10/0x10
[  947.179148]  __x64_sys_ioctl+0x18f/0x210
[  947.179174]  do_syscall_64+0xbf/0x420
[  947.179197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  947.179220] RIP: 0033:0x7f72082458d7
[  947.179236] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  947.179257] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  947.179278] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72082458d7
[  947.179293] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  947.179305] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  947.179318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  947.179331] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  947.179359]  </TASK>
[  947.226655] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  947.228284] EXT4-fs (loop5): group descriptors corrupted!
[  947.268617] loop6: detected capacity change from 0 to 512
[  947.278430] FAULT_INJECTION: forcing a failure.
[  947.278430] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  947.280307] CPU: 1 UID: 0 PID: 8377 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  947.280336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  947.280348] Call Trace:
[  947.280355]  <TASK>
[  947.280363]  dump_stack_lvl+0xfa/0x120
[  947.280405]  should_fail_ex+0x4d7/0x5e0
[  947.280435]  strncpy_from_user+0x3b/0x2f0
[  947.280473]  getname_flags.part.0+0x8d/0x540
[  947.280499]  __x64_sys_mkdir+0xdb/0x140
[  947.280531]  do_syscall_64+0xbf/0x420
[  947.280556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  947.280578] RIP: 0033:0x7f6a11ca5c27
[  947.280596] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  947.280616] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  947.280637] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca5c27
[  947.280651] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100
[  947.280664] RBP: 00007f6a0f21c040 R08: 0000000000000000 R09: ffffffffffffffff
[  947.280678] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[  947.280690] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[  947.280722]  </TASK>
03:49:24 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x300}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:24 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x900}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:24 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x300}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:24 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 43)

[  947.394872] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:49:24 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xfffffffb}}}, 0x414d02)

[  947.418982] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  947.545437] loop5: detected capacity change from 0 to 512
[  947.560713] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  947.562049] EXT4-fs (loop5): group descriptors corrupted!
03:49:35 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 44)

03:49:35 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 1)

03:49:35 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1000000012000000f17e9fd8b2fa6112534828d6c211490b8856ccd4190c3eb781e700c270d4ad2a83e28831bbab6bbc29791228ab2767fbdecca0f700298f606a764c338a4f11f8f5de80151a999472ae85cc9f30c5811499ed566beda8215de5a5ecccc6a5eb2634f99b088d324dbd1b4aecd011bd02e4b38abc98ed7418823fc964d864eb01e5ed175a505e8b770435ebb1d1ee815f369a27c52a7a376d8253b6249ff7daeade53fb2101a7cb9cff90fc898b586d84ef6cc962ac037c1005f69f0f7c4af6133b3447c7e9ec8c9718284a90da8b085333797a95b215fa431da1ea3f5cc399ef3e6602c9cfd66139937cc6c72fe7ea52f2685014da11292ac4764b27815df1d6a0f5166e23835b44e9326059a9cc4d3744fef61369a882b0b28c9d5c9133297ac1e127c923a70dec53d20b496326bc2f72d2e1c03adb6e794b3fdb58f7ffa600"/342], 0x414d02)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="10352867000000020000000b000000000000000000040000000000"], 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0x0, 0x20, 0x40, 0x7, 0x0, 0x7f, 0x1000a, 0x8, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0xffff, 0x2, @perf_bp={&(0x7f00000000c0), 0x1}, 0x2080, 0x10000, 0x80000000, 0x2, 0x77, 0xffff, 0x1, 0x0, 0x8, 0x0, 0x5}, 0x0, 0x1, r1, 0xb)
close_range(r0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x4, 0x81, 0x0, 0x40, 0x0, 0x3, 0x0, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0xfffffffe, 0x4, @perf_config_ext={0xfd, 0x2}, 0x6860, 0x5, 0x7, 0x4, 0x5, 0x1, 0x1, 0x0, 0x8, 0x0, 0x4}, 0x0, 0x2, r0, 0xa)

03:49:35 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 59)

03:49:35 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x500}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:35 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x500}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:35 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xfffffffe}}}, 0x414d02)

03:49:35 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xd00}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  958.799806] FAULT_INJECTION: forcing a failure.
[  958.799806] name failslab, interval 1, probability 0, space 0, times 0
[  958.801613] CPU: 1 UID: 0 PID: 8415 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  958.801643] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  958.801656] Call Trace:
[  958.801664]  <TASK>
[  958.801672]  dump_stack_lvl+0xfa/0x120
[  958.801716]  should_fail_ex+0x4d7/0x5e0
[  958.801746]  ? __do_sys_memfd_create+0x1e5/0xaa0
[  958.801772]  should_failslab+0xc2/0x120
[  958.801803]  __kmalloc_cache_noprof+0x80/0x730
[  958.801851]  ? __do_sys_memfd_create+0x1e5/0xaa0
[  958.801875]  __do_sys_memfd_create+0x1e5/0xaa0
[  958.801901]  ? ksys_write+0x1a3/0x240
[  958.801928]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  958.801952]  ? irqentry_exit+0xee/0x650
[  958.801983]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  958.802020]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  958.802059]  do_syscall_64+0xbf/0x420
[  958.802083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  958.802106] RIP: 0033:0x7f2dac41ab19
[  958.802123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  958.802144] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  958.802164] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2dac41ab19
[  958.802179] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f2dac4740fb
[  958.802193] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[  958.802206] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[  958.802219] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  958.802250]  </TASK>
[  958.824151] loop5: detected capacity change from 0 to 512
[  958.826818] FAULT_INJECTION: forcing a failure.
[  958.826818] name failslab, interval 1, probability 0, space 0, times 0
[  958.828540] CPU: 1 UID: 0 PID: 8414 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  958.828568] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  958.828580] Call Trace:
[  958.828586]  <TASK>
[  958.828594]  dump_stack_lvl+0xfa/0x120
[  958.828630]  should_fail_ex+0x4d7/0x5e0
[  958.828659]  should_failslab+0xc2/0x120
[  958.828688]  __kmalloc_noprof+0xd6/0x830
[  958.828721]  ? __create_object+0x59/0x80
[  958.828741]  ? kobject_get_path+0xc9/0x200
[  958.828773]  ? kobject_get_path+0xc9/0x200
[  958.828797]  kobject_get_path+0xc9/0x200
[  958.828822]  ? kasan_save_track+0x14/0x30
[  958.828857]  kobject_uevent_env+0x252/0xf90
[  958.828891]  ? lock_is_held_type+0x9e/0x120
[  958.828928]  loop_configure+0xe31/0x15a0
[  958.828997]  ? __pfx_loop_configure+0x10/0x10
[  958.829049]  ? avc_has_extended_perms+0x107/0xf20
[  958.829096]  ? find_held_lock+0x2b/0x80
[  958.829118]  ? avc_has_extended_perms+0x23b/0xf20
[  958.829149]  ? lock_release+0xc8/0x270
[  958.829180]  lo_ioctl+0x66d/0x1ca0
[  958.829220]  ? __pfx_lo_ioctl+0x10/0x10
[  958.829251]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  958.829292]  ? lock_acquire+0x15e/0x2d0
[  958.829318]  ? __virt_addr_valid+0x1c6/0x5d0
[  958.829345]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  958.829377]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  958.829411]  ? lock_release+0xc8/0x270
[  958.829443]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  958.829514]  ? check_irq_usage+0x210/0xb40
[  958.829540]  ? __fget_files+0x34/0x3b0
[  958.829570]  ? find_held_lock+0x2b/0x80
[  958.829590]  ? __fget_files+0x203/0x3b0
[  958.829620]  ? __pfx_lo_ioctl+0x10/0x10
[  958.829652]  blkdev_ioctl+0x365/0x6d0
[  958.829688]  ? __pfx_blkdev_ioctl+0x10/0x10
[  958.829722]  ? selinux_file_ioctl+0xb9/0x280
[  958.829751]  ? __pfx_blkdev_ioctl+0x10/0x10
[  958.829786]  __x64_sys_ioctl+0x18f/0x210
[  958.829814]  do_syscall_64+0xbf/0x420
[  958.829838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  958.829859] RIP: 0033:0x7f72082458d7
[  958.829875] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  958.829897] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  958.829918] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72082458d7
[  958.829932] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  958.829945] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  958.829958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  958.829971] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  958.830003]  </TASK>
03:49:36 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x600}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:36 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x1100}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  958.911360] loop6: detected capacity change from 0 to 512
[  958.919193] FAULT_INJECTION: forcing a failure.
[  958.919193] name failslab, interval 1, probability 0, space 0, times 0
[  958.920883] CPU: 0 UID: 0 PID: 8427 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  958.920911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  958.920924] Call Trace:
[  958.920931]  <TASK>
[  958.920939]  dump_stack_lvl+0xfa/0x120
[  958.920982]  should_fail_ex+0x4d7/0x5e0
[  958.921018]  ? copy_mount_options+0x55/0x180
[  958.921044]  should_failslab+0xc2/0x120
[  958.921076]  __kmalloc_cache_noprof+0x80/0x730
[  958.921153]  ? __might_fault+0xe0/0x190
[  958.921189]  ? copy_mount_options+0x55/0x180
[  958.921208]  ? memdup_user+0x95/0xe0
[  958.921240]  copy_mount_options+0x55/0x180
[  958.921265]  __x64_sys_mount+0x1ab/0x310
[  958.921298]  ? __pfx___x64_sys_mount+0x10/0x10
[  958.921340]  do_syscall_64+0xbf/0x420
[  958.921366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  958.921388] RIP: 0033:0x7f6a11ca804a
[  958.921405] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  958.921426] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  958.921447] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca804a
[  958.921462] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6a0f21c000
[  958.921475] RBP: 00007f6a0f21c040 R08: 00007f6a0f21c040 R09: 0000000020000000
[  958.921488] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[  958.921501] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[  958.921533]  </TASK>
[  958.994437] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  958.996115] EXT4-fs (loop5): group descriptors corrupted!
03:49:36 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 2)

03:49:36 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x600}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:36 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0xffffffff}}}, 0x414d02)

03:49:36 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000020000000b00"/24], 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = fork()
tkill(r2, 0x6)
r3 = dup3(r0, r1, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x5, 0x0, 0xff, 0x0, 0x10001, 0xc2080, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x4, @perf_config_ext={0x4, 0x1000}, 0x8, 0x6, 0x100, 0x1, 0x3, 0x3, 0x2}, r2, 0x8, r3, 0x0)

[  959.035132] Process accounting resumed
03:49:36 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x700}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:36 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x2000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  959.123341] loop3: detected capacity change from 0 to 512
03:49:36 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 45)

03:49:36 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 60)

[  959.154875] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  959.156322] EXT4-fs (loop3): group descriptors corrupted!
03:49:36 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x700}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:36 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)

[  959.279721] loop5: detected capacity change from 0 to 512
[  959.296125] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  959.297542] EXT4-fs (loop5): group descriptors corrupted!
[  959.334278] loop6: detected capacity change from 0 to 512
03:49:47 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 61)

03:49:47 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 3)

03:49:47 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 46)

03:49:47 executing program 4:
r0 = fcntl$getown(0xffffffffffffffff, 0x9)
r1 = perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x7a, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0xb)
fcntl$dupfd(r1, 0x0, r1)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="100000800b00000000000000000000000000200000000000"], 0x414d02)
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r3, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r3, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r3, 0xf501, 0x0)

03:49:47 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x840}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:47 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x3f00}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:47 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x900}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:47 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x2}}, 0x414d02)

[  969.942694] FAULT_INJECTION: forcing a failure.
[  969.942694] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  969.942970] loop5: detected capacity change from 0 to 512
[  969.944682] CPU: 1 UID: 0 PID: 8477 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  969.944714] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  969.944728] Call Trace:
[  969.944736]  <TASK>
[  969.944746]  dump_stack_lvl+0xfa/0x120
[  969.944792]  should_fail_ex+0x4d7/0x5e0
[  969.944827]  strncpy_from_user+0x3b/0x2f0
[  969.944868]  __do_sys_memfd_create+0x21d/0xaa0
[  969.944899]  ? ksys_write+0x1a3/0x240
[  969.944929]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  969.944954]  ? irqentry_exit+0xee/0x650
[  969.944998]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  969.945031]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  969.945074]  do_syscall_64+0xbf/0x420
[  969.945100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  969.945125] RIP: 0033:0x7f2dac41ab19
[  969.945144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  969.945183] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  969.945206] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2dac41ab19
[  969.945223] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f2dac4740fb
[  969.945237] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[  969.945252] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[  969.945266] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  969.945302]  </TASK>
[  969.970709] loop6: detected capacity change from 0 to 512
[  969.977773] FAULT_INJECTION: forcing a failure.
[  969.977773] name failslab, interval 1, probability 0, space 0, times 0
[  969.979512] CPU: 0 UID: 0 PID: 8476 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  969.979541] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  969.979552] Call Trace:
[  969.979559]  <TASK>
[  969.979567]  dump_stack_lvl+0xfa/0x120
[  969.979606]  should_fail_ex+0x4d7/0x5e0
[  969.979634]  ? copy_mount_options+0x55/0x180
[  969.979655]  should_failslab+0xc2/0x120
[  969.979685]  __kmalloc_cache_noprof+0x80/0x730
[  969.979719]  ? __might_fault+0xe0/0x190
[  969.979755]  ? copy_mount_options+0x55/0x180
[  969.979773]  ? memdup_user+0x95/0xe0
[  969.979805]  copy_mount_options+0x55/0x180
[  969.979829]  __x64_sys_mount+0x1ab/0x310
[  969.979862]  ? __pfx___x64_sys_mount+0x10/0x10
[  969.979905]  do_syscall_64+0xbf/0x420
[  969.979929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  969.979951] RIP: 0033:0x7f6a11ca804a
[  969.979968] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  969.979996] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  969.980016] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca804a
[  969.980031] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6a0f21c000
[  969.980045] RBP: 00007f6a0f21c040 R08: 00007f6a0f21c040 R09: 0000000020000000
[  969.980058] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[  969.980071] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[  969.980103]  </TASK>
03:49:47 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x3}}, 0x414d02)

03:49:47 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x4000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:47 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x900}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  970.045262] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  970.046961] EXT4-fs (loop5): group descriptors corrupted!
03:49:55 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xd00}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:55 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x2010, 0xffffffffffffffff, 0x752a4000)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x79, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}, {@fscache}, {@msize={'msize', 0x3d, 0x5}}], [{@smackfsroot}, {@context={'context', 0x3d, 'sysadm_u'}}]}})
close_range(r0, 0xffffffffffffffff, 0x0)

03:49:55 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x4}}, 0x414d02)

03:49:55 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xd00}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:55 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 47)

03:49:55 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 62)

03:49:55 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x5002}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:55 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 4)

[  978.792632] loop5: detected capacity change from 0 to 512
[  978.801831] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  978.802575] EXT4-fs (loop5): group descriptors corrupted!
[  978.822631] FAULT_INJECTION: forcing a failure.
[  978.822631] name failslab, interval 1, probability 0, space 0, times 0
[  978.824679] CPU: 0 UID: 0 PID: 8505 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  978.824715] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  978.824730] Call Trace:
[  978.824739]  <TASK>
[  978.824748]  dump_stack_lvl+0xfa/0x120
[  978.824799]  should_fail_ex+0x4d7/0x5e0
[  978.824835]  ? shmem_alloc_inode+0x27/0x50
[  978.824863]  should_failslab+0xc2/0x120
[  978.824901]  kmem_cache_alloc_lru_noprof+0x84/0x720
[  978.824945]  ? shmem_alloc_inode+0x27/0x50
[  978.824973]  shmem_alloc_inode+0x27/0x50
[  978.825009]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  978.825037]  alloc_inode+0x67/0x250
[  978.825064]  new_inode+0x1e/0x160
[  978.825091]  __shmem_get_inode+0x17c/0xe80
[  978.825133]  __shmem_file_setup+0x108/0x370
[  978.825173]  __do_sys_memfd_create+0x2ce/0xaa0
[  978.825205]  ? ksys_write+0x1a3/0x240
[  978.825258]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  978.825285]  ? irqentry_exit+0xee/0x650
[  978.825324]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  978.825360]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  978.825417]  do_syscall_64+0xbf/0x420
[  978.825461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  978.825492] RIP: 0033:0x7f2dac41ab19
[  978.825512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  978.825537] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  978.825562] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2dac41ab19
[  978.825579] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f2dac4740fb
[  978.825596] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[  978.825612] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[  978.825628] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  978.825666]  </TASK>
03:49:55 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf400}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:55 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x5}}, 0x414d02)

03:49:56 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x1100}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:56 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 48)

[  978.886750] loop6: detected capacity change from 0 to 512
[  978.889669] =======================================================
[  978.889669] WARNING: The mand mount option has been deprecated and
[  978.889669]          and is ignored by this kernel. Remove the mand
[  978.889669]          option from the mount to silence this warning.
[  978.889669] =======================================================
03:49:56 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x1002}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:49:56 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x6}}, 0x414d02)

[  978.966862] loop5: detected capacity change from 0 to 512
03:49:56 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 63)

[  978.998110] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  978.998877] EXT4-fs (loop5): group descriptors corrupted!
03:49:56 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x20010}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  979.029663] loop6: detected capacity change from 0 to 512
03:49:56 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 5)

[  979.057256] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:49:56 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400, 0x5}, 0x40000, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@ceph_nfs_fh={0x8, 0x1, {0x3f}}, 0x450f01)

03:49:56 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x7}}, 0x414d02)

[  979.105424] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:49:56 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x2000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  979.147263] loop3: detected capacity change from 0 to 512
[  979.163418] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  979.164301] EXT4-fs (loop3): group descriptors corrupted!
03:50:05 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 49)

03:50:05 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="330000a14b000200000000000020000004000000000000000000"], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:50:05 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x3f00}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:05 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 6)

03:50:05 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x20200}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:05 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x1100}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:05 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 64)

03:50:05 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x8}}, 0x414d02)

[  988.248648] FAULT_INJECTION: forcing a failure.
[  988.248648] name failslab, interval 1, probability 0, space 0, times 0
[  988.250552] CPU: 0 UID: 0 PID: 8556 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  988.250582] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  988.250594] Call Trace:
[  988.250602]  <TASK>
[  988.250611]  dump_stack_lvl+0xfa/0x120
[  988.250653]  should_fail_ex+0x4d7/0x5e0
[  988.250683]  ? security_inode_alloc+0x3e/0x130
[  988.250709]  should_failslab+0xc2/0x120
[  988.250740]  kmem_cache_alloc_noprof+0x80/0x710
[  988.250763]  ? __pfx_map_id_range_down+0x10/0x10
[  988.250795]  ? __create_object+0x59/0x80
[  988.250822]  ? security_inode_alloc+0x3e/0x130
[  988.250846]  security_inode_alloc+0x3e/0x130
[  988.250874]  inode_init_always_gfp+0xc9d/0xff0
[  988.250909]  alloc_inode+0x8d/0x250
[  988.250930]  new_inode+0x1e/0x160
[  988.250953]  __shmem_get_inode+0x17c/0xe80
[  988.250996]  __shmem_file_setup+0x108/0x370
[  988.251029]  __do_sys_memfd_create+0x2ce/0xaa0
[  988.251055]  ? ksys_write+0x1a3/0x240
[  988.251082]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  988.251106]  ? irqentry_exit+0xee/0x650
[  988.251138]  ? trace_hardirqs_on_prepare+0xe3/0x110
[  988.251168]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  988.251207]  do_syscall_64+0xbf/0x420
[  988.251230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  988.251253] RIP: 0033:0x7f2dac41ab19
[  988.251271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  988.251292] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  988.251313] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2dac41ab19
[  988.251328] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f2dac4740fb
[  988.251341] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[  988.251354] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[  988.251366] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  988.251398]  </TASK>
[  988.261327] loop6: detected capacity change from 0 to 512
[  988.285399] loop5: detected capacity change from 0 to 512
03:50:05 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x2000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:05 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x80000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  988.319163] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  988.320581] EXT4-fs (loop5): group descriptors corrupted!
03:50:05 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x4000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  988.358699] FAULT_INJECTION: forcing a failure.
[  988.358699] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  988.360730] CPU: 1 UID: 0 PID: 8557 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  988.360759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  988.360772] Call Trace:
[  988.360779]  <TASK>
[  988.360787]  dump_stack_lvl+0xfa/0x120
[  988.360829]  should_fail_ex+0x4d7/0x5e0
[  988.360859]  _copy_from_user+0x30/0xd0
[  988.360887]  memdup_user+0x7e/0xe0
[  988.360922]  strndup_user+0x78/0xe0
[  988.360956]  __x64_sys_mount+0x17f/0x310
[  988.360998]  ? __pfx___x64_sys_mount+0x10/0x10
[  988.361040]  do_syscall_64+0xbf/0x420
[  988.361064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  988.361086] RIP: 0033:0x7f6a11ca804a
[  988.361104] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  988.361124] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  988.361145] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca804a
[  988.361159] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6a0f21c000
[  988.361173] RBP: 00007f6a0f21c040 R08: 00007f6a0f21c040 R09: 0000000020000000
[  988.361186] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[  988.361199] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[  988.361231]  </TASK>
03:50:16 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 65)

03:50:16 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x7402}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:16 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 7)

03:50:16 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
sendfile(r0, r0, 0x0, 0x3f)
perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x6, 0x8, 0x7f, 0x6, 0x0, 0x3, 0xa41, 0xd, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1f, 0x4, @perf_bp={&(0x7f0000000040), 0x8}, 0x39a80, 0x800, 0xffffffff, 0x6, 0x7ff, 0x7fffffff, 0xff, 0x0, 0x100, 0x0, 0x7}, 0xffffffffffffffff, 0x9, r0, 0xb)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
r2 = pidfd_getfd(r1, r0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x4, 0x81, 0x81, 0x81, 0x0, 0x5, 0x4400, 0x6, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7, 0x1, @perf_bp={&(0x7f0000000100), 0xe}, 0x8080, 0x80000001, 0x809e, 0x1, 0xffffffff7fffffff, 0x3, 0x9, 0x0, 0x5, 0x0, 0xfff}, 0x0, 0xe, r2, 0x2)
close_range(r1, 0xffffffffffffffff, 0x0)

03:50:16 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 50)

03:50:16 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x3f00}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:16 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0xb}}, 0x414d02)

03:50:16 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x101000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  998.985546] loop6: detected capacity change from 0 to 512
[  998.988386] FAULT_INJECTION: forcing a failure.
[  998.988386] name failslab, interval 1, probability 0, space 0, times 0
[  998.989352] CPU: 1 UID: 0 PID: 8578 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  998.989368] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  998.989389] Call Trace:
[  998.989393]  <TASK>
[  998.989398]  dump_stack_lvl+0xfa/0x120
[  998.989424]  should_fail_ex+0x4d7/0x5e0
[  998.989443]  ? copy_mount_options+0x55/0x180
[  998.989456]  should_failslab+0xc2/0x120
[  998.989474]  __kmalloc_cache_noprof+0x80/0x730
[  998.989495]  ? __might_fault+0xe0/0x190
[  998.989515]  ? copy_mount_options+0x55/0x180
[  998.989526]  ? memdup_user+0x95/0xe0
[  998.989545]  copy_mount_options+0x55/0x180
[  998.989558]  __x64_sys_mount+0x1ab/0x310
[  998.989577]  ? __pfx___x64_sys_mount+0x10/0x10
[  998.989601]  do_syscall_64+0xbf/0x420
[  998.989618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  998.989633] RIP: 0033:0x7f6a11ca804a
[  998.989643] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  998.989655] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  998.989667] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca804a
[  998.989675] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6a0f21c000
[  998.989683] RBP: 00007f6a0f21c040 R08: 00007f6a0f21c040 R09: 0000000020000000
[  998.989690] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[  998.989698] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[  998.989715]  </TASK>
03:50:16 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x10}}, 0x414d02)

03:50:16 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 66)

[  999.042305] loop3: detected capacity change from 0 to 512
[  999.044168] loop5: detected capacity change from 0 to 512
[  999.044708] FAULT_INJECTION: forcing a failure.
[  999.044708] name failslab, interval 1, probability 0, space 0, times 0
[  999.045736] CPU: 1 UID: 0 PID: 8589 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  999.045752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  999.045759] Call Trace:
[  999.045764]  <TASK>
[  999.045768]  dump_stack_lvl+0xfa/0x120
[  999.045795]  should_fail_ex+0x4d7/0x5e0
[  999.045814]  ? skb_clone+0x191/0x400
[  999.045829]  should_failslab+0xc2/0x120
[  999.045848]  kmem_cache_alloc_noprof+0x80/0x710
[  999.045861]  ? netlink_broadcast_filtered+0xe6/0xe90
[  999.045881]  ? skb_clone+0x191/0x400
[  999.045894]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[  999.045911]  skb_clone+0x191/0x400
[  999.045927]  netlink_broadcast_filtered+0xab1/0xe90
[  999.045950]  ? __pfx_netlink_broadcast_filtered+0x10/0x10
[  999.045971]  netlink_broadcast+0x39/0x50
[  999.045991]  kobject_uevent_env+0xa58/0xf90
[  999.046010]  ? lock_is_held_type+0x9e/0x120
[  999.046034]  loop_configure+0xe31/0x15a0
[  999.046069]  ? __pfx_loop_configure+0x10/0x10
[  999.046097]  ? avc_has_extended_perms+0x107/0xf20
[  999.046116]  ? find_held_lock+0x2b/0x80
[  999.046128]  ? avc_has_extended_perms+0x23b/0xf20
[  999.046145]  ? lock_release+0xc8/0x270
[  999.046162]  lo_ioctl+0x66d/0x1ca0
[  999.046184]  ? __pfx_lo_ioctl+0x10/0x10
[  999.046201]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  999.046223]  ? lock_acquire+0x15e/0x2d0
[  999.046237]  ? __virt_addr_valid+0x1c6/0x5d0
[  999.046253]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  999.046272]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  999.046287]  ? lock_release+0xc8/0x270
[  999.046305]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  999.046345]  ? check_irq_usage+0x210/0xb40
[  999.046359]  ? __fget_files+0x34/0x3b0
[  999.046377]  ? find_held_lock+0x2b/0x80
[  999.046388]  ? __fget_files+0x203/0x3b0
[  999.046404]  ? __pfx_lo_ioctl+0x10/0x10
[  999.046421]  blkdev_ioctl+0x365/0x6d0
[  999.046442]  ? __pfx_blkdev_ioctl+0x10/0x10
[  999.046460]  ? selinux_file_ioctl+0xb9/0x280
[  999.046478]  ? __pfx_blkdev_ioctl+0x10/0x10
[  999.046497]  __x64_sys_ioctl+0x18f/0x210
[  999.046513]  do_syscall_64+0xbf/0x420
[  999.046526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.046539] RIP: 0033:0x7f72082458d7
[  999.046549] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  999.046560] RSP: 002b:00007f72057baf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  999.046572] RAX: ffffffffffffffda RBX: 00007f720828f970 RCX: 00007f72082458d7
[  999.046581] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  999.046588] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  999.046595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  999.046603] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[  999.046620]  </TASK>
[  999.089274] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  999.090067] EXT4-fs (loop3): group descriptors corrupted!
[  999.100807] loop6: detected capacity change from 0 to 512
[  999.102505] FAULT_INJECTION: forcing a failure.
[  999.102505] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  999.102800] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  999.103504] CPU: 1 UID: 0 PID: 8595 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  999.103520] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  999.103527] Call Trace:
[  999.103531]  <TASK>
[  999.103536]  dump_stack_lvl+0xfa/0x120
[  999.103560]  should_fail_ex+0x4d7/0x5e0
[  999.103577]  strncpy_from_user+0x3b/0x2f0
[  999.103598]  getname_flags.part.0+0x8d/0x540
[  999.103612]  getname_flags+0x95/0xe0
[  999.103627]  user_path_at+0x27/0x90
[  999.103642]  __x64_sys_mount+0x1fb/0x310
[  999.103661]  ? __pfx___x64_sys_mount+0x10/0x10
[  999.103684]  do_syscall_64+0xbf/0x420
[  999.103698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.103711] RIP: 0033:0x7f6a11ca804a
[  999.103720] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  999.103732] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  999.103743] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca804a
[  999.103752] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6a0f21c000
[  999.103759] RBP: 00007f6a0f21c040 R08: 00007f6a0f21c040 R09: 0000000020000000
[  999.103766] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[  999.103773] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[  999.103789]  </TASK>
[  999.126253] EXT4-fs (loop5): group descriptors corrupted!
03:50:16 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 67)

03:50:16 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf400}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:16 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x104000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:16 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x4000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:16 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 8)

03:50:16 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000080)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x2, 0x0, @remote, @local, {[@ssrr={0x89, 0x3, 0x89}]}}}}}}, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[  999.230531] loop6: detected capacity change from 0 to 512
[  999.232300] FAULT_INJECTION: forcing a failure.
[  999.232300] name failslab, interval 1, probability 0, space 0, times 0
[  999.233264] CPU: 1 UID: 0 PID: 8603 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  999.233279] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  999.233286] Call Trace:
[  999.233290]  <TASK>
[  999.233294]  dump_stack_lvl+0xfa/0x120
[  999.233318]  should_fail_ex+0x4d7/0x5e0
[  999.233334]  ? copy_mount_options+0x55/0x180
[  999.233346]  should_failslab+0xc2/0x120
[  999.233362]  __kmalloc_cache_noprof+0x80/0x730
[  999.233389]  ? __might_fault+0xe0/0x190
[  999.233408]  ? copy_mount_options+0x55/0x180
[  999.233418]  ? memdup_user+0x95/0xe0
[  999.233435]  copy_mount_options+0x55/0x180
[  999.233448]  __x64_sys_mount+0x1ab/0x310
[  999.233466]  ? __pfx___x64_sys_mount+0x10/0x10
[  999.233489]  do_syscall_64+0xbf/0x420
[  999.233502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.233515] RIP: 0033:0x7f6a11ca804a
[  999.233524] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  999.233535] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  999.233547] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca804a
[  999.233555] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6a0f21c000
[  999.233562] RBP: 00007f6a0f21c040 R08: 00007f6a0f21c040 R09: 0000000020000000
[  999.233569] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[  999.233576] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[  999.233596]  </TASK>
03:50:16 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x20010}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  999.267691] FAULT_INJECTION: forcing a failure.
[  999.267691] name failslab, interval 1, probability 0, space 0, times 0
[  999.269631] CPU: 0 UID: 0 PID: 8609 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  999.269663] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  999.269676] Call Trace:
[  999.269683]  <TASK>
[  999.269692]  dump_stack_lvl+0xfa/0x120
[  999.269739]  should_fail_ex+0x4d7/0x5e0
[  999.269771]  ? __d_alloc+0x34/0xa10
[  999.269803]  should_failslab+0xc2/0x120
[  999.269835]  kmem_cache_alloc_lru_noprof+0x84/0x720
[  999.269860]  ? find_held_lock+0x2b/0x80
[  999.269894]  ? __d_alloc+0x34/0xa10
[  999.269924]  __d_alloc+0x34/0xa10
[  999.269954]  ? mpol_shared_policy_init+0x24f/0x390
[  999.269996]  d_alloc_pseudo+0x1d/0xc0
[  999.270022]  alloc_file_pseudo+0xbe/0x220
[  999.270062]  ? __pfx_alloc_file_pseudo+0x10/0x10
03:50:16 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8506, 0x81}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[  999.270099]  ? __shmem_get_inode+0x684/0xe80
[  999.270137]  __shmem_file_setup+0x1a8/0x370
[  999.270172]  __do_sys_memfd_create+0x2ce/0xaa0
[  999.270203]  ? __pfx___do_sys_memfd_create+0x10/0x10
[  999.270242]  do_syscall_64+0xbf/0x420
[  999.270268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.270291] RIP: 0033:0x7f2dac41ab19
[  999.270309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  999.270331] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  999.270354] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2dac41ab19
[  999.270370] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f2dac4740fb
[  999.270384] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[  999.270398] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
03:50:16 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 68)

[  999.270412] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[  999.270446]  </TASK>
03:50:16 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x20200}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  999.341843] Process accounting paused
03:50:16 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 51)

03:50:16 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x24}}, 0x414d02)

03:50:16 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x4008}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[  999.364299] loop6: detected capacity change from 0 to 512
[  999.377782] FAULT_INJECTION: forcing a failure.
[  999.377782] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  999.379657] CPU: 0 UID: 0 PID: 8616 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[  999.379686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  999.379699] Call Trace:
[  999.379707]  <TASK>
[  999.379715]  dump_stack_lvl+0xfa/0x120
[  999.379757]  should_fail_ex+0x4d7/0x5e0
[  999.379789]  strncpy_from_user+0x3b/0x2f0
[  999.379831]  getname_flags.part.0+0x8d/0x540
[  999.379858]  getname_flags+0x95/0xe0
[  999.379893]  user_path_at+0x27/0x90
[  999.379921]  __x64_sys_mount+0x1fb/0x310
[  999.379962]  ? __pfx___x64_sys_mount+0x10/0x10
[  999.380015]  do_syscall_64+0xbf/0x420
[  999.380042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.380065] RIP: 0033:0x7f6a11ca804a
[  999.380084] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  999.380107] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  999.380130] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca804a
[  999.380146] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6a0f21c000
[  999.380160] RBP: 00007f6a0f21c040 R08: 00007f6a0f21c040 R09: 0000000020000000
[  999.380176] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[  999.380193] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[  999.380227]  </TASK>
[  999.462215] loop5: detected capacity change from 0 to 512
[  999.468743] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  999.469638] EXT4-fs (loop5): group descriptors corrupted!
03:50:26 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x80000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:26 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x2f}}, 0x414d02)

03:50:26 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf400}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:26 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 69)

03:50:26 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 9)

03:50:26 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 52)

03:50:26 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, @perf_bp={0x0, 0x1}, 0x2211, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r2, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r2, 0xffffffffffffffff, 0x0)
close_range(r2, r0, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

03:50:26 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x401000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:26 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x1000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:26 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x20010}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1009.405466] loop3: detected capacity change from 0 to 512
[ 1009.426813] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1009.428421] EXT4-fs (loop3): group descriptors corrupted!
[ 1009.452341] loop6: detected capacity change from 0 to 512
[ 1009.457281] loop5: detected capacity change from 0 to 512
[ 1009.479572] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1009.481155] EXT4-fs (loop5): group descriptors corrupted!
03:50:26 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x101000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:26 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 10)

[ 1009.523454] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1009.548910] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:50:26 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="10000000020000040000000000000000000000ee4d2c9ba1fbdc44e6c770e1d42e174700007e0000"], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x9100)
ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x55b8, 0x81})

03:50:26 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x20200}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:26 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x2000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:26 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x64}}, 0x414d02)

[ 1009.715874] FAULT_INJECTION: forcing a failure.
[ 1009.715874] name failslab, interval 1, probability 0, space 0, times 0
[ 1009.717738] CPU: 1 UID: 0 PID: 8658 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1009.717767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1009.717781] Call Trace:
[ 1009.717788]  <TASK>
[ 1009.717797]  dump_stack_lvl+0xfa/0x120
[ 1009.717840]  should_fail_ex+0x4d7/0x5e0
[ 1009.717871]  should_failslab+0xc2/0x120
[ 1009.717903]  __kmalloc_node_noprof+0xd9/0x840
[ 1009.717929]  ? alloc_pages_mpol+0x154/0x340
[ 1009.717951]  ? alloc_slab_obj_exts+0x40/0x110
[ 1009.717991]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1009.718030]  ? alloc_slab_obj_exts+0x40/0x110
[ 1009.718062]  alloc_slab_obj_exts+0x40/0x110
[ 1009.718096]  new_slab+0x26a/0x410
[ 1009.718132]  ___slab_alloc+0xaf7/0x1270
[ 1009.718165]  ? __d_alloc+0x34/0xa10
[ 1009.718206]  ? __d_alloc+0x34/0xa10
[ 1009.718234]  ? __slab_alloc.constprop.0+0x2c/0x60
[ 1009.718267]  __slab_alloc.constprop.0+0x2c/0x60
[ 1009.718299]  kmem_cache_alloc_lru_noprof+0x50a/0x720
[ 1009.718321]  ? find_held_lock+0x2b/0x80
[ 1009.718353]  ? __d_alloc+0x34/0xa10
[ 1009.718380]  __d_alloc+0x34/0xa10
[ 1009.718409]  ? mpol_shared_policy_init+0x24f/0x390
[ 1009.718440]  d_alloc_pseudo+0x1d/0xc0
[ 1009.718463]  alloc_file_pseudo+0xbe/0x220
[ 1009.718500]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1009.718535]  ? __shmem_get_inode+0x684/0xe80
[ 1009.718571]  __shmem_file_setup+0x1a8/0x370
[ 1009.718604]  __do_sys_memfd_create+0x2ce/0xaa0
[ 1009.718630]  ? ksys_write+0x1a3/0x240
[ 1009.718656]  ? __pfx___do_sys_memfd_create+0x10/0x10
[ 1009.718680]  ? irqentry_exit+0xee/0x650
[ 1009.718711]  ? trace_hardirqs_on_prepare+0xe3/0x110
[ 1009.718739]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[ 1009.718777]  do_syscall_64+0xbf/0x420
[ 1009.718800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1009.718823] RIP: 0033:0x7f2dac41ab19
[ 1009.718840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1009.718861] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 1009.718882] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2dac41ab19
[ 1009.718897] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f2dac4740fb
[ 1009.718910] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[ 1009.718923] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 1009.718937] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[ 1009.718968]  </TASK>
[ 1009.864928] loop3: detected capacity change from 0 to 512
[ 1009.878574] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1009.880122] EXT4-fs (loop3): group descriptors corrupted!
03:50:36 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 53)

03:50:36 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x80000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:36 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x70}}, 0x414d02)

03:50:36 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x104000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:36 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 70)

03:50:36 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x3000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:36 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1, 0x51)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000020000000affffffff2a3f657100000000000000"], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:50:36 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 11)

[ 1018.936720] loop3: detected capacity change from 0 to 512
[ 1018.947329] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1018.948108] EXT4-fs (loop3): group descriptors corrupted!
[ 1018.965393] loop6: detected capacity change from 0 to 512
03:50:36 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0xf0}}, 0x414d02)

[ 1018.984811] loop5: detected capacity change from 0 to 512
03:50:36 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 12)

03:50:36 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x625, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0x5, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="1400000005000000010000002800008f"], 0x414d02)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
write(r0, &(0x7f0000000080)="ba2c0abeaed38407b79c95ee378932e9f61c396a04965cc5773ae4d7aeb42531cc44239c19f76dbe7c28ce9058dbf7ff51772c7d8730c1d55888a8dfe7e604e7347548daf81223f833c88d9310b48a4a1e78c1d97cda78dced20449fe3c88343b6d5280e330764aaed50434f01f44ec104f7199f6e85bd5f792ba8a1ff10a4e708a9d7844b44e9bbd5ca291492d7e1799274b8cb0274b32006d994e8a44bd29a6c40891c069f2cb31a615dbd7d", 0xad)
close_range(r0, 0xffffffffffffffff, 0x0)

[ 1018.996160] FAULT_INJECTION: forcing a failure.
[ 1018.996160] name failslab, interval 1, probability 0, space 0, times 0
[ 1018.997366] CPU: 0 UID: 0 PID: 8690 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1018.997382] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1018.997390] Call Trace:
[ 1018.997394]  <TASK>
[ 1018.997399]  dump_stack_lvl+0xfa/0x120
[ 1018.997428]  should_fail_ex+0x4d7/0x5e0
[ 1018.997446]  ? security_inode_alloc+0x3e/0x130
[ 1018.997461]  should_failslab+0xc2/0x120
[ 1018.997479]  kmem_cache_alloc_noprof+0x80/0x710
[ 1018.997492]  ? __pfx_map_id_range_down+0x10/0x10
[ 1018.997517]  ? security_inode_alloc+0x3e/0x130
[ 1018.997538]  security_inode_alloc+0x3e/0x130
[ 1018.997553]  inode_init_always_gfp+0xc9d/0xff0
[ 1018.997573]  alloc_inode+0x8d/0x250
[ 1018.997586]  new_inode+0x1e/0x160
[ 1018.997599]  __ext4_new_inode+0x35d/0x4cd0
[ 1018.997622]  ? avc_has_perm_noaudit+0x150/0x3d0
[ 1018.997644]  ? __pfx___ext4_new_inode+0x10/0x10
[ 1018.997663]  ? __pfx_avc_has_perm+0x10/0x10
[ 1018.997679]  ? __pfx___dquot_initialize+0x10/0x10
[ 1018.997702]  ext4_mkdir+0x331/0xb30
[ 1018.997722]  ? __pfx_ext4_mkdir+0x10/0x10
[ 1018.997734]  ? security_inode_permission+0x72/0xe0
[ 1018.997754]  vfs_mkdir+0x7b5/0xba0
[ 1018.997771]  do_mkdirat+0x11a/0x450
[ 1018.997790]  ? __pfx_do_mkdirat+0x10/0x10
[ 1018.997806]  ? strncpy_from_user+0x21b/0x2f0
[ 1018.997831]  __x64_sys_mkdir+0xf3/0x140
[ 1018.997848]  do_syscall_64+0xbf/0x420
[ 1018.997863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1018.997877] RIP: 0033:0x7f7208244c27
[ 1018.997887] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1018.997900] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1018.997912] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
[ 1018.997920] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1018.997927] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1018.997935] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1018.997942] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1018.997960]  </TASK>
[ 1019.039789] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:50:36 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x4000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:36 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x101000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:36 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 54)

03:50:36 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x401000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1019.078126] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1019.112949] FAULT_INJECTION: forcing a failure.
[ 1019.112949] name failslab, interval 1, probability 0, space 0, times 0
[ 1019.113893] CPU: 0 UID: 0 PID: 8701 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1019.113910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1019.113917] Call Trace:
[ 1019.113922]  <TASK>
[ 1019.113927]  dump_stack_lvl+0xfa/0x120
[ 1019.113955]  should_fail_ex+0x4d7/0x5e0
[ 1019.113974]  ? security_file_alloc+0x35/0x130
[ 1019.113997]  should_failslab+0xc2/0x120
[ 1019.114015]  kmem_cache_alloc_noprof+0x80/0x710
[ 1019.114028]  ? __create_object+0x59/0x80
[ 1019.114044]  ? security_file_alloc+0x35/0x130
[ 1019.114060]  security_file_alloc+0x35/0x130
[ 1019.114076]  init_file+0x95/0x4c0
[ 1019.114096]  alloc_empty_file+0x76/0x1e0
[ 1019.114115]  alloc_file_pseudo+0x12b/0x220
[ 1019.114135]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1019.114159]  __shmem_file_setup+0x1a8/0x370
[ 1019.114178]  __do_sys_memfd_create+0x2ce/0xaa0
[ 1019.114192]  ? ksys_write+0x1a3/0x240
[ 1019.114207]  ? __pfx___do_sys_memfd_create+0x10/0x10
[ 1019.114220]  ? irqentry_exit+0xee/0x650
[ 1019.114238]  ? trace_hardirqs_on_prepare+0xe3/0x110
[ 1019.114256]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[ 1019.114278]  do_syscall_64+0xbf/0x420
[ 1019.114292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1019.114305] RIP: 0033:0x7f2dac41ab19
[ 1019.114315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1019.114327] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 1019.114339] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2dac41ab19
[ 1019.114347] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f2dac4740fb
[ 1019.114354] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff
[ 1019.114362] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 1019.114370] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012900
[ 1019.114387]  </TASK>
[ 1019.171315] loop5: detected capacity change from 0 to 512
[ 1019.178189] FAULT_INJECTION: forcing a failure.
[ 1019.178189] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1019.180830] CPU: 1 UID: 0 PID: 8709 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1019.180859] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1019.180872] Call Trace:
[ 1019.180879]  <TASK>
[ 1019.180887]  dump_stack_lvl+0xfa/0x120
[ 1019.180930]  should_fail_ex+0x4d7/0x5e0
[ 1019.180962]  strncpy_from_user+0x3b/0x2f0
[ 1019.181007]  getname_flags.part.0+0x8d/0x540
[ 1019.181033]  __x64_sys_mkdir+0xdb/0x140
[ 1019.181065]  do_syscall_64+0xbf/0x420
[ 1019.181090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1019.181113] RIP: 0033:0x7f7208244c27
[ 1019.181130] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1019.181150] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1019.181171] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
[ 1019.181186] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1019.181199] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1019.181212] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1019.181224] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1019.181256]  </TASK>
03:50:45 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 55)

03:50:45 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000020000000beaf000"/24], 0x414d02)
pread64(r0, &(0x7f0000000040)=""/229, 0xe5, 0x5)
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00')

03:50:45 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 13)

03:50:45 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x104000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:45 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 71)

03:50:45 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x112}}, 0x414d02)

03:50:45 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x5000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:45 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x1000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1028.564704] loop5: detected capacity change from 0 to 512
[ 1028.570247] FAULT_INJECTION: forcing a failure.
[ 1028.570247] name failslab, interval 1, probability 0, space 0, times 0
[ 1028.571167] CPU: 1 UID: 0 PID: 8723 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1028.571185] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1028.571193] Call Trace:
[ 1028.571197]  <TASK>
[ 1028.571202]  dump_stack_lvl+0xfa/0x120
[ 1028.571228]  should_fail_ex+0x4d7/0x5e0
[ 1028.571249]  ? __d_alloc+0x34/0xa10
[ 1028.571266]  should_failslab+0xc2/0x120
[ 1028.571284]  kmem_cache_alloc_lru_noprof+0x84/0x720
[ 1028.571297]  ? __d_lookup+0x255/0x490
[ 1028.571315]  ? __d_alloc+0x34/0xa10
[ 1028.571330]  __d_alloc+0x34/0xa10
[ 1028.571350]  d_alloc+0x4a/0x1e0
[ 1028.571367]  lookup_one_qstr_excl+0x174/0x270
[ 1028.571379]  ? mnt_want_write+0x153/0x420
[ 1028.571394]  filename_create+0x1c1/0x400
[ 1028.571408]  ? __pfx_filename_create+0x10/0x10
[ 1028.571421]  ? __virt_addr_valid+0x2e8/0x5d0
[ 1028.571442]  do_mkdirat+0xa8/0x450
[ 1028.571460]  ? __pfx_do_mkdirat+0x10/0x10
[ 1028.571476]  ? strncpy_from_user+0x21b/0x2f0
[ 1028.571500]  __x64_sys_mkdir+0xf3/0x140
[ 1028.571517]  do_syscall_64+0xbf/0x420
[ 1028.571531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1028.571544] RIP: 0033:0x7f7208244c27
[ 1028.571553] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1028.571565] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1028.571577] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
[ 1028.571584] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1028.571591] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1028.571598] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1028.571605] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1028.571623]  </TASK>
[ 1028.588572] loop6: detected capacity change from 0 to 512
[ 1028.594381] FAULT_INJECTION: forcing a failure.
[ 1028.594381] name failslab, interval 1, probability 0, space 0, times 0
[ 1028.595416] CPU: 1 UID: 0 PID: 8727 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1028.595432] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1028.595439] Call Trace:
[ 1028.595444]  <TASK>
[ 1028.595448]  dump_stack_lvl+0xfa/0x120
[ 1028.595473]  should_fail_ex+0x4d7/0x5e0
[ 1028.595491]  should_failslab+0xc2/0x120
[ 1028.595508]  __kmalloc_node_track_caller_noprof+0xd7/0x820
[ 1028.595523]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[ 1028.595540]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1028.595558]  ? vfs_parse_fs_qstr+0x112/0x1c0
[ 1028.595574]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1028.595594]  ? kmemdup_nul+0x3b/0xa0
[ 1028.595611]  kmemdup_nul+0x3b/0xa0
[ 1028.595629]  vfs_parse_fs_qstr+0x112/0x1c0
[ 1028.595645]  ? __pfx_vfs_parse_fs_qstr+0x10/0x10
[ 1028.595660]  ? kasan_save_track+0x14/0x30
[ 1028.595677]  ? __kasan_kmalloc+0x7f/0x90
[ 1028.595694]  ? __pfx_ext4_init_fs_context+0x10/0x10
[ 1028.595713]  ? alloc_fs_context+0x5d0/0xb20
[ 1028.595732]  path_mount+0x6b1/0x2140
[ 1028.595752]  ? kasan_quarantine_put+0x84/0x1e0
[ 1028.595769]  ? __pfx_path_mount+0x10/0x10
[ 1028.595785]  ? kmem_cache_free+0x2cd/0x660
[ 1028.595797]  ? putname.part.0+0xc0/0x160
[ 1028.595820]  ? putname.part.0+0xc0/0x160
[ 1028.595838]  ? putname.part.0+0xc0/0x160
[ 1028.595858]  __x64_sys_mount+0x293/0x310
[ 1028.595876]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1028.595899]  do_syscall_64+0xbf/0x420
[ 1028.595913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1028.595926] RIP: 0033:0x7f6a11ca804a
[ 1028.595935] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1028.595946] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1028.595958] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca804a
[ 1028.595967] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6a0f21c000
[ 1028.595974] RBP: 00007f6a0f21c040 R08: 00007f6a0f21c040 R09: 0000000020000000
[ 1028.595986] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[ 1028.595993] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[ 1028.596010]  </TASK>
[ 1028.605155] loop3: detected capacity change from 0 to 512
03:50:45 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 56)

03:50:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r1, 0x810c9365, &(0x7f0000000040)={{0x2, 0x8}, 0x100, './file0\x00'})
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[ 1028.670325] loop5: detected capacity change from 0 to 512
[ 1028.685722] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1028.686522] EXT4-fs (loop5): group descriptors corrupted!
03:50:45 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x2000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:45 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x401000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:45 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x300}}, 0x414d02)

[ 1028.710225] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1028.711921] EXT4-fs (loop3): group descriptors corrupted!
03:50:53 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x3000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:53 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 14)

03:50:53 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x6000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:50:53 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 57)

03:50:53 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0xfffffffd}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:50:53 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 72)

03:50:53 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x321}}, 0x414d02)

03:50:53 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x1000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1036.454920] loop5: detected capacity change from 0 to 512
[ 1036.465632] FAULT_INJECTION: forcing a failure.
[ 1036.465632] name failslab, interval 1, probability 0, space 0, times 0
03:50:53 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x408}}, 0x414d02)

[ 1036.467927] CPU: 0 UID: 0 PID: 8757 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1036.467963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1036.467977] Call Trace:
[ 1036.467996]  <TASK>
[ 1036.468006]  dump_stack_lvl+0xfa/0x120
[ 1036.468055]  should_fail_ex+0x4d7/0x5e0
[ 1036.468090]  ? security_inode_alloc+0x3e/0x130
[ 1036.468121]  should_failslab+0xc2/0x120
[ 1036.468159]  kmem_cache_alloc_noprof+0x80/0x710
[ 1036.468185]  ? __pfx_map_id_range_down+0x10/0x10
[ 1036.468236]  ? security_inode_alloc+0x3e/0x130
[ 1036.468265]  security_inode_alloc+0x3e/0x130
[ 1036.468300]  inode_init_always_gfp+0xc9d/0xff0
[ 1036.468344]  alloc_inode+0x8d/0x250
[ 1036.468370]  new_inode+0x1e/0x160
[ 1036.468398]  __ext4_new_inode+0x35d/0x4cd0
[ 1036.468449]  ? avc_has_perm_noaudit+0x150/0x3d0
[ 1036.468494]  ? __pfx___ext4_new_inode+0x10/0x10
[ 1036.468536]  ? __pfx_avc_has_perm+0x10/0x10
[ 1036.468573]  ? __pfx___dquot_initialize+0x10/0x10
[ 1036.468622]  ext4_mkdir+0x331/0xb30
[ 1036.468664]  ? __pfx_ext4_mkdir+0x10/0x10
[ 1036.468697]  ? security_inode_permission+0x72/0xe0
[ 1036.468760]  vfs_mkdir+0x7b5/0xba0
[ 1036.468797]  do_mkdirat+0x11a/0x450
[ 1036.468843]  ? __pfx_do_mkdirat+0x10/0x10
[ 1036.468879]  ? strncpy_from_user+0x21b/0x2f0
[ 1036.468931]  __x64_sys_mkdir+0xf3/0x140
[ 1036.468969]  do_syscall_64+0xbf/0x420
[ 1036.468998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1036.469025] RIP: 0033:0x7f7208244c27
[ 1036.469047] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1036.469072] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1036.469097] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
03:50:53 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000003c0)='./file0\x00', 0x0)

[ 1036.469115] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1036.469131] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1036.469147] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1036.469162] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1036.469202]  </TASK>
[ 1036.495465] FAULT_INJECTION: forcing a failure.
[ 1036.495465] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1036.500829] CPU: 1 UID: 0 PID: 8769 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1036.500846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1036.500853] Call Trace:
[ 1036.500858]  <TASK>
[ 1036.500863]  dump_stack_lvl+0xfa/0x120
[ 1036.500890]  should_fail_ex+0x4d7/0x5e0
[ 1036.500909]  should_fail_alloc_page+0xe0/0x110
[ 1036.500928]  prepare_alloc_pages+0x1eb/0x550
[ 1036.500946]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1036.500967]  __alloc_frozen_pages_noprof+0x17f/0x2000
[ 1036.500990]  ? __is_insn_slot_addr+0x2e/0x290
[ 1036.501007]  ? __is_insn_slot_addr+0x136/0x290
[ 1036.501022]  ? lock_release+0xc8/0x270
[ 1036.501038]  ? 0xffffffffa0000000
[ 1036.501049]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1036.501070]  ? perf_trace_lock+0xb5/0x5d0
[ 1036.501088]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1036.501104]  ? lock_is_held_type+0x9e/0x120
[ 1036.501125]  ? __sanitizer_cov_trace_switch+0x54/0x90
03:50:53 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x7000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1036.501145]  ? policy_nodemask+0xeb/0x4e0
[ 1036.501160]  alloc_pages_mpol+0xed/0x340
[ 1036.501172]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1036.501182]  ? filemap_get_entry+0x1bb/0x3b0
[ 1036.501202]  ? __pfx_filemap_get_entry+0x10/0x10
[ 1036.501223]  folio_alloc_mpol_noprof+0x38/0xa0
[ 1036.501239]  shmem_alloc_folio+0x11b/0x140
[ 1036.501256]  shmem_get_folio_gfp.constprop.0+0x4ea/0x13a0
[ 1036.501280]  ? __pfx_shmem_get_folio_gfp.constprop.0+0x10/0x10
[ 1036.501301]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1036.501316]  ? simple_xattr_get+0x173/0x1d0
[ 1036.501339]  shmem_write_begin+0x194/0x3b0
[ 1036.501357]  ? __pfx_shmem_write_begin+0x10/0x10
[ 1036.501373]  ? mark_held_locks+0x49/0x80
[ 1036.501388]  ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190
[ 1036.501400]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[ 1036.501415]  ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0
[ 1036.501437]  generic_perform_write+0x391/0x810
[ 1036.501459]  ? __pfx_generic_perform_write+0x10/0x10
[ 1036.501477]  ? file_update_time_flags+0x24c/0x4f0
[ 1036.501499]  shmem_file_write_iter+0x111/0x140
[ 1036.501515]  vfs_write+0xbe9/0x1150
[ 1036.501531]  ? __pfx_shmem_file_write_iter+0x10/0x10
[ 1036.501545]  ? __fget_files+0x34/0x3b0
[ 1036.501561]  ? __pfx_vfs_write+0x10/0x10
[ 1036.501589]  __x64_sys_pwrite64+0x1f1/0x260
[ 1036.501605]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[ 1036.501627]  do_syscall_64+0xbf/0x420
[ 1036.501640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1036.501689] RIP: 0033:0x7f2dac3cdab7
[ 1036.501698] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[ 1036.501710] RSP: 002b:00007f2da998ff20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[ 1036.501721] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac3cdab7
[ 1036.501729] RDX: 000000000000003a RSI: 0000000020010000 RDI: 0000000000000004
[ 1036.501736] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff
[ 1036.501743] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004
[ 1036.501750] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000
[ 1036.501767]  </TASK>
[ 1036.501979] loop6: detected capacity change from 0 to 512
[ 1036.523669] loop3: detected capacity change from 0 to 512
[ 1036.541732] FAULT_INJECTION: forcing a failure.
[ 1036.541732] name failslab, interval 1, probability 0, space 0, times 0
[ 1036.543834] CPU: 0 UID: 0 PID: 8765 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1036.543866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1036.543879] Call Trace:
[ 1036.543887]  <TASK>
[ 1036.543895]  dump_stack_lvl+0xfa/0x120
[ 1036.543940]  should_fail_ex+0x4d7/0x5e0
[ 1036.543975]  should_failslab+0xc2/0x120
[ 1036.544018]  __kmalloc_node_track_caller_noprof+0xd7/0x820
[ 1036.544051]  ? vfs_parse_fs_qstr+0x112/0x1c0
[ 1036.544090]  ? kmemdup_nul+0x3b/0xa0
[ 1036.544123]  kmemdup_nul+0x3b/0xa0
[ 1036.544159]  vfs_parse_fs_qstr+0x112/0x1c0
[ 1036.544187]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[ 1036.544221]  ? __pfx_vfs_parse_fs_qstr+0x10/0x10
[ 1036.544268]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 1036.544298]  vfs_parse_monolithic_sep+0x198/0x220
[ 1036.544335]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[ 1036.544370]  ? alloc_fs_context+0x5d0/0xb20
[ 1036.544409]  path_mount+0x6d6/0x2140
[ 1036.544447]  ? kasan_quarantine_put+0x84/0x1e0
[ 1036.544479]  ? __pfx_path_mount+0x10/0x10
[ 1036.544511]  ? kmem_cache_free+0x2cd/0x660
[ 1036.544535]  ? putname.part.0+0xc0/0x160
[ 1036.544578]  ? putname.part.0+0xc0/0x160
[ 1036.544611]  ? putname.part.0+0xc0/0x160
[ 1036.544652]  __x64_sys_mount+0x293/0x310
[ 1036.544688]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1036.544753]  do_syscall_64+0xbf/0x420
[ 1036.544780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1036.544804] RIP: 0033:0x7f6a11ca804a
[ 1036.544821] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1036.544843] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1036.544865] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca804a
[ 1036.544880] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6a0f21c000
[ 1036.544895] RBP: 00007f6a0f21c040 R08: 00007f6a0f21c040 R09: 0000000020000000
[ 1036.544909] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[ 1036.544923] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[ 1036.544957]  </TASK>
[ 1036.586943] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
03:50:53 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x4000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1036.657236] Process accounting resumed
03:51:04 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x5000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:04 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x9000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:04 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x480}}, 0x414d02)

03:51:04 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x2000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:04 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 73)

03:51:04 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 15)

03:51:04 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 58)

03:51:04 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='maps\x00')
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:51:04 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x3000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1047.051932] loop6: detected capacity change from 0 to 512
[ 1047.055804] loop5: detected capacity change from 0 to 512
[ 1047.068533] FAULT_INJECTION: forcing a failure.
[ 1047.068533] name failslab, interval 1, probability 0, space 0, times 0
[ 1047.070661] CPU: 1 UID: 0 PID: 8795 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1047.070692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1047.070705] Call Trace:
[ 1047.070712]  <TASK>
[ 1047.070721]  dump_stack_lvl+0xfa/0x120
[ 1047.070763]  should_fail_ex+0x4d7/0x5e0
[ 1047.070794]  should_failslab+0xc2/0x120
[ 1047.070825]  __kmalloc_node_track_caller_noprof+0xd7/0x820
[ 1047.070856]  ? vfs_parse_fs_qstr+0x112/0x1c0
[ 1047.070893]  ? kmemdup_nul+0x3b/0xa0
[ 1047.070924]  kmemdup_nul+0x3b/0xa0
[ 1047.070957]  vfs_parse_fs_qstr+0x112/0x1c0
[ 1047.070992]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[ 1047.071023]  ? __pfx_vfs_parse_fs_qstr+0x10/0x10
[ 1047.071067]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 1047.071096]  vfs_parse_monolithic_sep+0x198/0x220
[ 1047.071128]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[ 1047.071160]  ? alloc_fs_context+0x5d0/0xb20
[ 1047.071196]  path_mount+0x6d6/0x2140
[ 1047.071231]  ? kasan_quarantine_put+0x84/0x1e0
[ 1047.071261]  ? __pfx_path_mount+0x10/0x10
[ 1047.071290]  ? kmem_cache_free+0x2cd/0x660
[ 1047.071312]  ? putname.part.0+0xc0/0x160
[ 1047.071352]  ? putname.part.0+0xc0/0x160
[ 1047.071384]  ? putname.part.0+0xc0/0x160
[ 1047.071421]  __x64_sys_mount+0x293/0x310
[ 1047.071454]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1047.071496]  do_syscall_64+0xbf/0x420
[ 1047.071521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1047.071543] RIP: 0033:0x7f6a11ca804a
[ 1047.071560] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1047.071581] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1047.071602] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca804a
[ 1047.071617] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6a0f21c000
[ 1047.071630] RBP: 00007f6a0f21c040 R08: 00007f6a0f21c040 R09: 0000000020000000
[ 1047.071644] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[ 1047.071657] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[ 1047.071688]  </TASK>
[ 1047.111379] FAULT_INJECTION: forcing a failure.
[ 1047.111379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1047.113162] CPU: 0 UID: 0 PID: 8801 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1047.113192] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1047.113205] Call Trace:
[ 1047.113214]  <TASK>
[ 1047.113222]  dump_stack_lvl+0xfa/0x120
[ 1047.113269]  should_fail_ex+0x4d7/0x5e0
[ 1047.113295]  ? page_copy_sane+0xce/0x2b0
[ 1047.113323]  copy_folio_from_iter_atomic+0x383/0x1820
[ 1047.113361]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1047.113393]  ? simple_xattr_get+0x173/0x1d0
[ 1047.113432]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[ 1047.113460]  ? shmem_write_begin+0x1ab/0x3b0
[ 1047.113495]  ? __pfx_shmem_write_begin+0x10/0x10
[ 1047.113524]  ? mark_held_locks+0x49/0x80
[ 1047.113553]  ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190
[ 1047.113577]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[ 1047.113604]  ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0
[ 1047.113645]  generic_perform_write+0x1d7/0x810
[ 1047.113686]  ? __pfx_generic_perform_write+0x10/0x10
[ 1047.113719]  ? file_update_time_flags+0x24c/0x4f0
[ 1047.113774]  shmem_file_write_iter+0x111/0x140
[ 1047.113804]  vfs_write+0xbe9/0x1150
[ 1047.113833]  ? __pfx_shmem_file_write_iter+0x10/0x10
[ 1047.113860]  ? __fget_files+0x34/0x3b0
[ 1047.113888]  ? __pfx_vfs_write+0x10/0x10
[ 1047.113940]  __x64_sys_pwrite64+0x1f1/0x260
[ 1047.113970]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[ 1047.114017]  do_syscall_64+0xbf/0x420
[ 1047.114044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1047.114067] RIP: 0033:0x7f2dac3cdab7
[ 1047.114085] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[ 1047.114106] RSP: 002b:00007f2da998ff20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[ 1047.114128] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac3cdab7
[ 1047.114143] RDX: 000000000000003a RSI: 0000000020010000 RDI: 0000000000000004
[ 1047.114156] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff
[ 1047.114170] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004
[ 1047.114183] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000
[ 1047.114215]  </TASK>
03:51:04 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xd000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1047.152409] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1047.153515] EXT4-fs (loop5): group descriptors corrupted!
03:51:04 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x6000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:04 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x500}}, 0x414d02)

03:51:04 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/56)
open_by_handle_at(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1000000002000e000000000000adb70000000000000000acd51286340b42066fda1f515c64aa8c6aff4943529ac4394e80db4ca7db3085324316fa8d492ae92083ae1c52016f004ce8cd4e9217"], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:51:04 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 59)

03:51:04 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 74)

[ 1047.285097] loop3: detected capacity change from 0 to 512
03:51:04 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x4000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1047.306205] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1047.307840] EXT4-fs (loop3): group descriptors corrupted!
03:51:04 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x7000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:04 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x10000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1047.355550] loop5: detected capacity change from 0 to 512
[ 1047.364811] FAULT_INJECTION: forcing a failure.
[ 1047.364811] name failslab, interval 1, probability 0, space 0, times 0
[ 1047.366455] CPU: 1 UID: 0 PID: 8815 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1047.366482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1047.366493] Call Trace:
[ 1047.366500]  <TASK>
[ 1047.366507]  dump_stack_lvl+0xfa/0x120
[ 1047.366546]  should_fail_ex+0x4d7/0x5e0
[ 1047.366573]  ? security_inode_alloc+0x3e/0x130
[ 1047.366596]  should_failslab+0xc2/0x120
[ 1047.366624]  kmem_cache_alloc_noprof+0x80/0x710
[ 1047.366643]  ? __pfx_map_id_range_down+0x10/0x10
[ 1047.366681]  ? security_inode_alloc+0x3e/0x130
[ 1047.366702]  security_inode_alloc+0x3e/0x130
[ 1047.366727]  inode_init_always_gfp+0xc9d/0xff0
[ 1047.366759]  alloc_inode+0x8d/0x250
[ 1047.366778]  new_inode+0x1e/0x160
[ 1047.366798]  __ext4_new_inode+0x35d/0x4cd0
[ 1047.366836]  ? avc_has_perm_noaudit+0x150/0x3d0
[ 1047.366868]  ? __pfx___ext4_new_inode+0x10/0x10
[ 1047.366899]  ? __pfx_avc_has_perm+0x10/0x10
[ 1047.366926]  ? __pfx___dquot_initialize+0x10/0x10
[ 1047.366962]  ext4_mkdir+0x331/0xb30
[ 1047.367000]  ? __pfx_ext4_mkdir+0x10/0x10
[ 1047.367019]  ? security_inode_permission+0x72/0xe0
[ 1047.367052]  vfs_mkdir+0x7b5/0xba0
[ 1047.367078]  do_mkdirat+0x11a/0x450
[ 1047.367107]  ? __pfx_do_mkdirat+0x10/0x10
[ 1047.367133]  ? strncpy_from_user+0x21b/0x2f0
[ 1047.367171]  __x64_sys_mkdir+0xf3/0x140
[ 1047.367199]  do_syscall_64+0xbf/0x420
[ 1047.367220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1047.367241] RIP: 0033:0x7f7208244c27
[ 1047.367256] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1047.367275] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1047.367293] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
[ 1047.367306] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1047.367318] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1047.367329] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1047.367340] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1047.367370]  </TASK>
[ 1047.419373] loop6: detected capacity change from 0 to 512
03:51:04 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 16)

03:51:04 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="10000000021535eb80d09b0000000b00000000ffffffffffffffff"], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:51:04 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x600}}, 0x414d02)

03:51:04 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x5000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1047.484078] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1047.507718] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1047.586737] FAULT_INJECTION: forcing a failure.
[ 1047.586737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1047.588533] CPU: 0 UID: 0 PID: 8836 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1047.588562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1047.588575] Call Trace:
[ 1047.588583]  <TASK>
[ 1047.588592]  dump_stack_lvl+0xfa/0x120
[ 1047.588634]  should_fail_ex+0x4d7/0x5e0
[ 1047.588660]  ? page_copy_sane+0xce/0x2b0
[ 1047.588686]  copy_folio_from_iter_atomic+0x383/0x1820
[ 1047.588724]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1047.588763]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[ 1047.588790]  ? shmem_write_begin+0x1ab/0x3b0
[ 1047.588824]  ? __pfx_shmem_write_begin+0x10/0x10
[ 1047.588853]  ? mark_held_locks+0x49/0x80
[ 1047.588882]  ? balance_dirty_pages_ratelimited_flags+0x8f/0x1190
[ 1047.588905]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[ 1047.588933]  ? ktime_get_coarse_real_ts64_mg+0x213/0x2a0
[ 1047.588972]  generic_perform_write+0x1d7/0x810
[ 1047.589020]  ? __pfx_generic_perform_write+0x10/0x10
[ 1047.589054]  ? file_update_time_flags+0x24c/0x4f0
[ 1047.589095]  shmem_file_write_iter+0x111/0x140
[ 1047.589123]  vfs_write+0xbe9/0x1150
[ 1047.589153]  ? __pfx_shmem_file_write_iter+0x10/0x10
[ 1047.589179]  ? __fget_files+0x34/0x3b0
[ 1047.589206]  ? __pfx_vfs_write+0x10/0x10
[ 1047.589258]  __x64_sys_pwrite64+0x1f1/0x260
[ 1047.589289]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[ 1047.589329]  do_syscall_64+0xbf/0x420
[ 1047.589354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1047.589377] RIP: 0033:0x7f2dac3cdab7
[ 1047.589394] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[ 1047.589415] RSP: 002b:00007f2da998ff20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[ 1047.589436] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac3cdab7
[ 1047.589451] RDX: 0000000000000001 RSI: 0000000020010400 RDI: 0000000000000004
[ 1047.589463] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff
[ 1047.589476] R10: 0000000000000800 R11: 0000000000000293 R12: 0000000000000004
[ 1047.589488] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001
[ 1047.589521]  </TASK>
[ 1047.658786] loop3: detected capacity change from 0 to 512
[ 1047.664378] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1047.665948] EXT4-fs (loop3): group descriptors corrupted!
03:51:15 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 17)

03:51:15 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 75)

03:51:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 60)

03:51:15 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x700}}, 0x414d02)

03:51:15 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x10000200}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:15 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x9000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:15 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x6000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:15 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000020000000b00"/19], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
sendfile(r0, r1, &(0x7f0000000040)=0x1, 0xffffffff)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r2, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r2, 0xffffffffffffffff, 0x0)
fsetxattr$security_selinux(r2, &(0x7f0000000080), &(0x7f00000000c0)='system_u:object_r:pam_exec_t:s0\x00', 0x20, 0xa062d24d41e4237)

[ 1058.810923] loop5: detected capacity change from 0 to 512
[ 1058.813932] loop6: detected capacity change from 0 to 512
[ 1058.821905] FAULT_INJECTION: forcing a failure.
[ 1058.821905] name failslab, interval 1, probability 0, space 0, times 0
[ 1058.822230] FAULT_INJECTION: forcing a failure.
[ 1058.822230] name failslab, interval 1, probability 0, space 0, times 0
[ 1058.824228] CPU: 1 UID: 0 PID: 8851 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1058.824264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1058.824279] Call Trace:
[ 1058.824288]  <TASK>
[ 1058.824297]  dump_stack_lvl+0xfa/0x120
[ 1058.824347]  should_fail_ex+0x4d7/0x5e0
[ 1058.824382]  ? getname_kernel+0x52/0x390
[ 1058.824418]  should_failslab+0xc2/0x120
[ 1058.824455]  kmem_cache_alloc_noprof+0x80/0x710
[ 1058.824482]  ? avc_has_perm_noaudit+0x59/0x3d0
[ 1058.824521]  ? find_held_lock+0x2b/0x80
[ 1058.824553]  ? getname_kernel+0x52/0x390
[ 1058.824588]  getname_kernel+0x52/0x390
[ 1058.824628]  kern_path+0x1f/0x80
[ 1058.824658]  lookup_bdev+0xc6/0x270
[ 1058.824698]  ? __pfx_lookup_bdev+0x10/0x10
[ 1058.824738]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[ 1058.824780]  get_tree_bdev_flags+0xb8/0x620
[ 1058.824810]  ? __pfx_ext4_fill_super+0x10/0x10
[ 1058.824844]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 1058.824876]  ? cap_capable+0xdb/0x380
[ 1058.824910]  ? security_capable+0x2f/0x90
[ 1058.824943]  vfs_get_tree+0x93/0x340
[ 1058.824971]  path_mount+0x726/0x2140
[ 1058.825022]  ? kasan_quarantine_put+0x84/0x1e0
[ 1058.825058]  ? __pfx_path_mount+0x10/0x10
[ 1058.825094]  ? kmem_cache_free+0x2cd/0x660
[ 1058.825134]  ? putname.part.0+0xc0/0x160
[ 1058.825171]  ? putname.part.0+0xc0/0x160
[ 1058.825216]  __x64_sys_mount+0x293/0x310
[ 1058.825255]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1058.825306]  do_syscall_64+0xbf/0x420
[ 1058.825336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1058.825363] RIP: 0033:0x7f6a11ca804a
[ 1058.825383] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1058.825408] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1058.825433] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca804a
[ 1058.825451] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6a0f21c000
[ 1058.825467] RBP: 00007f6a0f21c040 R08: 00007f6a0f21c040 R09: 0000000020000000
[ 1058.825483] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[ 1058.825499] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[ 1058.825537]  </TASK>
[ 1058.825671] /dev/loop6: Can't lookup blockdev
[ 1058.827103] CPU: 0 UID: 0 PID: 8855 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1058.827134] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1058.827146] Call Trace:
[ 1058.827154]  <TASK>
[ 1058.827163]  dump_stack_lvl+0xfa/0x120
[ 1058.827210]  should_fail_ex+0x4d7/0x5e0
[ 1058.827242]  ? getname_flags.part.0+0x48/0x540
[ 1058.827265]  should_failslab+0xc2/0x120
[ 1058.827297]  kmem_cache_alloc_noprof+0x80/0x710
[ 1058.827332]  ? getname_flags.part.0+0x48/0x540
[ 1058.827351]  getname_flags.part.0+0x48/0x540
[ 1058.827376]  getname_flags+0x95/0xe0
[ 1058.827403]  do_sys_openat2+0x9f/0x240
[ 1058.827426]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1058.827462]  __x64_sys_openat+0x142/0x200
[ 1058.827484]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1058.827521]  do_syscall_64+0xbf/0x420
[ 1058.827547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1058.827570] RIP: 0033:0x7f2dac3cda04
[ 1058.827587] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1058.827608] RSP: 002b:00007f2da998fed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1058.827630] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac3cda04
[ 1058.827645] RDX: 0000000000000002 RSI: 00007f2da9990000 RDI: 00000000ffffff9c
[ 1058.827658] RBP: 00007f2da9990000 R08: 0000000000000000 R09: ffffffffffffffff
[ 1058.827672] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 1058.827685] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[ 1058.827717]  </TASK>
03:51:16 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x7000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:16 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xd000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1058.913071] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1058.914488] EXT4-fs (loop5): group descriptors corrupted!
03:51:16 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x11000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:16 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x804}}, 0x414d02)

03:51:16 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 18)

03:51:16 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x10000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:16 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 61)

[ 1059.062398] loop3: detected capacity change from 0 to 512
[ 1059.082518] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1059.084022] EXT4-fs (loop3): group descriptors corrupted!
03:51:16 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x1fffefff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:16 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 76)

[ 1059.131347] loop5: detected capacity change from 0 to 512
[ 1059.141626] FAULT_INJECTION: forcing a failure.
[ 1059.141626] name failslab, interval 1, probability 0, space 0, times 0
[ 1059.143558] CPU: 0 UID: 0 PID: 8876 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1059.143588] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1059.143601] Call Trace:
[ 1059.143609]  <TASK>
[ 1059.143618]  dump_stack_lvl+0xfa/0x120
[ 1059.143662]  should_fail_ex+0x4d7/0x5e0
[ 1059.143694]  should_failslab+0xc2/0x120
[ 1059.143730]  __kmalloc_noprof+0xd6/0x830
[ 1059.143769]  ? security_inode_init_security+0x113/0x370
[ 1059.143801]  ? security_inode_init_security+0x113/0x370
[ 1059.143822]  security_inode_init_security+0x113/0x370
[ 1059.143846]  ? __pfx_ext4_initxattrs+0x10/0x10
[ 1059.143876]  ? __pfx_security_inode_init_security+0x10/0x10
[ 1059.143904]  ? crc32c+0x1ae/0x350
[ 1059.143929]  __ext4_new_inode+0x38f7/0x4cd0
[ 1059.143988]  ? __pfx___ext4_new_inode+0x10/0x10
[ 1059.144026]  ? __pfx___dquot_initialize+0x10/0x10
[ 1059.144067]  ext4_mkdir+0x331/0xb30
[ 1059.144104]  ? __pfx_ext4_mkdir+0x10/0x10
[ 1059.144126]  ? security_inode_permission+0x72/0xe0
[ 1059.144164]  vfs_mkdir+0x7b5/0xba0
[ 1059.144194]  do_mkdirat+0x11a/0x450
[ 1059.144228]  ? __pfx_do_mkdirat+0x10/0x10
[ 1059.144258]  ? strncpy_from_user+0x21b/0x2f0
[ 1059.144302]  __x64_sys_mkdir+0xf3/0x140
[ 1059.144334]  do_syscall_64+0xbf/0x420
[ 1059.144360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1059.144384] RIP: 0033:0x7f7208244c27
[ 1059.144402] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1059.144423] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1059.144445] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
[ 1059.144460] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1059.144475] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1059.144490] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1059.144503] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1059.144537]  </TASK>
[ 1059.282390] loop6: detected capacity change from 0 to 512
[ 1059.307458] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1059.320636] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:51:27 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 62)

03:51:27 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x9000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:27 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 77)

03:51:27 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 19)

03:51:27 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0xa9f}}, 0x414d02)

03:51:27 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x20000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:27 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x10000200}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:27 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', <r3=>0x0})
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev, r3}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r0, 0x89fa, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000040)={'syztnl2\x00', r3, 0x4, 0x1, 0x4, 0x8001, 0x0, @mcast1, @private1, 0x7800, 0x7, 0x8, 0x36}})

[ 1070.189350] loop5: detected capacity change from 0 to 512
[ 1070.201222] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1070.202728] EXT4-fs (loop5): group descriptors corrupted!
[ 1070.229885] Process accounting paused
03:51:27 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 63)

[ 1070.274916] FAULT_INJECTION: forcing a failure.
[ 1070.274916] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1070.276812] CPU: 1 UID: 0 PID: 8903 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1070.276841] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1070.276854] Call Trace:
[ 1070.276861]  <TASK>
[ 1070.276870]  dump_stack_lvl+0xfa/0x120
[ 1070.276913]  should_fail_ex+0x4d7/0x5e0
[ 1070.276944]  strncpy_from_user+0x3b/0x2f0
[ 1070.276989]  getname_flags.part.0+0x8d/0x540
[ 1070.277015]  getname_flags+0x95/0xe0
[ 1070.277042]  do_sys_openat2+0x9f/0x240
[ 1070.277064]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1070.277099]  __x64_sys_openat+0x142/0x200
[ 1070.277121]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1070.277158]  do_syscall_64+0xbf/0x420
[ 1070.277182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1070.277205] RIP: 0033:0x7f2dac3cda04
[ 1070.277222] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1070.277246] RSP: 002b:00007f2da998fed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1070.277267] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac3cda04
[ 1070.277281] RDX: 0000000000000002 RSI: 00007f2da9990000 RDI: 00000000ffffff9c
[ 1070.277295] RBP: 00007f2da9990000 R08: 0000000000000000 R09: ffffffffffffffff
[ 1070.277308] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 1070.277320] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[ 1070.277351]  </TASK>
[ 1070.302232] loop6: detected capacity change from 0 to 512
[ 1070.308102] FAULT_INJECTION: forcing a failure.
[ 1070.308102] name failslab, interval 1, probability 0, space 0, times 0
[ 1070.309944] CPU: 1 UID: 0 PID: 8902 Comm: syz-executor.6 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1070.309972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1070.309990] Call Trace:
[ 1070.309997]  <TASK>
[ 1070.310005]  dump_stack_lvl+0xfa/0x120
[ 1070.310042]  should_fail_ex+0x4d7/0x5e0
[ 1070.310072]  should_failslab+0xc2/0x120
[ 1070.310103]  __kmalloc_node_track_caller_noprof+0xd7/0x820
[ 1070.310135]  ? vfs_parse_fs_qstr+0x112/0x1c0
[ 1070.310171]  ? kmemdup_nul+0x3b/0xa0
[ 1070.310202]  kmemdup_nul+0x3b/0xa0
[ 1070.310235]  vfs_parse_fs_qstr+0x112/0x1c0
[ 1070.310262]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[ 1070.310293]  ? __pfx_vfs_parse_fs_qstr+0x10/0x10
[ 1070.310337]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 1070.310365]  vfs_parse_monolithic_sep+0x198/0x220
[ 1070.310398]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[ 1070.310430]  ? alloc_fs_context+0x5d0/0xb20
[ 1070.310466]  path_mount+0x6d6/0x2140
[ 1070.310501]  ? kasan_quarantine_put+0x84/0x1e0
[ 1070.310532]  ? __pfx_path_mount+0x10/0x10
[ 1070.310561]  ? kmem_cache_free+0x2cd/0x660
[ 1070.310584]  ? putname.part.0+0xc0/0x160
[ 1070.310625]  ? putname.part.0+0xc0/0x160
[ 1070.310656]  ? putname.part.0+0xc0/0x160
[ 1070.310694]  __x64_sys_mount+0x293/0x310
[ 1070.310727]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1070.310770]  do_syscall_64+0xbf/0x420
[ 1070.310794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1070.310815] RIP: 0033:0x7f6a11ca804a
[ 1070.310832] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1070.310853] RSP: 002b:00007f6a0f21bfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1070.310874] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6a11ca804a
[ 1070.310889] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6a0f21c000
[ 1070.310902] RBP: 00007f6a0f21c040 R08: 00007f6a0f21c040 R09: 0000000020000000
[ 1070.310916] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[ 1070.310929] R13: 0000000020000100 R14: 00007f6a0f21c000 R15: 0000000020012900
[ 1070.310961]  </TASK>
03:51:27 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x3f000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:27 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0xb00}}, 0x414d02)

03:51:27 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xd000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1070.410926] loop5: detected capacity change from 0 to 512
[ 1070.417657] FAULT_INJECTION: forcing a failure.
[ 1070.417657] name failslab, interval 1, probability 0, space 0, times 0
[ 1070.419775] CPU: 0 UID: 0 PID: 8908 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1070.419804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1070.419816] Call Trace:
[ 1070.419823]  <TASK>
[ 1070.419831]  dump_stack_lvl+0xfa/0x120
[ 1070.419874]  should_fail_ex+0x4d7/0x5e0
[ 1070.419905]  should_failslab+0xc2/0x120
[ 1070.419936]  __kmalloc_node_track_caller_noprof+0xd7/0x820
[ 1070.419965]  ? lock_acquire+0x15e/0x2d0
[ 1070.420000]  ? sidtab_sid2str_get+0x85/0x6f0
[ 1070.420026]  ? sidtab_sid2str_get+0x17e/0x6f0
[ 1070.420060]  ? kmemdup_noprof+0x2b/0x60
[ 1070.420092]  kmemdup_noprof+0x2b/0x60
[ 1070.420125]  sidtab_sid2str_get+0x17e/0x6f0
[ 1070.420158]  sidtab_entry_to_string+0x33/0x110
[ 1070.420187]  security_sid_to_context_core+0x350/0x620
[ 1070.420218]  selinux_inode_init_security+0x432/0x650
[ 1070.420250]  ? __pfx_selinux_inode_init_security+0x10/0x10
[ 1070.420282]  ? security_inode_init_security+0x113/0x370
[ 1070.420315]  security_inode_init_security+0x1bc/0x370
[ 1070.420338]  ? __pfx_ext4_initxattrs+0x10/0x10
[ 1070.420365]  ? __pfx_security_inode_init_security+0x10/0x10
[ 1070.420394]  ? crc32c+0x1ae/0x350
[ 1070.420418]  __ext4_new_inode+0x38f7/0x4cd0
[ 1070.420470]  ? __pfx___ext4_new_inode+0x10/0x10
[ 1070.420508]  ? __pfx___dquot_initialize+0x10/0x10
[ 1070.420549]  ext4_mkdir+0x331/0xb30
[ 1070.420585]  ? __pfx_ext4_mkdir+0x10/0x10
[ 1070.420608]  ? security_inode_permission+0x72/0xe0
[ 1070.420645]  vfs_mkdir+0x7b5/0xba0
[ 1070.420675]  do_mkdirat+0x11a/0x450
[ 1070.420708]  ? __pfx_do_mkdirat+0x10/0x10
[ 1070.420739]  ? strncpy_from_user+0x21b/0x2f0
[ 1070.420783]  __x64_sys_mkdir+0xf3/0x140
[ 1070.420815]  do_syscall_64+0xbf/0x420
[ 1070.420840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1070.420863] RIP: 0033:0x7f7208244c27
[ 1070.420880] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1070.420902] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1070.420923] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
[ 1070.420938] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1070.420951] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1070.420964] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1070.420977] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1070.421011]  </TASK>
03:51:35 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 78)

03:51:35 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 64)

03:51:35 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x11000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:35 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x40000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:35 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x10000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:35 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x1201}}, 0x414d02)

03:51:35 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
dup(r0)
close_range(r0, 0xffffffffffffffff, 0x0)

03:51:35 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 20)

[ 1078.864257] loop6: detected capacity change from 0 to 512
[ 1078.871928] FAULT_INJECTION: forcing a failure.
[ 1078.871928] name failslab, interval 1, probability 0, space 0, times 0
[ 1078.873035] CPU: 0 UID: 0 PID: 8932 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1078.873051] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1078.873059] Call Trace:
[ 1078.873063]  <TASK>
[ 1078.873068]  dump_stack_lvl+0xfa/0x120
[ 1078.873095]  should_fail_ex+0x4d7/0x5e0
[ 1078.873113]  ? alloc_empty_file+0x58/0x1e0
[ 1078.873131]  should_failslab+0xc2/0x120
[ 1078.873149]  kmem_cache_alloc_noprof+0x80/0x710
[ 1078.873167]  ? alloc_empty_file+0x58/0x1e0
[ 1078.873184]  alloc_empty_file+0x58/0x1e0
[ 1078.873203]  path_openat+0xee/0x2d30
[ 1078.873228]  ? __pfx_path_openat+0x10/0x10
[ 1078.873246]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1078.873268]  do_filp_open+0x1e8/0x450
[ 1078.873283]  ? __pfx_do_filp_open+0x10/0x10
[ 1078.873306]  ? find_held_lock+0x2b/0x80
[ 1078.873317]  ? alloc_fd+0x2c1/0x560
[ 1078.873332]  ? lock_release+0xc8/0x270
[ 1078.873350]  ? _raw_spin_unlock+0x1e/0x40
[ 1078.873366]  ? alloc_fd+0x2c1/0x560
[ 1078.873386]  do_sys_openat2+0x107/0x240
[ 1078.873398]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1078.873417]  __x64_sys_openat+0x142/0x200
[ 1078.873429]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1078.873449]  do_syscall_64+0xbf/0x420
[ 1078.873462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1078.873475] RIP: 0033:0x7f2dac3cda04
[ 1078.873484] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1078.873496] RSP: 002b:00007f2da998fed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1078.873507] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac3cda04
[ 1078.873515] RDX: 0000000000000002 RSI: 00007f2da9990000 RDI: 00000000ffffff9c
[ 1078.873522] RBP: 00007f2da9990000 R08: 0000000000000000 R09: ffffffffffffffff
[ 1078.873529] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 1078.873536] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[ 1078.873553]  </TASK>
[ 1078.908600] loop5: detected capacity change from 0 to 512
[ 1078.925953] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1078.927502] EXT4-fs (loop5): group descriptors corrupted!
03:51:36 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x10000200}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:36 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
sendfile(r0, r0, 0x0, 0xba9b)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
dup3(r1, 0xffffffffffffffff, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:51:36 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x1fffefff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:36 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 21)

03:51:36 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x50020000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1079.002623] loop3: detected capacity change from 0 to 512
[ 1079.014664] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1079.015455] EXT4-fs (loop3): group descriptors corrupted!
[ 1079.021606] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
03:51:36 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x10020000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:36 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x2103}}, 0x414d02)

[ 1079.036356] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:51:36 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 65)

03:51:36 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)) (fail_nth: 79)

03:51:36 executing program 4:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x100000000, 0x9, &(0x7f0000001740)=[{&(0x7f00000000c0)="572c311a97ad9c508ba21b04e46be30c0ac515081438febc1a93b922935f962b8bbce50d45757f9765b6a35759ff1296dbc3cfa0fce2c749b35a98ed3dfe12eb651b291f6ecf28f1b21babc7127e7b9fb0c7b36b67997799504d1614d027bd8529cfb6ff46c700d0194f1a7232d836bc73a9a975e4eaff69dee7bd03263c5d2dc2ef6f04ac4a30a2ace6abe90b9c57ab1864c7db053806cafa9309ae19ad888077ae", 0xa2, 0x1}, {&(0x7f0000000180)="dbcdb91367f90b867e5668625b0bdb92d0c6c183dbd5a3aea884acfa2e73553889ec7faf426b4b3610620a68576f7a71cb50b79c0b17827c88a122e3777edbebec83f296a4326aeedec3e345c8be8da27bf96dc7596d6e50f3664d9a6c985618326ad5103c4fb0eb", 0x68, 0xfffffffffffffffd}, {&(0x7f0000000400)="c79e2a7449e4acbd3dbdd0d5ad52e4d478e5dbe0cce736c00fa8e252d22bd49198264715308efa0a324f2cccb4033471648b420f034e22db80a4bf0271ee78733e9dd36f81ee0b4ebc3982bfa741147784beb1564ee8e14c1553d4145851589b6574f3240e3bb372e60d42afe31931018752a3027db13ff6dbb8f35e03794bc7f2eff74899752003cde162f00f37c08a117c01296064ebe1187e37ff4abd24475a8cf8bd932fd5eda61681e627d64380a8ae881df8c316a962048ee69db676fb8b5f7bde8e4caf1d011b5a775cf55ac43cdb7cf801c6bad4dd35605f014d689f08d1e2fb0e8db38a2113df8d2e4b553a329fde30bbc2f1d742a2d821f4f917c7a82f7bce3e5d5416fa922b3ae02f967787249ad43cf287b32ebdbcfe0fc5920d67cc07d68a16640fcb4e423d55e6f90f2003e74db8d4b8f395ec903d0ae51bd32dd66ce567307f3c732d410f8d13097d58aa80e07a47031463f5383fda3afb360be454dce10bceef928ad36b7a0ff5aff565878a00d20b546fc8d58c623eb21e3e86648e6898db5e65abe0e4111f2413d9706a96f960288b6b6659fb415d4ed45a383987522f1bea28e07e08199ad7967933c2b5303dd94ad19016ebc40f9347a7e50cb6e0e8331b56ad3431928361600728b626f6f2138b2239212572f0ff08dde963fd70afbb0070fcab40c6cfb6436cc2e54af5191331e08a753b990ade2501f323ba065e70995bee9c06954a31a1b428dfbd3a8993647804fb82a95aa162c73ec1a5ecbe6f105551a0337cebb17e905a62ab08f40543d2ae940bfbe28974088dcb40ba2625ab59e286fdd660fd4d3d03e7a934171c240060beb933fc94d11b821ecac5270540d133cae592be0f731ce6c421c417cbde9775dda6974ea08ed63c7bb818fadc3da39b94898f97af17aa819568dd8a745b0324ad51d2899362b0ade0ec8504afe5c4ed26003d55d5d3930c8f886f347c303efcf5d75a71363d0b6d57d1f1e3b0bf581440fa05f5101b994be8896820de0ed3490c38aade4b544ffe71509b16f6e16d842a315d327a1084df13c3615b90d47ea8fbf6fdea1710cf657f7979ca06ba4862709d12dd8a86d389111b7d1c08d39eead539bc0b46bd002f066d09eaa69480d37c5877031fdd3d4437c26ba6934c46b5b0a281e48ab95073557038bb7f2757b23cc256501cbb14e6bd8603acfd674e32047bf6ee28a67db9d12506892d16b72b9a9fe9ca741bf5b5575bbd4ddb33fe8d31daab24cb774023bd4e382927962cdab3328c905dc091bd8a338dd1ed712a34d99e6eab6bdded1766fd985dc7e88845343a65dc06eb0c318e5b33881912dafc2d003b388ce0b7e7e970933e230fbb11676fe64f202ba293f758a3fc371f872da0a338b7144fa1fed95122437e44bab42e1d57cef125c5ba956ab1c4a16147c6806b8fab07d549be6666f37c46b9b4fcb01491d5819143911ab0b65215d74b5e4d34aca624326cdf3ff203b1385f81d31b68bd1e6c4ee5b756fc5f1d75c8cea1f8ee48770cfcc7a141a77127a60349f1f576723727f67b35be4a8a4ced5fb2cceed6cc34761eaf37a0c3e573455956ea3899c6288fddce5c770bae99eea61ab3ad44f98a2c3c5ab65a431a2c5e30859fc1aec55ca35cd1a3cfc5433d6dfa45c0e6ae151605654e5cfe4459b27c4754b131afff6cf8a9e1d4c09b15b481c84847ff6737faad216d2bfc538238c9ea46a5e2bfbe4baca9c77c09ad885f1cbb8499b7febe86ddf6681d4c10537f39dbba1bb7303ae8cebfd03666b6dc979e8268670601a6ea31a2d2a5a61a6f60aa664e6ec7bdc1657e9ae1d846d69a70ad85b5a9d40a86c7128dfe9b620c9466126dec8b59532abdc1be7d5469a812e2c00ca98d0bc5460872bc4d5707f11356ffe34df9d35521c38890dcda65a30302fc24ab45e8f3618948f65cfaaf3715900735c1226900b357bb49a8c1521ee0ed47e3432c24f5a50ce6900dd4c981f6552e6e7a960b2547196769809179c6e9ad79a4e6354143924f15f3cf26140880c265c4ad82823cff32d1194c0ce301f0571acb79582d289d28127662b2f9c62543ca38f3e3e6e831ab16a3d6c486b9a05d6cc778787f8ee38ac2edcc84cb41d6b0f5489637cc448e1b476fb4f251d9e141f1641093ba26dba5c6bbd63734ff13a47f27c79ca26bddadd63dd46101daa3897384637b6e02f64e453682cb49da14be7f68971c19ba5aa6f3b521f6f30508cb85999a8c2e910a3f0d62bd57a58beb91267ac0d7aa6294382d3776e2c2b9b6b5b747aacd6463012899d14f4340581f4abcb1215b5979c8e31b8b8876ab658a2a6852940f5716a6d8892729e7b355cf194dc8b65e94e214125acc4863d1299e6c1efd107285549c54152e0ac139ebee90b1c296dbacb47aba4691298d719e556e2217909b584f7175508150edcfc87536b071b6b2f2f3502d06e1d2d9bea86013e9e5eba127e0725ee8705a3108a1e5fe8df1663a2644ea86e693909c490e7e43aa3b087ce6e15a948195cbb337aa8b5e8845154143ba92d44ea79096d249b3956cc86ec604da668bce4469d0b483126c73ba2a463b2d4da3f70db38b78d139317903014e1bd740379d5cd26d06478542a740b552bc6879d9fede99230d822289138ee1c6d8514dc5db00dd1dfd311a601b06b5718b26c880c37aaa9519dbc9cdcf715bf566e041db701a27eb823fcb9c9754dded6382d46796077c928fc6389025f656c223dbeb86cea7235055e57f9d4f6bf7e4c8a61724e5f2096f643ceeebb55c077ecf0d3ec3b1a28cd8c5862f5ca3e33afa9b0ca62dbff843a30cb0b6bc1af49ddba7970036be13b59b5ab5fe8f82637cf7c66ff9dac76802d3f8f14e5fa37327a87db994007ab6baa4a4cad1e40858bd8bb9e6132cadcea1aeb52802a529029e4269e1e3a54ab15a895df78c7ecd5fab55af36867c2ea508f08955e07f34ec32a9d41eb70f90c4917fcd4f812f790f3bcd93aaf388a6524f2346e88876a6b7d47078980e4095d415cd232126a2b1db2b8432b6ff2403af61def7a0ba8de57f81237382740eb74645f36f2e994835668e74b0c086349092101bf18b0b513632e10b7f6dc1e1ca535e221e7b575e0ae6cd0025b81319be458ae5090b9a36e4f9395b47c9cfb0f634354ac88486aa9cd7b861f897f1594e3918373e50b197ae38f3921142e43055e9e0f6f9dbc90385d15231bdbca95b02067687c4f9211c8d93d6014b63c30f08d22a3bbee682ff21394fd35df873da91a3432b42f938f3fb98f316da2b5c63aefebb71772a5fb316dfb49036ba0fe9861c8b1832be0b7663b901d23521946eed89d710916e546e719b2759eebea59da22060db8d4b932c6a828b22afee3e741d720686ced24610bcbbf9182a0b6c5de7256be716d6b6926a1fa22f5e9841cd686c7f16620a0d2e480fc5bc50c1256b1b6ad2bec5a85f124c37b5a94bf1f7249163ff176276cdb292ec849e74f947bfbf63776ca441046bedecada652737def199c628817236bb63c9a6ac4821049932ba1c94e259151561bf7cc1e413973617375259b7609ed49ec8c255614e6a97b38d17b70bc316ceff9db93760ca84278032657cb6c4497708784789ea76388a80112428f78acd1375c29b71fe19bbb257c1d7c09b27256dcd736938f2281581c5cf1a1c7212de77aa7b4ba5c2837f0cdfc3cb8e6cd304e8edae0b0c8422efb5cd7ef5ccf02e0cef7e29943a41283bf1f545dc505a65f309b84280e4408c21aec43bf21bbafd17870135afe62f90db0b60e41aec9dfa35484f215745166e4157073705c096c4289411b7bb99adb08d0b530ade99f0d47d7d922880549543e799e77e08746ffeaed736a665cfd368339dc94d5319a8dcae3b6461870df5c5197809e7b7a5929d2b15035bebdde46f61e00d97194397dbeda87bda96b7ddec86e03f484901627815b237bce98a5c4d6c873cf96f39aeb148f76d5c7dcb92e20c201bd8e0b60d7067a7c69c1e0c06776147fdc365c0a14ff566e0e148ab0b6d2f50a5e9555ba59630a0414cbc8a5d106b2ad053ce89aa3eb306d4bfae57818d193f3d473c37ddfee4ddb22b0e1fb2b053e042e012b1bb684e0ef30316ca19d865d50c3978808fedf522c34783ee9706426c9eafe3098e60e858f50c7ea341c08f636d3995ae187eb19b83ef3e8aa73fa5302f94b81ed77c0b1fbdc42d4a85981a673d6908977eba073425cadaab53792b396107d67551946fba92f637e8608a3e0200100bd4871445d4ed5e948cf789d1fffec1e91dc633601f960fb7b0e9f6c623a6bac305ae1ddd027bf7253b66ed6edff66f39bf38cf434ed10006d0c9e0b9588d7460297dbf07f7c63836d2f2cac0fdb9d1f16238442bdb716d48562d0b00a3f20a685819c66557265db33ccea293469808431cbc446acf6913a21dd8b7a82ea7e81aca5cb10db2a49df71f2215b4a96192c3f2fc1775fd5609b4e895eb4ae3f177091a3c888bc3c19e8504e3c58abd96e40a13b7a55bc2962c707606bc88182ba8bc652c5ce882c430b24126c0dd6f3728c802812d679f398eebb2ad96f572af2551b84ce46b8939420e7e72b18a0fad09b9630d61b3bf86a6bf2b277527ef6563239162791b60e032dc67794b95aef62b0c99cebc6c94f634a3baeb48d0d93704827fd1fed781c7419955716702292e7544c3da1b9b6f2afc5bba7f4e77464e0ed3a9bdd79689e536cfea48fd8e72a5d08e19062bea6c694d462c981c32cae57187940f53593f375d4b2cc59efb1e3b1b5df033f77ed121cd1581195582d28ed119a584d1f6a28c529e0e6b353ee5181711b98b95b86b1f12598a012e35d0725258c16363cf4c996405bb60073338b76737ba5a21ff6cb51a499072132630a6fc3fafa9e8459d1f42b6cd8671d7686bfa2266a3ef63cd42729833ce4ff00ab6636095f175fb19ca47aeae7301773852b1d71d109ae35e9c501c2856e8868649259a3950f29487070a85463179d1b68f587ca1f25ac2107d6ee62e2808aef2e89bc915188057f07434cf5aea9078f06dff2369fbed0e9555f49c2eed8bce3f82371cc37de15fb13a0597af33aa87e85e1474353e2d9239702d2f2064770f8e82a1a5053d5bf0c7cb0dda3da67a0c218cde8f5dc77f62ff3eef1e35238bb291c90e20fc1e0109ead857087c6e88258941c8904274c820d7a2932357ef149dbc5988409f68839d7e9345f54c54c22bffa273c481058f3f30a9d1ca32b670ab35431fcf5170bf8915ca684708331559be38ea08fbf414b7beb0c1608f853e908f4076b48f17b1a2185b4991ba5982e961ad7a565cad776341137f203499bdf568bf6bcc0395ac6eb4ed21650fede1a62d7a433941deacc53aa377709c02b9820d6f4bcd990eeaed96412fa00cef0577e62ba09e4a32701f818f6ff77ce1d0031815cfa7604e576647d764731ed0678b7b494b9a1a3531a0d667e930cf145b99ed4b71a5d6be599e826c5c84a87bfa25f5a98f3b73b199e0e70c7eb8b586875343361f4e615caef13a30d8448f9c25a4e1171dc1fb07b97034d7241177cae5ce638815724e2a1b42061e727d7c556d97338cd79156bb52e006cbd9729d58878d11613a07c3e46ece669df50e8fc1b18ee640911ff358ef90bad2dff9605db5f7e88f429f8dddfac744014ecfdbb4b413b89662204014c01cb13aa4c392e88f536bb3f64bb9c06cb3fca5293a903bccf6acdfe7162635851913cf36b1e71314124d19b9f2e33a1449d48d5a45071dea11fdf791a", 0x1000, 0x101}, {&(0x7f0000000200)="e5cef102e498c369fb02d99e9c92e0e6a8e591855d9fcecc80b21b60297f38cd9f766fdd490e374fb0cd9c8a7e0fd3f6248f6122935b", 0x36, 0x1}, {&(0x7f0000000240)="1427abcb12afd0e9172a453f4099a652bdbc99345ff77c13259894a5e6b34573edcf7320b6a65372823e14fec577aba4a7ed3552242ce2c77fc5ab06bbc44c2333da2e1e364fc29e531ecdea2ac2abb049617191764b919fff087df33575e0d55ac2a221b744357e4618d3e0452ca6911db5c67e8734f39b12f850455fec279d734a6bef052607d30e70198c3b24ebff72ff11855148f05ef78875148ffad6dde6f5be100e6f239cc9f4896d5ceaad37c163ee4fc7cc24b3722b5e707f1d", 0xbe, 0x200}, {&(0x7f0000001400)="264bc10ca232a7af379aa93bcf14640bda8afe8e407237ead68f962982873c1c7b1a5f0726469e6a3240d037abb9d847827ca355397d2046c2f6189422bdb037164f35122831f16bb2b815f69b2290128af2fbcd6c4139b19c51348ab7349179d90e9c9d791b4a31bbbb1fbd7a996d5be72c23e16818d3dd2a38b3df7a0bc2009ae2dd30909fa3ea11eb7e61eec095aa5b920a59e789", 0x96, 0x8}, {&(0x7f00000014c0)="06ab7ef393e61e48e34819ed5aa3bc647c0655a65a66c94e78497a19d3353274db6e6c74f237daf1fa804d0ec54a0fc2c8795fd54d23dbcfbb3b91a9969bd59afe235f03ff74c6bb017663b62dcff1da29fcd42caec92917666798db375869caaf455519dc6a083e1cf35d43965c9ae8e59670fd494fc259a3febb5a83d3d7c3c44a1f4b3e469a940cb1013c69389ae652f2091bec7cc36078d7da5d9d5e4168ecdeaae222aad7f77d1a681c67468a72c4dc8fb031764e9853b4f2f948effbc48c2475ab4d5bf7d046dfd6437d37dd7049baef18a7da1c50957c", 0xda, 0x7ff}, {&(0x7f00000015c0)="691f7bd4ae04a352ecfe2ed86edb2d565c1c1d6048974062ff389649739e917ec185d7499a802f8bf02e350919d183bea38c288b04fb29bc07bdcdc3720bcf78d8e56f658ec523ed2106088857a0be36ec3a9d3d96b546a381e9f36945118b17b2f31a0e069166ebda0b082d4ce590c25e0c7c68fb31e14cbe78d0f0a91e5e7b1b4581aa6f440df8b690fdd7f1fea2e167112caf682a4490d18d014b9f0fec697e6d63dcfd7d8ffd2d5a9559290cb4a817d4b45b2a8f", 0xb6, 0x4}, {&(0x7f0000001680)="55758fd30f75ea1f4a250f9cc18cae083511911c0e811a5614adc4c7fb03e9e6585a03db713d18804003ec8ca283be0f2898ffffaadb9c690730b565d9a6ba64ac65350978af0163eeffaeb4812b33780c31f9330d74b451cf4b6548059251961f1344a5912e46923903f21a152f326b03b01b71bd52448ad431ccdc25b9ed3eaa4b5ccc3f29a1a74e2de477267b475de066b6a4fbc6d77e62a24d25d5e583941aa15818c96b2edd", 0xa8, 0x8}], 0x800c, &(0x7f0000000300)={[{@data_err_abort}, {@nodelalloc}, {@sysvgroups}], [{@obj_role={'obj_role', 0x3d, '\\-{:/^[/'}}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000340)={0x0, 0x0, r1, 0x8})
copy_file_range(r1, &(0x7f0000001840)=0x7, 0xffffffffffffffff, &(0x7f0000001880)=0x1b, 0x6, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
sendfile(r0, r2, 0x0, 0xf9b9)

03:51:36 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 22)

[ 1079.130533] loop5: detected capacity change from 0 to 512
[ 1079.138570] FAULT_INJECTION: forcing a failure.
[ 1079.138570] name failslab, interval 1, probability 0, space 0, times 0
[ 1079.139709] CPU: 0 UID: 0 PID: 8959 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1079.139725] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1079.139732] Call Trace:
[ 1079.139736]  <TASK>
[ 1079.139741]  dump_stack_lvl+0xfa/0x120
[ 1079.139769]  should_fail_ex+0x4d7/0x5e0
[ 1079.139786]  ? __es_insert_extent+0xed2/0x1370
[ 1079.139801]  should_failslab+0xc2/0x120
[ 1079.139819]  kmem_cache_alloc_noprof+0x80/0x710
[ 1079.139839]  ? __es_insert_extent+0xed2/0x1370
[ 1079.139852]  __es_insert_extent+0xed2/0x1370
[ 1079.139867]  ? __pfx_do_raw_write_lock+0x10/0x10
[ 1079.139894]  ext4_es_insert_extent+0x438/0x1060
[ 1079.139916]  ? __pfx_ext4_es_insert_extent+0x10/0x10
[ 1079.139931]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1079.139947]  ? kasan_save_track+0x14/0x30
[ 1079.139967]  ? lock_acquire+0x15e/0x2d0
[ 1079.139988]  ? find_held_lock+0x2b/0x80
[ 1079.139999]  ? ext4_es_find_extent_range+0x1cf/0x4b0
[ 1079.140014]  ? lock_release+0xc8/0x270
[ 1079.140030]  ? do_raw_read_unlock+0x44/0xe0
[ 1079.140052]  ext4_ext_map_blocks+0x1716/0x5e50
[ 1079.140078]  ? bdev_getblk+0x195/0x840
[ 1079.140099]  ? __pfx_ext4_ext_map_blocks+0x10/0x10
[ 1079.140115]  ? crc32c+0x1ae/0x350
[ 1079.140127]  ? look_up_lock_class+0x56/0x130
[ 1079.140147]  ? register_lock_class+0x41/0x550
[ 1079.140166]  ? __lock_acquire+0x453/0x2150
[ 1079.140188]  ? lock_acquire+0x15e/0x2d0
[ 1079.140202]  ? ext4_map_blocks+0x4a8/0x1470
[ 1079.140222]  ext4_map_query_blocks+0x110/0x900
[ 1079.140238]  ? __pfx_ext4_map_query_blocks+0x10/0x10
[ 1079.140251]  ? do_raw_read_unlock+0x44/0xe0
[ 1079.140268]  ? __pfx_down_read+0x10/0x10
[ 1079.140281]  ? ext4_es_lookup_extent+0xcd/0xb50
[ 1079.140302]  ext4_map_blocks+0x4bc/0x1470
[ 1079.140322]  ? __pfx_ext4_map_blocks+0x10/0x10
[ 1079.140338]  ? __pfx_ext4_initxattrs+0x10/0x10
[ 1079.140353]  ? __pfx_security_inode_init_security+0x10/0x10
[ 1079.140369]  ? crc32c+0x1ae/0x350
[ 1079.140380]  ? __brelse+0x86/0xa0
[ 1079.140395]  ? __ext4_new_inode+0x116/0x4cd0
[ 1079.140416]  ext4_append+0x1af/0x530
[ 1079.140436]  ? __pfx_ext4_append+0x10/0x10
[ 1079.140454]  ? __pfx___ext4_new_inode+0x10/0x10
[ 1079.140478]  ext4_init_new_dir+0x13c/0x240
[ 1079.140491]  ? __pfx_ext4_init_new_dir+0x10/0x10
[ 1079.140510]  ext4_mkdir+0x3c5/0xb30
[ 1079.140527]  ? __pfx_ext4_mkdir+0x10/0x10
[ 1079.140539]  ? security_inode_permission+0x72/0xe0
[ 1079.140559]  vfs_mkdir+0x7b5/0xba0
[ 1079.140577]  do_mkdirat+0x11a/0x450
[ 1079.140595]  ? __pfx_do_mkdirat+0x10/0x10
[ 1079.140611]  ? strncpy_from_user+0x21b/0x2f0
[ 1079.140635]  __x64_sys_mkdir+0xf3/0x140
[ 1079.140652]  do_syscall_64+0xbf/0x420
[ 1079.140666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1079.140679] RIP: 0033:0x7f7208244c27
[ 1079.140688] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1079.140700] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1079.140711] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
[ 1079.140719] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1079.140727] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1079.140734] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1079.140741] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1079.140760]  </TASK>
[ 1079.178928] FAULT_INJECTION: forcing a failure.
[ 1079.178928] name failslab, interval 1, probability 0, space 0, times 0
[ 1079.179882] CPU: 0 UID: 0 PID: 8963 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1079.179898] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1079.179905] Call Trace:
[ 1079.179908]  <TASK>
[ 1079.179913]  dump_stack_lvl+0xfa/0x120
[ 1079.179934]  should_fail_ex+0x4d7/0x5e0
[ 1079.179949]  ? security_file_alloc+0x35/0x130
[ 1079.179964]  should_failslab+0xc2/0x120
[ 1079.179984]  kmem_cache_alloc_noprof+0x80/0x710
[ 1079.179996]  ? __create_object+0x59/0x80
[ 1079.180011]  ? security_file_alloc+0x35/0x130
[ 1079.180026]  security_file_alloc+0x35/0x130
[ 1079.180042]  init_file+0x95/0x4c0
[ 1079.180062]  alloc_empty_file+0x76/0x1e0
[ 1079.180081]  path_openat+0xee/0x2d30
[ 1079.180105]  ? __pfx_path_openat+0x10/0x10
[ 1079.180123]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1079.180143]  do_filp_open+0x1e8/0x450
[ 1079.180158]  ? __pfx_do_filp_open+0x10/0x10
[ 1079.180180]  ? find_held_lock+0x2b/0x80
[ 1079.180191]  ? alloc_fd+0x2c1/0x560
[ 1079.180206]  ? lock_release+0xc8/0x270
[ 1079.180224]  ? _raw_spin_unlock+0x1e/0x40
[ 1079.180239]  ? alloc_fd+0x2c1/0x560
[ 1079.180259]  do_sys_openat2+0x107/0x240
[ 1079.180270]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1079.180289]  __x64_sys_openat+0x142/0x200
[ 1079.180301]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1079.180321]  do_syscall_64+0xbf/0x420
[ 1079.180334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1079.180346] RIP: 0033:0x7f2dac3cda04
[ 1079.180354] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1079.180366] RSP: 002b:00007f2da998fed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1079.180377] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac3cda04
[ 1079.180385] RDX: 0000000000000002 RSI: 00007f2da9990000 RDI: 00000000ffffff9c
[ 1079.180392] RBP: 00007f2da9990000 R08: 0000000000000000 R09: ffffffffffffffff
[ 1079.180400] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 1079.180407] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[ 1079.180424]  </TASK>
[ 1079.194796] loop4: detected capacity change from 0 to 264192
[ 1079.206589] ext3: Unknown parameter 'obj_role'
[ 1079.213279] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1079.214290] EXT4-fs (loop5): group descriptors corrupted!
03:51:45 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x20000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:45 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 23)

03:51:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0x40}}, './file0\x00'})
close_range(r0, 0xffffffffffffffff, 0x0)

03:51:45 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x7bffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:45 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x11000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:45 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x2400}}, 0x414d02)

03:51:45 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 66)

03:51:45 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1087.908412] loop5: detected capacity change from 0 to 512
[ 1087.914733] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1087.915643] EXT4-fs (loop5): group descriptors corrupted!
[ 1087.951708] loop3: detected capacity change from 0 to 512
[ 1087.966369] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1087.967135] EXT4-fs (loop3): group descriptors corrupted!
03:51:45 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 67)

03:51:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x9, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[ 1087.974771] loop6: detected capacity change from 0 to 512
03:51:45 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x3f000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:45 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf0ffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:45 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x2f00}}, 0x414d02)

03:51:45 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x1fffefff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:45 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 24)

[ 1088.076691] loop5: detected capacity change from 0 to 512
[ 1088.081792] FAULT_INJECTION: forcing a failure.
[ 1088.081792] name failslab, interval 1, probability 0, space 0, times 0
[ 1088.083049] CPU: 1 UID: 0 PID: 8997 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1088.083066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1088.083075] Call Trace:
[ 1088.083080]  <TASK>
[ 1088.083084]  dump_stack_lvl+0xfa/0x120
[ 1088.083114]  should_fail_ex+0x4d7/0x5e0
[ 1088.083133]  should_failslab+0xc2/0x120
[ 1088.083152]  __kmalloc_noprof+0xd6/0x830
[ 1088.083173]  ? ext4_find_extent+0x7f5/0xa00
[ 1088.083188]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1088.083209]  ? ext4_find_extent+0x7f5/0xa00
[ 1088.083221]  ext4_find_extent+0x7f5/0xa00
[ 1088.083237]  ext4_ext_map_blocks+0x1cc/0x5e50
[ 1088.083254]  ? lock_acquire+0x15e/0x2d0
[ 1088.083274]  ? mark_held_locks+0x49/0x80
[ 1088.083289]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[ 1088.083305]  ? finish_task_switch.isra.0+0x1ec/0x7f0
[ 1088.083323]  ? __pfx_ext4_ext_map_blocks+0x10/0x10
[ 1088.083335]  ? __lock_acquire+0x453/0x2150
[ 1088.083357]  ? lock_acquire+0x15e/0x2d0
[ 1088.083371]  ? ext4_map_blocks+0x564/0x1470
[ 1088.083399]  ? down_write+0x119/0x1f0
[ 1088.083414]  ? __pfx_down_write+0x10/0x10
[ 1088.083431]  ext4_map_blocks+0x62d/0x1470
[ 1088.083450]  ? __up_read+0x26f/0x710
[ 1088.083467]  ? __pfx_ext4_map_blocks+0x10/0x10
[ 1088.083483]  ? __pfx___up_read+0x10/0x10
[ 1088.083501]  ? lock_release+0xc8/0x270
[ 1088.083521]  ? ext4_map_blocks+0x1e9/0x1470
[ 1088.083543]  ext4_getblk+0x67d/0x8e0
[ 1088.083560]  ? __pfx_ext4_getblk+0x10/0x10
[ 1088.083576]  ? __pfx_security_inode_init_security+0x10/0x10
[ 1088.083595]  ? crc32c+0x1ae/0x350
[ 1088.083611]  ext4_bread+0x2e/0x1a0
[ 1088.083630]  ext4_append+0x21d/0x530
[ 1088.083651]  ? __pfx_ext4_append+0x10/0x10
[ 1088.083672]  ? __pfx___ext4_new_inode+0x10/0x10
[ 1088.083697]  ext4_init_new_dir+0x13c/0x240
[ 1088.083711]  ? __pfx_ext4_init_new_dir+0x10/0x10
[ 1088.083732]  ext4_mkdir+0x3c5/0xb30
[ 1088.083750]  ? __pfx_ext4_mkdir+0x10/0x10
[ 1088.083763]  ? security_inode_permission+0x72/0xe0
[ 1088.083786]  vfs_mkdir+0x7b5/0xba0
[ 1088.083805]  do_mkdirat+0x11a/0x450
[ 1088.083825]  ? __pfx_do_mkdirat+0x10/0x10
[ 1088.083842]  ? strncpy_from_user+0x21b/0x2f0
[ 1088.083867]  __x64_sys_mkdir+0xf3/0x140
[ 1088.083885]  do_syscall_64+0xbf/0x420
[ 1088.083899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1088.083913] RIP: 0033:0x7f7208244c27
[ 1088.083923] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1088.083937] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1088.083950] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
[ 1088.083959] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1088.083968] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1088.083976] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1088.083989] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1088.084008]  </TASK>
[ 1088.114928] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1088.158340] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1088.165256] FAULT_INJECTION: forcing a failure.
[ 1088.165256] name failslab, interval 1, probability 0, space 0, times 0
[ 1088.166184] CPU: 1 UID: 0 PID: 9008 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1088.166200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1088.166208] Call Trace:
[ 1088.166213]  <TASK>
[ 1088.166217]  dump_stack_lvl+0xfa/0x120
[ 1088.166242]  should_fail_ex+0x4d7/0x5e0
[ 1088.166258]  ? __kernfs_new_node+0xd3/0x930
[ 1088.166272]  should_failslab+0xc2/0x120
[ 1088.166290]  kmem_cache_alloc_noprof+0x80/0x710
[ 1088.166303]  ? __pfx_avc_has_perm+0x10/0x10
[ 1088.166325]  ? __kernfs_new_node+0xd3/0x930
[ 1088.166336]  __kernfs_new_node+0xd3/0x930
[ 1088.166351]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1088.166367]  ? lock_acquire+0x15e/0x2d0
[ 1088.166381]  ? kernfs_root+0x23/0x2a0
[ 1088.166394]  ? find_held_lock+0x2b/0x80
[ 1088.166405]  ? kernfs_root+0xee/0x2a0
[ 1088.166417]  ? lock_release+0xc8/0x270
[ 1088.166431]  ? lock_is_held_type+0x9e/0x120
[ 1088.166453]  kernfs_new_node+0x13c/0x1e0
[ 1088.166472]  kernfs_create_dir_ns+0x4d/0x1a0
[ 1088.166489]  internal_create_group+0x440/0xeb0
[ 1088.166504]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1088.166528]  ? __pfx_internal_create_group+0x10/0x10
[ 1088.166541]  ? blk_validate_limits+0xc27/0x15c0
[ 1088.166566]  ? lock_is_held_type+0x9e/0x120
[ 1088.166586]  loop_configure+0xc46/0x15a0
[ 1088.166621]  ? __pfx_loop_configure+0x10/0x10
[ 1088.166650]  ? avc_has_extended_perms+0x107/0xf20
[ 1088.166667]  ? find_held_lock+0x2b/0x80
[ 1088.166678]  ? avc_has_extended_perms+0x23b/0xf20
[ 1088.166695]  ? lock_release+0xc8/0x270
[ 1088.166713]  lo_ioctl+0x66d/0x1ca0
[ 1088.166734]  ? __pfx_lo_ioctl+0x10/0x10
[ 1088.166751]  ? __pfx_avc_has_extended_perms+0x10/0x10
[ 1088.166773]  ? lock_acquire+0x15e/0x2d0
[ 1088.166787]  ? __virt_addr_valid+0x1c6/0x5d0
[ 1088.166802]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1088.166821]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1088.166837]  ? lock_release+0xc8/0x270
[ 1088.166854]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1088.166893]  ? check_irq_usage+0x210/0xb40
[ 1088.166907]  ? __fget_files+0x34/0x3b0
[ 1088.166923]  ? find_held_lock+0x2b/0x80
[ 1088.166934]  ? __fget_files+0x203/0x3b0
[ 1088.166950]  ? __pfx_lo_ioctl+0x10/0x10
[ 1088.166967]  blkdev_ioctl+0x365/0x6d0
[ 1088.166991]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1088.167010]  ? selinux_file_ioctl+0xb9/0x280
[ 1088.167026]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1088.167045]  __x64_sys_ioctl+0x18f/0x210
[ 1088.167060]  do_syscall_64+0xbf/0x420
[ 1088.167073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1088.167086] RIP: 0033:0x7f2dac41a8d7
[ 1088.167095] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1088.167107] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1088.167119] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac41a8d7
[ 1088.167127] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1088.167134] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[ 1088.167142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1088.167149] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[ 1088.167167]  </TASK>
[ 1088.190644] loop3: detected capacity change from 0 to 512
03:51:45 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x6400}}, 0x414d02)

03:51:45 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x20000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:45 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x40000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:45 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 68)

03:51:45 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf4000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = accept(r0, &(0x7f0000000040)=@un=@abs, &(0x7f00000000c0)=0x80)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xb0, 0x1, 0x8, 0x3, 0x0, 0x0, {0x0, 0x0, 0x2}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8848}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0x44, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0xfffffff9}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0xfffffffc}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x6}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_SHUTDOWN_SENT={0x8, 0x5, 0x1, 0x0, 0xef}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0xb0}, 0x1, 0x0, 0x0, 0x80}, 0x4010)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[ 1088.296506] loop5: detected capacity change from 0 to 512
[ 1088.302760] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1088.303573] EXT4-fs (loop5): group descriptors corrupted!
03:51:45 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x3f000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1088.332796] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1088.333722] EXT4-fs (loop3): group descriptors corrupted!
03:51:45 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000040)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb, 0x5d}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:51:53 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x20, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x80}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0)
pwritev2(r1, &(0x7f0000000400)=[{&(0x7f0000000080)="eb724921b8232248dded66531431a6e4423e926ee2b49f8a33423d205772b17239c508d086a812285cfc6870e61c20be343cf9c20566b975ef28de9f233b46b192ce20c78adbd78d32465a79fe668137033a21cefe90bafeb6c62c423179d687e577e959155342834914f7f102f5ec1df46c7152210dbe218c4b25619049d81b35748fd54243681ee91f36922021a93f7bf81f24ac024f90801864cf5db0b10e032b34d2c2662d2a2b83ef391d6a42526d1ce604e204e415c7bd4bfa29e60e2010866ca064e4aa1bb9f11f0d939c995d", 0xd0}, {&(0x7f0000000180)="26e4e8011d1621d51c443c0a30321b61531f30f9cd90908241f881bf643d7a37db167dbb7a01c8507717cd0bce75356242f6375b18d839c58084c28c3b8a3be18c4b817e8fe61fd825e830a7fabdc8af60cfc1b4a0ddc4b295fd826ae95d1fb553d0617d334f5dd3fb60fea8d327fd0acc8e9102a2dcb5fdbe83808cfbced75f2803eeb36db4d8537b442927a6ea97404e52dbd4b1d1d1be99884b2738ea", 0x9e}, {&(0x7f0000000240)="49a3d2a01d1edad2086101e9a40b231509d391528a7e8193ffa6b1df3cfced5bc7942afd7508f2bf470b3d535a8e9edad971b0035ff4cf37613a4f502367994ca90b1a5ad1356bb544496d4efdeaf918f3766e5a36384dc326c3df904e14e2e1bb000455f0b05a42ea3284078c1930f82fb1e7b9ae58653881c07f97bb36536a5d144660aa23112c3230ad3e2d393ba6df1fc6265866b9321f7bbd4e92de7ccfa256459ffc0710277a561c4d0d975f90e3bc3f517c499b250d97abac84ee3713a3921cb7ef65fd9d90462038f20234bf768f3f592b34044850ebb14248a6cef86909bddcbe3bd29cf5b150786e", 0xed}], 0x3, 0x5, 0x8, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:51:53 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 25)

03:51:53 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf5ffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:53 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x40000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:53 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x7000}}, 0x414d02)

03:51:53 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 69)

03:51:53 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x74020000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:51:53 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1096.678587] loop5: detected capacity change from 0 to 512
[ 1096.681681] FAULT_INJECTION: forcing a failure.
[ 1096.681681] name failslab, interval 1, probability 0, space 0, times 0
[ 1096.682698] CPU: 1 UID: 0 PID: 9036 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1096.682716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1096.682724] Call Trace:
[ 1096.682728]  <TASK>
[ 1096.682733]  dump_stack_lvl+0xfa/0x120
[ 1096.682761]  should_fail_ex+0x4d7/0x5e0
[ 1096.682780]  ? __es_insert_extent+0xed2/0x1370
[ 1096.682795]  should_failslab+0xc2/0x120
[ 1096.682814]  kmem_cache_alloc_noprof+0x80/0x710
[ 1096.682832]  ? __es_insert_extent+0xed2/0x1370
[ 1096.682846]  __es_insert_extent+0xed2/0x1370
[ 1096.682861]  ? __pfx_do_raw_write_lock+0x10/0x10
[ 1096.682890]  ext4_es_insert_extent+0x438/0x1060
[ 1096.682912]  ? __pfx_ext4_es_insert_extent+0x10/0x10
[ 1096.682926]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1096.682944]  ? kasan_save_track+0x14/0x30
[ 1096.682969]  ? lock_acquire+0x15e/0x2d0
[ 1096.682990]  ? find_held_lock+0x2b/0x80
[ 1096.683001]  ? ext4_es_find_extent_range+0x1cf/0x4b0
[ 1096.683016]  ? lock_release+0xc8/0x270
[ 1096.683032]  ? do_raw_read_unlock+0x44/0xe0
[ 1096.683054]  ext4_ext_map_blocks+0x1716/0x5e50
[ 1096.683080]  ? bdev_getblk+0x195/0x840
[ 1096.683106]  ? __pfx_ext4_ext_map_blocks+0x10/0x10
[ 1096.683121]  ? crc32c+0x1ae/0x350
[ 1096.683134]  ? look_up_lock_class+0x56/0x130
[ 1096.683154]  ? register_lock_class+0x41/0x550
[ 1096.683173]  ? __lock_acquire+0x453/0x2150
[ 1096.683195]  ? lock_acquire+0x15e/0x2d0
[ 1096.683210]  ? ext4_map_blocks+0x4a8/0x1470
[ 1096.683230]  ext4_map_query_blocks+0x110/0x900
[ 1096.683246]  ? __pfx_ext4_map_query_blocks+0x10/0x10
[ 1096.683259]  ? do_raw_read_unlock+0x44/0xe0
[ 1096.683276]  ? __pfx_down_read+0x10/0x10
[ 1096.683289]  ? ext4_es_lookup_extent+0xcd/0xb50
[ 1096.683310]  ext4_map_blocks+0x4bc/0x1470
[ 1096.683331]  ? __pfx_ext4_map_blocks+0x10/0x10
[ 1096.683347]  ? __pfx_ext4_initxattrs+0x10/0x10
[ 1096.683363]  ? __pfx_security_inode_init_security+0x10/0x10
[ 1096.683380]  ? crc32c+0x1ae/0x350
[ 1096.683391]  ? __brelse+0x86/0xa0
[ 1096.683406]  ? __ext4_new_inode+0x116/0x4cd0
[ 1096.683426]  ext4_append+0x1af/0x530
[ 1096.683447]  ? __pfx_ext4_append+0x10/0x10
[ 1096.683465]  ? __pfx___ext4_new_inode+0x10/0x10
[ 1096.683489]  ext4_init_new_dir+0x13c/0x240
[ 1096.683501]  ? __pfx_ext4_init_new_dir+0x10/0x10
[ 1096.683521]  ext4_mkdir+0x3c5/0xb30
[ 1096.683538]  ? __pfx_ext4_mkdir+0x10/0x10
[ 1096.683550]  ? security_inode_permission+0x72/0xe0
[ 1096.683571]  vfs_mkdir+0x7b5/0xba0
[ 1096.683589]  do_mkdirat+0x11a/0x450
[ 1096.683608]  ? __pfx_do_mkdirat+0x10/0x10
[ 1096.683624]  ? strncpy_from_user+0x21b/0x2f0
[ 1096.683648]  __x64_sys_mkdir+0xf3/0x140
[ 1096.683666]  do_syscall_64+0xbf/0x420
[ 1096.683680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1096.683693] RIP: 0033:0x7f7208244c27
[ 1096.683703] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1096.683716] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1096.683728] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
[ 1096.683736] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1096.683744] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1096.683752] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1096.683759] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1096.683778]  </TASK>
[ 1096.724177] loop3: detected capacity change from 0 to 512
[ 1096.740911] loop6: detected capacity change from 0 to 22
[ 1096.746895] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1096.747697] EXT4-fs (loop3): group descriptors corrupted!
[ 1096.749118] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
[ 1096.760701] loop6: detected capacity change from 0 to 22
[ 1096.784651] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1096.785409] EXT4-fs (loop5): group descriptors corrupted!
03:52:02 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 26)

03:52:02 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x8004}}, 0x414d02)

03:52:02 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x40080000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:02 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xfbffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:02 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x0, 0x80000001}}, 0x414d02)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
syncfs(r1)
close_range(r0, 0xffffffffffffffff, 0x0)

03:52:02 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:52:02 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 70)

03:52:02 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x7bffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1105.544891] loop3: detected capacity change from 0 to 512
[ 1105.552671] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1105.553472] EXT4-fs (loop3): group descriptors corrupted!
03:52:02 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x9f0a}}, 0x414d02)

03:52:02 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 27)

[ 1105.603177] loop5: detected capacity change from 0 to 512
[ 1105.615104] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1105.615859] EXT4-fs (loop5): group descriptors corrupted!
[ 1105.616816] loop6: detected capacity change from 0 to 22
[ 1105.627313] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
[ 1105.652631] loop3: detected capacity change from 0 to 512
[ 1105.655321] loop6: detected capacity change from 0 to 22
[ 1105.665720] Process accounting resumed
[ 1105.668658] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1105.669518] EXT4-fs (loop3): group descriptors corrupted!
03:52:02 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf0ffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:02 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xffefff1f}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:02 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0x7bffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:02 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 71)

03:52:02 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 28)

[ 1105.735600] loop5: detected capacity change from 0 to 512
[ 1105.740376] FAULT_INJECTION: forcing a failure.
[ 1105.740376] name failslab, interval 1, probability 0, space 0, times 0
[ 1105.741598] CPU: 0 UID: 0 PID: 9081 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1105.741614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1105.741622] Call Trace:
[ 1105.741626]  <TASK>
[ 1105.741631]  dump_stack_lvl+0xfa/0x120
[ 1105.741657]  should_fail_ex+0x4d7/0x5e0
[ 1105.741672]  ? __es_remove_extent+0x53f/0x1570
[ 1105.741690]  ? __es_insert_extent+0xed2/0x1370
[ 1105.741703]  should_failslab+0xc2/0x120
[ 1105.741721]  kmem_cache_alloc_noprof+0x80/0x710
[ 1105.741735]  ? __pfx___es_remove_extent+0x10/0x10
[ 1105.741753]  ? __es_insert_extent+0xed2/0x1370
[ 1105.741766]  __es_insert_extent+0xed2/0x1370
[ 1105.741789]  ext4_es_insert_extent+0x438/0x1060
[ 1105.741809]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1105.741828]  ? __pfx_ext4_es_insert_extent+0x10/0x10
[ 1105.741843]  ? lock_acquire+0x15e/0x2d0
[ 1105.741859]  ? ext4_map_blocks+0x564/0x1470
[ 1105.741884]  ? __pfx_down_write+0x10/0x10
[ 1105.741904]  ext4_map_blocks+0x808/0x1470
[ 1105.741923]  ? __up_read+0x26f/0x710
[ 1105.741940]  ? __pfx_ext4_map_blocks+0x10/0x10
[ 1105.741954]  ? __pfx___up_read+0x10/0x10
[ 1105.741972]  ? lock_release+0xc8/0x270
[ 1105.741995]  ? ext4_map_blocks+0x1e9/0x1470
[ 1105.742016]  ext4_getblk+0x67d/0x8e0
[ 1105.742033]  ? __pfx_ext4_getblk+0x10/0x10
[ 1105.742047]  ? __pfx_security_inode_init_security+0x10/0x10
[ 1105.742063]  ? crc32c+0x1ae/0x350
[ 1105.742079]  ext4_bread+0x2e/0x1a0
[ 1105.742095]  ext4_append+0x21d/0x530
[ 1105.742116]  ? __pfx_ext4_append+0x10/0x10
[ 1105.742135]  ? __pfx___ext4_new_inode+0x10/0x10
[ 1105.742159]  ext4_init_new_dir+0x13c/0x240
[ 1105.742172]  ? __pfx_ext4_init_new_dir+0x10/0x10
[ 1105.742202]  ext4_mkdir+0x3c5/0xb30
[ 1105.742219]  ? __pfx_ext4_mkdir+0x10/0x10
[ 1105.742231]  ? security_inode_permission+0x72/0xe0
[ 1105.742251]  vfs_mkdir+0x7b5/0xba0
[ 1105.742269]  do_mkdirat+0x11a/0x450
[ 1105.742288]  ? __pfx_do_mkdirat+0x10/0x10
[ 1105.742304]  ? strncpy_from_user+0x21b/0x2f0
[ 1105.742328]  __x64_sys_mkdir+0xf3/0x140
[ 1105.742346]  do_syscall_64+0xbf/0x420
[ 1105.742360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1105.742373] RIP: 0033:0x7f7208244c27
[ 1105.742383] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1105.742394] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1105.742407] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
[ 1105.742415] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1105.742423] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1105.742431] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1105.742438] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1105.742457]  </TASK>
03:52:02 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:52:02 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf4000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:02 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
openat(r0, &(0x7f0000000040)='./file0\x00', 0x531801, 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000640)=[{&(0x7f0000000080)="361799e220ae84131ad3bc44e7d8130f4f0023c852a23d281c286cdf6b983fd8162f123cd9e00b460d2645678732459fff5bce9b642352c6803847f91992d44acb36af4775f6ba97de04924fffe38516e4948ad5541e1807817e9a96ce8bf30d2b7d754460b689a1fdf8553528e1b403873e84b9b5a2803e86d466d9fd2b5db36962facc03d1531f68e7615c04bde694e1e27e732680f2b628bde80a564356e3f2752ca9f546c9f4d9b0d71707c8450b15db8b188d118317878a9ae1410d39baa92022d4727a06b5941c13bfa3d3c8d4a3c97af12001cefbf9e932c13c3bcf2bd900e97b1ec5f5601cf8c8d2a97c1e82b966ec76701af29c7ebb7946398d4e", 0xff}, {&(0x7f0000000180)="fa914633157a5bc9db8354068f6c75cde393a8c3ccabacacffc135eac3ac39831f35a0961e55cfe67b0c9d20df91e57e6a217599878dc9b846615005f89a418cab0e458441c77cabca037dc87044e3ecad0c2fb3e3a97973acdf0b27122b9a6e33512c70f50178ee6be7caad5fb1d847ae54e073683999cebb64320975627cec1e6ab753da96caa5e82f82cffcabcddddaa8d52330c76664d4ef2b26eed9badef0e2f2399c89bfaafc14d75c3eeffaff56d715af130ff9c7221452da7235ee30d149b5afd1bf0a78ac98165e8a07a696e028de43f0a0b67a64ea23a0b671a1a604a29173e8b42382517d0acdfb06c2e149490f573ca4c3256a5c14fa580e", 0xfe}, {&(0x7f0000000280)="d78ae03e1db41bd8121f0611a048a49e665d5e8f179f45b2bb98212b46f270c0c9466641779daffa531e7987441c679ecda290bbacd4d65da2573560e620edf616821e5a0985f8faa6d3665e4b071848ee845d76b2ac48e328b1cdc8a65c7ccecebbb4c6fd7d36b793b71f36622cbd3785f36a991229e4ced7800a8675e0ea838835ebba755fdf35439778a975bd4a88838e0a195bce119f02c256", 0x9b}, {&(0x7f0000000400)="7d25509f8fba0ecbf9b3d4d3b13dd26d45b444010b411e075a41caa0cb6a696c6f43b78d9e5111074efc4af507defa7373e987ec35ed58947151aac37312f469a162e3f93162588818d669a70a359754201a2a22842910710c8da7c061b1ee7bee8a3e8fd94b15559a3c71245a066eea214329e80ef8c5a84ffc192059c0bbc16a7910e164132433b204568f61f5ce106d62e0ca15623a60cf70378feda4614505e3bd9398f1d8a59ca9061f75b71a4d0c63673075bad8c4fe3f3433227eca4901a98f2299d8d17c88cc382e41393e733f107692875f73a97df8ed7e7bcc70e64cf3", 0xe2}, {&(0x7f0000000500)="bf68f9a4f16cf7609b6bf44a0cf922bd78", 0x11}, {&(0x7f0000000540)="4085489012ea026958cd08d0d1960699151ccb329bfdb48f8955038239348278d8bffbe6ddd741a096e1b4f60cba0d72420b77ff7c42b01bc4242bf6d7eadfc3b32f546b695ae792dea1dac7cbb7fd7ca1d379c01fdfd24449370629f9c9bc5d08028f96e3f07644020d64bf0de9ba6d216404fe51abedd2c69feda2e944dc77af8e4c978ff59ebb6bf9d8bace033d54e71278ab606752a1935753d105ca9e989c28f645d297", 0xa6}, {&(0x7f0000000600)="f354b3c985bdb24c7b058af366428e4e", 0x10}], 0x7, 0x5, 0x7, 0x12)

[ 1105.844183] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1105.845117] EXT4-fs (loop5): group descriptors corrupted!
[ 1105.912183] loop6: detected capacity change from 0 to 22
[ 1105.916901] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
03:52:11 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf0ffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:11 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0xf000}}, 0x414d02)

03:52:11 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:52:11 executing program 4:
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x80000}, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:52:11 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xffffff7b}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:11 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 72)

03:52:11 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf5ffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:11 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 29)

[ 1114.474452] loop6: detected capacity change from 0 to 22
[ 1114.489137] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
[ 1114.520653] loop3: detected capacity change from 0 to 512
[ 1114.524546] loop5: detected capacity change from 0 to 512
[ 1114.535663] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1114.536525] EXT4-fs (loop3): group descriptors corrupted!
[ 1114.547931] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1114.549605] EXT4-fs (loop5): group descriptors corrupted!
03:52:11 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
fcntl$getownex(r0, 0x10, &(0x7f00000002c0)={0x0, <r1=>0x0})
clone3(&(0x7f0000000400)={0x20000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0x1e}, &(0x7f0000000100)=""/193, 0xc1, &(0x7f0000000200)=""/147, &(0x7f0000000300)=[r1], 0x1, {r0}}, 0x58)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)
r2 = openat2(r0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x8000, 0x3e4c1b06ca38efe2, 0x2}, 0x18)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r2, 0xc008240a, &(0x7f0000000500)={0x7, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})

03:52:11 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf4000000}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:19 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xfbffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:19 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xf5ffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:19 executing program 4:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, <r1=>0x0}, &(0x7f0000000040)=0x5)
setuid(r1)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000740)='./file0\x00', 0x4000, 0x0)
geteuid()
r2 = getegid()
pidfd_open(0xffffffffffffffff, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_ALM_SET(r3, 0x40247007, &(0x7f00000000c0))
inotify_init()
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_ALM_SET(r4, 0x40247007, &(0x7f00000000c0))
socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000780))
setresgid(r2, 0x0, 0x0)
r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r5, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r5, 0xffffffffffffffff, 0x0)

03:52:19 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 30)

03:52:19 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x40000}}, 0x414d02)

03:52:19 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xfffffff0}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:19 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:52:19 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 73)

[ 1122.522836] loop6: detected capacity change from 0 to 22
[ 1122.523846] loop5: detected capacity change from 0 to 512
[ 1122.524597] FAULT_INJECTION: forcing a failure.
[ 1122.524597] name failslab, interval 1, probability 0, space 0, times 0
[ 1122.525690] CPU: 1 UID: 0 PID: 9143 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1122.525706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1122.525713] Call Trace:
[ 1122.525718]  <TASK>
[ 1122.525723]  dump_stack_lvl+0xfa/0x120
[ 1122.525751]  should_fail_ex+0x4d7/0x5e0
[ 1122.525767]  ? __es_remove_extent+0x53f/0x1570
[ 1122.525785]  ? __es_insert_extent+0xed2/0x1370
[ 1122.525798]  should_failslab+0xc2/0x120
[ 1122.525817]  kmem_cache_alloc_noprof+0x80/0x710
[ 1122.525831]  ? __pfx___es_remove_extent+0x10/0x10
[ 1122.525848]  ? __es_insert_extent+0xed2/0x1370
[ 1122.525862]  __es_insert_extent+0xed2/0x1370
[ 1122.525886]  ext4_es_insert_extent+0x438/0x1060
[ 1122.525905]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1122.525924]  ? __pfx_ext4_es_insert_extent+0x10/0x10
[ 1122.525940]  ? lock_acquire+0x15e/0x2d0
[ 1122.525955]  ? ext4_map_blocks+0x564/0x1470
[ 1122.525984]  ? __pfx_down_write+0x10/0x10
[ 1122.526005]  ext4_map_blocks+0x808/0x1470
[ 1122.526023]  ? __up_read+0x26f/0x710
[ 1122.526040]  ? __pfx_ext4_map_blocks+0x10/0x10
[ 1122.526055]  ? __pfx___up_read+0x10/0x10
[ 1122.526072]  ? lock_release+0xc8/0x270
[ 1122.526091]  ? ext4_map_blocks+0x1e9/0x1470
[ 1122.526112]  ext4_getblk+0x67d/0x8e0
[ 1122.526129]  ? __pfx_ext4_getblk+0x10/0x10
[ 1122.526143]  ? __pfx_security_inode_init_security+0x10/0x10
[ 1122.526161]  ? crc32c+0x1ae/0x350
[ 1122.526177]  ext4_bread+0x2e/0x1a0
[ 1122.526193]  ext4_append+0x21d/0x530
[ 1122.526213]  ? __pfx_ext4_append+0x10/0x10
[ 1122.526232]  ? __pfx___ext4_new_inode+0x10/0x10
[ 1122.526256]  ext4_init_new_dir+0x13c/0x240
[ 1122.526269]  ? __pfx_ext4_init_new_dir+0x10/0x10
[ 1122.526288]  ext4_mkdir+0x3c5/0xb30
[ 1122.526305]  ? __pfx_ext4_mkdir+0x10/0x10
[ 1122.526318]  ? security_inode_permission+0x72/0xe0
[ 1122.526348]  vfs_mkdir+0x7b5/0xba0
[ 1122.526366]  do_mkdirat+0x11a/0x450
[ 1122.526384]  ? __pfx_do_mkdirat+0x10/0x10
[ 1122.526401]  ? strncpy_from_user+0x21b/0x2f0
[ 1122.526425]  __x64_sys_mkdir+0xf3/0x140
[ 1122.526443]  do_syscall_64+0xbf/0x420
[ 1122.526457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1122.526470] RIP: 0033:0x7f7208244c27
[ 1122.526481] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1122.526493] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1122.526506] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
[ 1122.526514] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1122.526521] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1122.526529] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1122.526536] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1122.526554]  </TASK>
[ 1122.541132] FAULT_INJECTION: forcing a failure.
[ 1122.541132] name failslab, interval 1, probability 0, space 0, times 0
[ 1122.555537] CPU: 0 UID: 0 PID: 9145 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1122.555570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1122.555584] Call Trace:
[ 1122.555593]  <TASK>
[ 1122.555602]  dump_stack_lvl+0xfa/0x120
[ 1122.555649]  should_fail_ex+0x4d7/0x5e0
[ 1122.555683]  ? __kernfs_new_node+0xd3/0x930
[ 1122.555708]  should_failslab+0xc2/0x120
[ 1122.555743]  kmem_cache_alloc_noprof+0x80/0x710
[ 1122.555779]  ? __kernfs_new_node+0xd3/0x930
[ 1122.555803]  __kernfs_new_node+0xd3/0x930
[ 1122.555833]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1122.555864]  ? lock_acquire+0x15e/0x2d0
[ 1122.555896]  ? kernfs_root+0x23/0x2a0
[ 1122.555920]  ? find_held_lock+0x2b/0x80
[ 1122.555943]  ? kernfs_root+0xee/0x2a0
[ 1122.555967]  ? lock_release+0xc8/0x270
[ 1122.556002]  ? lock_is_held_type+0x9e/0x120
[ 1122.556047]  kernfs_new_node+0x13c/0x1e0
[ 1122.556083]  __kernfs_create_file+0x55/0x360
[ 1122.556123]  sysfs_add_file_mode_ns+0x21c/0x430
[ 1122.556151]  ? __pfx_dev_attr_store+0x10/0x10
[ 1122.556195]  internal_create_group+0x662/0xeb0
[ 1122.556233]  ? __pfx_internal_create_group+0x10/0x10
[ 1122.556259]  ? blk_validate_limits+0xc27/0x15c0
[ 1122.556301]  ? lock_is_held_type+0x9e/0x120
[ 1122.556342]  loop_configure+0xc46/0x15a0
[ 1122.556409]  ? __pfx_loop_configure+0x10/0x10
[ 1122.556467]  ? avc_has_extended_perms+0x107/0xf20
[ 1122.556503]  ? find_held_lock+0x2b/0x80
[ 1122.556525]  ? avc_has_extended_perms+0x23b/0xf20
[ 1122.556560]  ? lock_release+0xc8/0x270
[ 1122.556595]  lo_ioctl+0x66d/0x1ca0
[ 1122.556638]  ? __pfx_lo_ioctl+0x10/0x10
[ 1122.556673]  ? __pfx_avc_has_extended_perms+0x10/0x10
[ 1122.556717]  ? lock_acquire+0x15e/0x2d0
[ 1122.556747]  ? __virt_addr_valid+0x1c6/0x5d0
[ 1122.556776]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1122.556813]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1122.556845]  ? lock_release+0xc8/0x270
[ 1122.556881]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1122.556958]  ? check_irq_usage+0x210/0xb40
[ 1122.556987]  ? __fget_files+0x34/0x3b0
[ 1122.557018]  ? find_held_lock+0x2b/0x80
[ 1122.557041]  ? __fget_files+0x203/0x3b0
[ 1122.557074]  ? __pfx_lo_ioctl+0x10/0x10
[ 1122.557109]  blkdev_ioctl+0x365/0x6d0
[ 1122.557147]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1122.557184]  ? selinux_file_ioctl+0xb9/0x280
[ 1122.557215]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1122.557254]  __x64_sys_ioctl+0x18f/0x210
[ 1122.557284]  do_syscall_64+0xbf/0x420
[ 1122.557311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1122.557336] RIP: 0033:0x7f2dac41a8d7
[ 1122.557355] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1122.557377] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1122.557400] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac41a8d7
[ 1122.557416] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1122.557431] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[ 1122.557445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1122.557459] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[ 1122.557494]  </TASK>
03:52:19 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x80000}}, 0x414d02)

03:52:19 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xfbffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:19 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r2 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000040))
copy_file_range(r2, &(0x7f0000000080)=0x6, r0, &(0x7f00000000c0)=0x2, 0x1, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000100)={0x0, r1, 0x5, 0x2, 0x8, 0x7fffffff})
open_by_handle_at(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="1000000000000000f8de2831034c563400000000ecc373ab1c655ed0a56c82abc00b0f203e259500"/51], 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)

03:52:19 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xffefff1f}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1122.620858] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
[ 1122.643159] loop3: detected capacity change from 0 to 512
03:52:19 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x80ffff}}, 0x414d02)

[ 1122.652591] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1122.654125] EXT4-fs (loop5): group descriptors corrupted!
03:52:19 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xffefff1f}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1122.674226] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1122.675752] EXT4-fs (loop3): group descriptors corrupted!
03:52:19 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xfffffff5}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:19 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000020000000300"/24], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000080)=0x1, 0x4)

03:52:19 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 74)

03:52:19 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xb, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:52:19 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xffffff7b}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1122.788686] loop6: detected capacity change from 0 to 22
[ 1122.795207] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
[ 1122.853236] loop5: detected capacity change from 0 to 512
[ 1122.863512] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1122.864556] EXT4-fs (loop5): group descriptors corrupted!
03:52:30 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 75)

03:52:30 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xfffffff0}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:30 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0xf0ffff}}, 0x414d02)

03:52:30 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="10000000020000000000000000000000000000000013b78fc7878e99c54b40541e73da99c3f803e3b17c"], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:52:30 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xffffff7b}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:30 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 31)

03:52:30 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:52:30 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xfffffffb}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1133.406908] loop5: detected capacity change from 0 to 512
[ 1133.414528] FAULT_INJECTION: forcing a failure.
[ 1133.414528] name failslab, interval 1, probability 0, space 0, times 0
[ 1133.416081] CPU: 0 UID: 0 PID: 9183 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1133.416107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1133.416119] Call Trace:
[ 1133.416126]  <TASK>
[ 1133.416134]  dump_stack_lvl+0xfa/0x120
[ 1133.416173]  should_fail_ex+0x4d7/0x5e0
[ 1133.416195]  ? __es_remove_extent+0x53f/0x1570
[ 1133.416224]  ? __es_insert_extent+0xed2/0x1370
[ 1133.416245]  should_failslab+0xc2/0x120
[ 1133.416274]  kmem_cache_alloc_noprof+0x80/0x710
[ 1133.416297]  ? __pfx___es_remove_extent+0x10/0x10
[ 1133.416327]  ? __es_insert_extent+0xed2/0x1370
[ 1133.416349]  __es_insert_extent+0xed2/0x1370
[ 1133.416387]  ext4_es_insert_extent+0x438/0x1060
[ 1133.416418]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1133.416448]  ? __pfx_ext4_es_insert_extent+0x10/0x10
[ 1133.416474]  ? lock_acquire+0x15e/0x2d0
[ 1133.416498]  ? ext4_map_blocks+0x564/0x1470
[ 1133.416539]  ? __pfx_down_write+0x10/0x10
[ 1133.416569]  ext4_map_blocks+0x808/0x1470
[ 1133.416599]  ? __up_read+0x26f/0x710
[ 1133.416627]  ? __pfx_ext4_map_blocks+0x10/0x10
[ 1133.416652]  ? __pfx___up_read+0x10/0x10
[ 1133.416681]  ? lock_release+0xc8/0x270
[ 1133.416712]  ? ext4_map_blocks+0x1e9/0x1470
[ 1133.416746]  ext4_getblk+0x67d/0x8e0
[ 1133.416773]  ? __pfx_ext4_getblk+0x10/0x10
[ 1133.416796]  ? __pfx_security_inode_init_security+0x10/0x10
[ 1133.416822]  ? crc32c+0x1ae/0x350
[ 1133.416847]  ext4_bread+0x2e/0x1a0
[ 1133.416874]  ext4_append+0x21d/0x530
[ 1133.416906]  ? __pfx_ext4_append+0x10/0x10
[ 1133.416937]  ? __pfx___ext4_new_inode+0x10/0x10
[ 1133.416976]  ext4_init_new_dir+0x13c/0x240
[ 1133.417003]  ? __pfx_ext4_init_new_dir+0x10/0x10
[ 1133.417035]  ext4_mkdir+0x3c5/0xb30
[ 1133.417062]  ? __pfx_ext4_mkdir+0x10/0x10
[ 1133.417082]  ? security_inode_permission+0x72/0xe0
[ 1133.417115]  vfs_mkdir+0x7b5/0xba0
[ 1133.417142]  do_mkdirat+0x11a/0x450
[ 1133.417172]  ? __pfx_do_mkdirat+0x10/0x10
[ 1133.417199]  ? strncpy_from_user+0x21b/0x2f0
[ 1133.417238]  __x64_sys_mkdir+0xf3/0x140
[ 1133.417267]  do_syscall_64+0xbf/0x420
[ 1133.417289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1133.417309] RIP: 0033:0x7f7208244c27
[ 1133.417325] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1133.417344] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1133.417363] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
[ 1133.417375] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1133.417387] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1133.417399] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1133.417410] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1133.417440]  </TASK>
[ 1133.461661] loop3: detected capacity change from 0 to 512
[ 1133.483108] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1133.484633] EXT4-fs (loop3): group descriptors corrupted!
[ 1133.491791] loop6: detected capacity change from 0 to 22
03:52:30 executing program 4:
perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[ 1133.509132] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
03:52:30 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xffffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:30 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xfffffff5}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:30 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xfffffff0}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:30 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x1000000}}, 0x414d02)

03:52:30 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1133.571893] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1133.573133] EXT4-fs (loop5): group descriptors corrupted!
03:52:30 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 32)

03:52:30 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 76)

03:52:30 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0xfd, 0xfd, 0x0, 0x20000000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x4}, 0x0, 0x4000, 0x0, 0x6, 0x0, 0x0, 0x8}, 0x0, 0xf, 0xffffffffffffffff, 0x2)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
dup2(r0, r0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x3, 0x4, 0x0, 0xa0000000000000, 0x7, 0x1f})

[ 1133.690842] loop6: detected capacity change from 0 to 22
[ 1133.704367] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
[ 1133.726076] FAULT_INJECTION: forcing a failure.
[ 1133.726076] name failslab, interval 1, probability 0, space 0, times 0
[ 1133.728188] CPU: 1 UID: 0 PID: 9214 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1133.728220] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1133.728234] Call Trace:
[ 1133.728241]  <TASK>
[ 1133.728250]  dump_stack_lvl+0xfa/0x120
[ 1133.728296]  should_fail_ex+0x4d7/0x5e0
[ 1133.728327]  ? __kernfs_new_node+0xd3/0x930
[ 1133.728350]  should_failslab+0xc2/0x120
[ 1133.728384]  kmem_cache_alloc_noprof+0x80/0x710
[ 1133.728419]  ? __kernfs_new_node+0xd3/0x930
[ 1133.728442]  __kernfs_new_node+0xd3/0x930
[ 1133.728472]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1133.728502]  ? lock_acquire+0x15e/0x2d0
[ 1133.728532]  ? kernfs_root+0x23/0x2a0
[ 1133.728556]  ? find_held_lock+0x2b/0x80
[ 1133.728578]  ? kernfs_root+0xee/0x2a0
[ 1133.728601]  ? lock_release+0xc8/0x270
[ 1133.728628]  ? lock_is_held_type+0x9e/0x120
[ 1133.728672]  kernfs_new_node+0x13c/0x1e0
[ 1133.728707]  __kernfs_create_file+0x55/0x360
[ 1133.728746]  sysfs_add_file_mode_ns+0x21c/0x430
[ 1133.728773]  ? __pfx_dev_attr_store+0x10/0x10
[ 1133.728815]  internal_create_group+0x662/0xeb0
[ 1133.728852]  ? __pfx_internal_create_group+0x10/0x10
[ 1133.728877]  ? blk_validate_limits+0xc27/0x15c0
[ 1133.728918]  ? lock_is_held_type+0x9e/0x120
[ 1133.728958]  loop_configure+0xc46/0x15a0
[ 1133.729034]  ? __pfx_loop_configure+0x10/0x10
[ 1133.729090]  ? avc_has_extended_perms+0x107/0xf20
[ 1133.729126]  ? find_held_lock+0x2b/0x80
[ 1133.729147]  ? avc_has_extended_perms+0x23b/0xf20
[ 1133.729182]  ? lock_release+0xc8/0x270
[ 1133.729216]  lo_ioctl+0x66d/0x1ca0
[ 1133.729257]  ? __pfx_lo_ioctl+0x10/0x10
[ 1133.729291]  ? __pfx_avc_has_extended_perms+0x10/0x10
[ 1133.729334]  ? lock_acquire+0x15e/0x2d0
[ 1133.729363]  ? __virt_addr_valid+0x1c6/0x5d0
[ 1133.729391]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1133.729427]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1133.729459]  ? lock_release+0xc8/0x270
[ 1133.729494]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1133.729568]  ? check_irq_usage+0x210/0xb40
[ 1133.729596]  ? __fget_files+0x34/0x3b0
[ 1133.729627]  ? find_held_lock+0x2b/0x80
[ 1133.729648]  ? __fget_files+0x203/0x3b0
[ 1133.729680]  ? __pfx_lo_ioctl+0x10/0x10
[ 1133.729715]  blkdev_ioctl+0x365/0x6d0
[ 1133.729754]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1133.729790]  ? selinux_file_ioctl+0xb9/0x280
[ 1133.729819]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1133.729857]  __x64_sys_ioctl+0x18f/0x210
[ 1133.729886]  do_syscall_64+0xbf/0x420
[ 1133.729912]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1133.729935] RIP: 0033:0x7f2dac41a8d7
[ 1133.729953] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1133.729976] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1133.729999] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac41a8d7
[ 1133.730014] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1133.730028] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[ 1133.730042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1133.730056] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[ 1133.730090]  </TASK>
[ 1133.808151] loop3: detected capacity change from 0 to 512
[ 1133.823382] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1133.824449] EXT4-fs (loop3): group descriptors corrupted!
[ 1133.879807] loop5: detected capacity change from 0 to 512
[ 1133.885178] FAULT_INJECTION: forcing a failure.
[ 1133.885178] name failslab, interval 1, probability 0, space 0, times 0
[ 1133.886922] CPU: 1 UID: 0 PID: 9219 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1133.886953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1133.886966] Call Trace:
[ 1133.886974]  <TASK>
[ 1133.886989]  dump_stack_lvl+0xfa/0x120
[ 1133.887033]  should_fail_ex+0x4d7/0x5e0
[ 1133.887059]  ? __es_remove_extent+0x53f/0x1570
[ 1133.887092]  ? __es_insert_extent+0xed2/0x1370
[ 1133.887118]  should_failslab+0xc2/0x120
[ 1133.887151]  kmem_cache_alloc_noprof+0x80/0x710
[ 1133.887178]  ? __pfx___es_remove_extent+0x10/0x10
[ 1133.887213]  ? __es_insert_extent+0xed2/0x1370
[ 1133.887240]  __es_insert_extent+0xed2/0x1370
[ 1133.887286]  ext4_es_insert_extent+0x438/0x1060
[ 1133.887324]  ? __pfx_perf_trace_lock+0x10/0x10
[ 1133.887360]  ? __pfx_ext4_es_insert_extent+0x10/0x10
[ 1133.887390]  ? lock_acquire+0x15e/0x2d0
[ 1133.887419]  ? ext4_map_blocks+0x564/0x1470
[ 1133.887468]  ? __pfx_down_write+0x10/0x10
[ 1133.887504]  ext4_map_blocks+0x808/0x1470
[ 1133.887541]  ? __up_read+0x26f/0x710
[ 1133.887575]  ? __pfx_ext4_map_blocks+0x10/0x10
[ 1133.887604]  ? __pfx___up_read+0x10/0x10
[ 1133.887639]  ? lock_release+0xc8/0x270
[ 1133.887676]  ? ext4_map_blocks+0x1e9/0x1470
[ 1133.887717]  ext4_getblk+0x67d/0x8e0
[ 1133.887749]  ? __pfx_ext4_getblk+0x10/0x10
[ 1133.887778]  ? __pfx_security_inode_init_security+0x10/0x10
[ 1133.887809]  ? crc32c+0x1ae/0x350
[ 1133.887838]  ext4_bread+0x2e/0x1a0
[ 1133.887871]  ext4_append+0x21d/0x530
[ 1133.887909]  ? __pfx_ext4_append+0x10/0x10
[ 1133.887946]  ? __pfx___ext4_new_inode+0x10/0x10
[ 1133.887993]  ext4_init_new_dir+0x13c/0x240
[ 1133.888017]  ? __pfx_ext4_init_new_dir+0x10/0x10
[ 1133.888056]  ext4_mkdir+0x3c5/0xb30
[ 1133.888088]  ? __pfx_ext4_mkdir+0x10/0x10
[ 1133.888113]  ? security_inode_permission+0x72/0xe0
[ 1133.888153]  vfs_mkdir+0x7b5/0xba0
[ 1133.888186]  do_mkdirat+0x11a/0x450
[ 1133.888221]  ? __pfx_do_mkdirat+0x10/0x10
[ 1133.888254]  ? strncpy_from_user+0x21b/0x2f0
[ 1133.888301]  __x64_sys_mkdir+0xf3/0x140
[ 1133.888336]  do_syscall_64+0xbf/0x420
[ 1133.888362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1133.888386] RIP: 0033:0x7f7208244c27
[ 1133.888404] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1133.888426] RSP: 002b:00007f72057bafa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1133.888448] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f7208244c27
[ 1133.888464] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1133.888478] RBP: 00007f72057bb040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1133.888493] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1133.888506] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1133.888543]  </TASK>
[ 1133.937228] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1133.938703] EXT4-fs (loop5): group descriptors corrupted!
03:52:41 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x2, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:41 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 77)

03:52:41 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 33)

03:52:41 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xfffffff5}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:41 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xfffffffb}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:41 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f00000017c0)=[{{&(0x7f0000000140)={0xa, 0x4e21, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0a00000000000000000000008000000e707b8c9a8a8cb141"], 0x18}}], 0x1, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)

03:52:41 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x2000000}}, 0x414d02)

03:52:41 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x50, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1144.910350] loop6: detected capacity change from 0 to 22
[ 1144.921676] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
[ 1144.925308] loop3: detected capacity change from 0 to 512
[ 1144.935969] loop5: detected capacity change from 0 to 512
[ 1144.947488] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1144.948935] EXT4-fs (loop3): group descriptors corrupted!
03:52:42 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xffffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:42 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x3, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:42 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xfffffffb}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:42 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x58, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1145.028828] Process accounting paused
03:52:42 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 78)

03:52:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 34)

03:52:42 executing program 4:
waitid$P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f0000000040), 0x4, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:52:42 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x3000000}}, 0x414d02)

[ 1145.155351] loop6: detected capacity change from 0 to 22
[ 1145.163582] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
03:52:42 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x4, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1145.175727] loop5: detected capacity change from 0 to 512
[ 1145.199509] FAULT_INJECTION: forcing a failure.
[ 1145.199509] name failslab, interval 1, probability 0, space 0, times 0
[ 1145.201234] CPU: 0 UID: 0 PID: 9257 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1145.201263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1145.201276] Call Trace:
[ 1145.201283]  <TASK>
[ 1145.201292]  dump_stack_lvl+0xfa/0x120
[ 1145.201334]  should_fail_ex+0x4d7/0x5e0
[ 1145.201364]  ? __kernfs_new_node+0xd3/0x930
[ 1145.201386]  should_failslab+0xc2/0x120
[ 1145.201418]  kmem_cache_alloc_noprof+0x80/0x710
[ 1145.201451]  ? __kernfs_new_node+0xd3/0x930
[ 1145.201473]  __kernfs_new_node+0xd3/0x930
[ 1145.201500]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1145.201529]  ? lock_acquire+0x15e/0x2d0
[ 1145.201557]  ? kernfs_root+0x23/0x2a0
[ 1145.201579]  ? find_held_lock+0x2b/0x80
[ 1145.201600]  ? kernfs_root+0xee/0x2a0
[ 1145.201621]  ? lock_release+0xc8/0x270
[ 1145.201646]  ? lock_is_held_type+0x9e/0x120
[ 1145.201686]  kernfs_new_node+0x13c/0x1e0
[ 1145.201719]  __kernfs_create_file+0x55/0x360
[ 1145.201754]  sysfs_add_file_mode_ns+0x21c/0x430
[ 1145.201779]  ? __pfx_dev_attr_store+0x10/0x10
[ 1145.201818]  internal_create_group+0x662/0xeb0
[ 1145.201853]  ? __pfx_internal_create_group+0x10/0x10
[ 1145.201876]  ? blk_validate_limits+0xc27/0x15c0
[ 1145.201915]  ? lock_is_held_type+0x9e/0x120
[ 1145.201951]  loop_configure+0xc46/0x15a0
[ 1145.202020]  ? __pfx_loop_configure+0x10/0x10
[ 1145.202073]  ? avc_has_extended_perms+0x107/0xf20
[ 1145.202105]  ? find_held_lock+0x2b/0x80
[ 1145.202125]  ? avc_has_extended_perms+0x23b/0xf20
[ 1145.202157]  ? lock_release+0xc8/0x270
[ 1145.202188]  lo_ioctl+0x66d/0x1ca0
[ 1145.202226]  ? __pfx_lo_ioctl+0x10/0x10
[ 1145.202258]  ? __pfx_avc_has_extended_perms+0x10/0x10
[ 1145.202298]  ? lock_acquire+0x15e/0x2d0
[ 1145.202324]  ? __virt_addr_valid+0x1c6/0x5d0
[ 1145.202350]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1145.202383]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1145.202412]  ? lock_release+0xc8/0x270
[ 1145.202445]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1145.202526]  ? check_irq_usage+0x210/0xb40
[ 1145.202551]  ? __fget_files+0x34/0x3b0
[ 1145.202580]  ? find_held_lock+0x2b/0x80
[ 1145.202600]  ? __fget_files+0x203/0x3b0
[ 1145.202631]  ? __pfx_lo_ioctl+0x10/0x10
[ 1145.202663]  blkdev_ioctl+0x365/0x6d0
[ 1145.202701]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1145.202735]  ? selinux_file_ioctl+0xb9/0x280
[ 1145.202762]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1145.202798]  __x64_sys_ioctl+0x18f/0x210
[ 1145.202825]  do_syscall_64+0xbf/0x420
[ 1145.202849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1145.202871] RIP: 0033:0x7f2dac41a8d7
[ 1145.202888] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1145.202909] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1145.202931] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac41a8d7
[ 1145.202946] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1145.202958] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
03:52:42 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xae, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1145.202971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1145.202983] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[ 1145.203015]  </TASK>
[ 1145.205683] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1145.222809] loop3: detected capacity change from 0 to 512
[ 1145.223139] EXT4-fs (loop5): group descriptors corrupted!
[ 1145.242182] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1145.257236] EXT4-fs (loop3): group descriptors corrupted!
03:52:42 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {0xffffffff}, 0x0, 0x0, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1145.426625] loop6: detected capacity change from 0 to 22
[ 1145.429483] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
03:52:53 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 35)

03:52:53 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x2, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:53 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x4000000}}, 0x414d02)

03:52:53 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 79)

03:52:53 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r2, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r2, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000180)=0x712, 0x4)
close_range(r0, r0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
r3 = accept4$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @multicast1}, &(0x7f0000000080)=0x10, 0x800)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000100)=@filter={'filter\x00', 0xe, 0x3, 0x53a, [0x0, 0x20000400, 0x20000430, 0x20000460], 0x0, &(0x7f00000000c0), &(0x7f0000000400)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x2, [{0x5, 0x7, 0xf7, 'vlan0\x00', 'veth0_to_batadv\x00', 'veth0_to_bond\x00', 'veth1_virt_wifi\x00', @multicast, [0xff, 0xff, 0x0, 0x0, 0xff], @empty, [0xff, 0x0, 0x0, 0xff, 0xff, 0xff], 0xae, 0x12e, 0x17e, [@quota={{'quota\x00', 0x0, 0x18}, {{0x1, 0x0, 0x5, {0x1}}}}], [@common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x2}}}, @common=@log={'log\x00', 0x28, {{0xc1, "1ae05c795f37fd2cd8133e81be7e00d70c9ba853d50571a1c01421b4f51d", 0x9}}}], @common=@LED={'LED\x00', 0x28, {{'syz1\x00', 0x1, 0x43d75d13, {0x7}}}}}, {0x11, 0x1, 0x4305, 'sit0\x00', 'bond_slave_0\x00', 'geneve0\x00', 'ip6tnl0\x00', @empty, [0x0, 0x0, 0xff, 0xff, 0x0, 0xff], @random="0cf79e7488fc", [0xff, 0xff, 0xff, 0x0, 0xff], 0xde, 0xde, 0x12e, [@quota={{'quota\x00', 0x0, 0x18}, {{0x0, 0x0, 0x2, {0x2000000000000}}}}, @cgroup0={{'cgroup\x00', 0x0, 0x8}, {{0x9}}}], [], @common=@log={'log\x00', 0x28, {{0xdc, "6fa298846d025e48a4b2f81a16062e5a5ae7ab5e37013a4f2d4001902e91", 0x3}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{0x0, 0x44, 0x22eb, 'veth0\x00', 'bridge_slave_0\x00', 'gre0\x00', 'team_slave_1\x00', @multicast, [0x0, 0xff, 0xff, 0x0, 0xff], @remote, [0xff, 0x0, 0x0, 0x0, 0xff, 0xff], 0x6e, 0x19e, 0x1ce, [], [@common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0x6, 'system_u:object_r:gpg_helper_exec_t:s0\x00'}}}], @common=@AUDIT={'AUDIT\x00', 0x8, {{0x2}}}}]}]}, 0x5b2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000200)={0x8, &(0x7f00000001c0)=[{0x7, 0x20, 0x3, 0x8}, {0x5, 0xd, 0x1, 0xbf49}, {0x7, 0x0, 0x2, 0x4}, {0x2, 0x20, 0x7, 0x1}, {0x2, 0xf8, 0x2, 0x1f}, {0x7, 0x4, 0x9, 0x9}, {0x10, 0xfb, 0x7, 0x6}, {0x2, 0x1, 0x4, 0x5}]})

03:52:53 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x2, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:52:53 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xaf, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:52:53 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x5, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1156.252231] loop6: detected capacity change from 0 to 22
[ 1156.262231] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
[ 1156.309484] loop5: detected capacity change from 0 to 512
[ 1156.312483] loop3: detected capacity change from 0 to 512
[ 1156.329402] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1156.330846] EXT4-fs (loop3): group descriptors corrupted!
03:53:02 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x3, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:02 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x5000000}}, 0x414d02)

03:53:02 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 36)

03:53:02 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x7, 0x4, 0x1, 0x0, 0x0, 0x7fffffff, 0x200, 0x4, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x2, @perf_config_ext={0x9, 0x401}, 0x24, 0x100000000, 0x7f, 0x8, 0x9, 0x3, 0x2, 0x0, 0x3, 0x0, 0x2}, 0x0, 0x8, r0, 0x4)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)

03:53:02 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x6, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:02 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x3, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:02 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xed, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:53:02 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 80)

[ 1165.696040] loop6: detected capacity change from 0 to 22
[ 1165.704822] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
[ 1165.714712] loop6: detected capacity change from 0 to 22
[ 1165.752277] FAULT_INJECTION: forcing a failure.
[ 1165.752277] name failslab, interval 1, probability 0, space 0, times 0
[ 1165.753229] CPU: 1 UID: 0 PID: 9310 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1165.753245] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1165.753252] Call Trace:
[ 1165.753257]  <TASK>
[ 1165.753262]  dump_stack_lvl+0xfa/0x120
[ 1165.753291]  should_fail_ex+0x4d7/0x5e0
[ 1165.753308]  ? __kernfs_new_node+0xd3/0x930
[ 1165.753322]  should_failslab+0xc2/0x120
[ 1165.753339]  kmem_cache_alloc_noprof+0x80/0x710
[ 1165.753357]  ? __kernfs_new_node+0xd3/0x930
[ 1165.753369]  __kernfs_new_node+0xd3/0x930
[ 1165.753384]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1165.753399]  ? lock_acquire+0x15e/0x2d0
[ 1165.753415]  ? kernfs_root+0x23/0x2a0
[ 1165.753426]  ? find_held_lock+0x2b/0x80
[ 1165.753438]  ? kernfs_root+0xee/0x2a0
[ 1165.753449]  ? lock_release+0xc8/0x270
[ 1165.753463]  ? lock_is_held_type+0x9e/0x120
[ 1165.753485]  kernfs_new_node+0x13c/0x1e0
[ 1165.753502]  __kernfs_create_file+0x55/0x360
[ 1165.753521]  sysfs_add_file_mode_ns+0x21c/0x430
[ 1165.753535]  ? __pfx_dev_attr_store+0x10/0x10
[ 1165.753556]  internal_create_group+0x662/0xeb0
[ 1165.753575]  ? __pfx_internal_create_group+0x10/0x10
[ 1165.753588]  ? blk_validate_limits+0xc27/0x15c0
[ 1165.753609]  ? lock_is_held_type+0x9e/0x120
[ 1165.753628]  loop_configure+0xc46/0x15a0
[ 1165.753663]  ? __pfx_loop_configure+0x10/0x10
[ 1165.753691]  ? avc_has_extended_perms+0x107/0xf20
[ 1165.753709]  ? find_held_lock+0x2b/0x80
[ 1165.753720]  ? avc_has_extended_perms+0x23b/0xf20
[ 1165.753737]  ? lock_release+0xc8/0x270
[ 1165.753754]  lo_ioctl+0x66d/0x1ca0
[ 1165.753775]  ? __pfx_lo_ioctl+0x10/0x10
[ 1165.753792]  ? __pfx_avc_has_extended_perms+0x10/0x10
[ 1165.753814]  ? lock_acquire+0x15e/0x2d0
[ 1165.753828]  ? __virt_addr_valid+0x1c6/0x5d0
[ 1165.753844]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1165.753862]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1165.753878]  ? lock_release+0xc8/0x270
[ 1165.753895]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1165.753933]  ? check_irq_usage+0x210/0xb40
[ 1165.753947]  ? __fget_files+0x34/0x3b0
[ 1165.753963]  ? find_held_lock+0x2b/0x80
[ 1165.753973]  ? __fget_files+0x203/0x3b0
[ 1165.753990]  ? __pfx_lo_ioctl+0x10/0x10
[ 1165.754007]  blkdev_ioctl+0x365/0x6d0
[ 1165.754026]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1165.754044]  ? selinux_file_ioctl+0xb9/0x280
[ 1165.754059]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1165.754078]  __x64_sys_ioctl+0x18f/0x210
[ 1165.754094]  do_syscall_64+0xbf/0x420
[ 1165.754107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1165.754120] RIP: 0033:0x7f2dac41a8d7
[ 1165.754129] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1165.754141] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1165.754153] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac41a8d7
[ 1165.754161] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1165.754167] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[ 1165.754174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1165.754181] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[ 1165.754198]  </TASK>
[ 1165.761575] loop5: detected capacity change from 0 to 512
[ 1165.782888] loop3: detected capacity change from 0 to 512
03:53:02 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x1000, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = accept4$bt_l2cap(r0, &(0x7f0000000080), &(0x7f00000000c0)=0xe, 0x140800)
ioctl$INCFS_IOC_FILL_BLOCKS(r1, 0x80106720, &(0x7f0000000300)={0x5, &(0x7f0000001400)=[{0x0, 0x6b, &(0x7f0000000100)="f9c3c1707d12d0367bc32c05e9b0f9c0a7a0d61acf9e20c3eeaad54aa4dce6ff56ece2318b3c7fed7bbff51f0265d4cb53cd8d6ae1536b239a5a6967308127bc34e311c6eb2439eaedfafe380d0e364da38a49080ac5a48d1c6b39605967ce188ece46027c08c1f0873f58", 0x1}, {0x80000000, 0xb6, &(0x7f0000000180)="04142b8373ef6ee36af3f4b262e00dd179bdfbd2f1664c8979e0ef104aa0a66468bac47c684f0f5d5299b174d8efb560b2a554487cb699a9ad9a99389c12a8249a643fdf407d533d0627e80571c462f588e6c1fe5190b8c060bbc79f772abff68c1431f060ed6d114bda9e9a2d74990fb70833e289b992991871f73d1014f6d241c64b1cfbdece5453b7f91ef67b325e4dea7aeef4682b655ab761f3e16702da58385069fb743ca050845c4e7ad9678443b4254dc43c", 0x0, 0x1}, {0x2, 0x3e, &(0x7f0000000240)="24b7018f56666d51137f68e93817c6837f7c7750e67a69f4d1b39d0d2374640e0f69df6ba56f45f993b1ce7f5b50b34d7127672416472501a0fccf26edb1", 0x0, 0x1}, {0x200, 0x1000, &(0x7f0000000400)="28305e02c162f86e9582ed4c7d23cf1b441e8f7ef397e0e5caff5a19cfa4c011fe3f69ef802b084f0d12cf66a9104bc6ac3d747c9c7eb05f0a04da58ea80db0eadee35ed7b8ee0de00a5b84138a58107eb97b87f25f0540d846047c060edc9b1afc05ef2f38365140f2da7044a541bb2d940ed2da3c52a8d09f791009076116a9080b0766db2b595502f07cb663ffedb7315227ec472637f041eb52abdcb29b59ab1576127262b4e7566b431650c10e72cf3145ff4789c9eef81e5141ea9f09f6d2fd5c74fd8e96799d188a084c9ca46a4108a44eff98a211df62d21d69c4e07e41b05e429397d8b695df0cedd56aa665aa69f30a3b3a4a303c2e5f7bfff34fbb805897119e11520650482fb833ca48c695c146fc8ac873158837cec858a310668e8a8d887fd5c8472e66b937a280b8e298d0eb0f1fc33ca409451274bd14d844bf23b68092f9700a6e707820eee95079221dea3d1e681d4916286c613b1627ddaddfd05089fd0431dcf01ee25c8a78d2e18106d50451d1788e71d5c64fcfa6ffb55f686d7505fc4c5a5093a242ada514ad0fd04b374da9e9ac1f36ac1ef25c0d9c4a6da3e242d2a1f7c48752149e05ba5fa9fc4727300c9e9a3da4e411c1544cab6aca7f90ce994db0095dbe7606f3bbb680ea41ca28fe385904dbaffd2b345349979b5aa49b1eb15fe5e2ffb2fd49e70df9041857abdd9dae4365752210bd0b31fe277cdc84941eeb6fd7212e3f9c338f6294073a8387b8eb61702646d75bb52ecdc91e61893029b4d55308992aea56a76f712b7f2a3ccc96b791d61fa845b4276ff351816137bf041344df672beff402fa13b2abe710128380413a5729bbd37f0249f06c95417577faf03e9e2cca79b695cf19de8859a4378e8d092e5d9a5cd9808909958952a29574dc66db0c3a6ac70d2930587b069c8a0fdf3bbff39883f7fbd79939352db4452032b0f43f611589243cccb9232b18b663ca962eafb901b03ed9248d8870ff790a724a35ccfee84b7e3506c2499f28b6d002651f9cb00bc6cde7c57d137df128d5bb3f9fdae275b56173d270ec9b60aca291bfb24e46f50c840b767b0c8323f8f159b64630937c4c87fd6ef6a6738c3d4cb1c1b028266f30dbe79185c10d14d16569ccb2eb41accdc31cb8b703ab0f8c86e2bcdd79992c06f5b214b347e0c29b93a57740c60df02e1a6a2e8bcb9173dd538f44c2b6d7705caa1bb1d40dfd605ab33874f49fe041a4c5fec4b8dfaad9ad46b358e1ae8348f4441e3effa6cf881af0c63f99d740333dc49f98dcd23d5bf7a7f9997bb340e99e8d8dcc29d885651cf220ce25106cbaa1d228e5f1568e43eca1816dd71c1d0ef56974c6b9bd64f818c546271097829a92b713dd765ef10f614ed0c219dcbca447b3ebba1cce85f9895a824502c4a15d0b97092f0316fd2a105f71da21fbe87ec013156625438e832533f4a65db7f8a6aef8db32a677ab1d61ade57b87aa7d3ed706f78e3d9fe433859b0b27d8b3e3dcf02b1da1ba83f96629ad1566e7f74e9b34592dc153c5b4fae57f7695ba1760a7150b1e09c080e58f060118d787fdc13fee559746a32fea8cd3b474bd846eea66e2f0a146456bb6d8c1cae97f5c50551f1f7dd4605de8f96faef04f5c73cbf53ab8756f8d592c63663fbcc6e5d7ef9b6793211610fa1481317f3c8760b56ba753e3a23039a339eb18e55e3c77f7d0f3ebbcebc2957b42cbf63eece01f9a9195c394b483434f0361ac86a5de7474baf46c1b1bc0a966d8f196844db5abce444783a170e44425236b1ff9689632489b489948e330326420db324a53106619931161a30cdfde99406c44f6ffca135606c9a8e5882d58cb27772427d3f81b387692c8bd1c1dc9c7dcc89b0397f02ab488bfbaaae7e09ac52885224be4ecb531ca6cf40ca83baeadef36519d873f28d4011c7d3b2081891643b4ee806fc76f081b7a0dc7ebc49ded16bc17d9958634e5bade2b32da8237075270983e3b879c6aadfd12e23c368b63f8e885e691bd1cc61cf7fc206a9a22d539feff09e52407abd5dfb9820d4fa1ec9b885e850e815a179cebf3fdff641437a0aa35dc2dd33117e812a8a1bba08b65262c794cf235d1be1dea8a17b2e372ea1e8b8c9d4cd5785bc4ee2220aaa4ad7b9424f94e7dd7315f1f3dd6013f3d1e1cba8878122a36bb52a555ea7b71d93198f274b7e3dbc0e78226a206cb17c3998bfe48851a4d16dabad8a15c6ff95593b7cc26d862f8a611f7f52aea7ca8c63a885dc651f595dcf2ff55d5cb51a416e3b1b242a581bdbf1ea12a492d17220e60f23c725b85922d8ce0dca7cb7606632800c161168c65db4f19855a4114bf69f22dc14a41a2e4bd5ee8c997ce46508c3cbb00b8aa3543927f83b939217c1ffd8a5128f3ddf55d27773436c41cf74e745ab3cac8f50022bcbc057d15ce0f2953f2d1c7286c0309cc15b8f1f3dee4af45a97ffe797bf0b59d3f816d073216861c0e745e85cb698c4eb99da348a30f77403caf4d84cb396422ad57e73c814346cbaeb20cc5a425c5de9cad067321884178e05807c37dd64ea23e8c469112d64e07547454f8a3a4c3fb5b8917ea36cb4e6b02acfdaacf2af8b19b85af34cc6830a2cc6cb952ab1618a464663f88dc5b60ecfb5de36dcfca8bd8159e37ff2eae81e67b148cf49cf89223c8a1c28bec29f6f0a7a16e81695b4fa57393aa859d43936f3e5f77e598fa848113c5ac5e076d328931cef66c5dd9930f71d7a87432b626fb41554033048f11f8d439f0bd35d9b7beab79878a915524860b7850b3ff3d78d79a9e68a95964c781c4d77f8adda9c3b731098deef1f1893ea1c0872d36a966e65cfbf086a7a7884207dd8e8fe96e4d1180076cd47c6d26a914c695af791d99aa1576ae4c8ea06d7bde8337a0be8e92f8a84a4a5b5ab2b71ff62988fa7120ec55b080f23d9f9bb97fba16aeef42ce76c96c8a90de3595daa5a96963a201f9aec15521387a480c00610d6073d165771cee2e5091a29128fd5a038394158a1b987f09a5d66b7fe9f1472acae4227a9087b37f6d8944d868b979a5ff43d95703ed907c95f9e39ba6722a505c4506f586a93716fa76505891a0967908e096caa0336d018f954851e3a695fed7bd63c5d6cd1aacf3a7e5b4b24e20aa0e831dc457e818b0e7fbe3102382b176e8201c2a05a0a0e85c0f8f35bf30169b4a21b0af9d13c5e50253cf81e6bed8177b585563973593a15db49acbfb49f7d5c106b00bf96bd772b8fb3ac9c9849ddd4b9aa296b781e45dd04fa35ca16d29714b9905afd7d285ca7f62a65e547eccc8f82d67ef206685d5af0a6e3e4538e901271dd0f5c8ea853dcb106c37b1e484335cb216a18939eb70a2a603b3ac2ebdc8e49cf514ac32cb902b2645d8670789f709f6b59ddb8488c701695441be9c2fd3616c0708b897dc37d4563ce9ac540502cde98a94a57ef03d7a40b90e84581db00f81017f263965a3c05d2176713614fcb881ccf23b8d2ebaf4ed5512edbbcc2436d6dc1257cd382f29f844de56e616d26c8a7f47cb488fca1f69554e6fc8f645216dbd6fcd64def060319889ba4043ec47a8292dd2164584db6eb19924e630bfbfff8b0b9a8276f8e190b929ddf42e31c67e4c89c3b807510a338c9ffe5f90163dff99e01f9f1c82c6899908243321f0e0d676af739f139f485e64a7e783108d501564014606b381c635a215c69740b68fa7073f42da6a8c9a9f8cc96e6af95ad8fc2b244b235f621eff24b411180d3100955b83a794db05da8670f88f86fdb3700477d68a313509c94f08fffb3e46467250aec57f720456d8a28bd2b4420d7e766feb744376c42175e488b51ef5657e23d0e6788c0467c64562ee4a63cb499890ce1bd88aaa96d491606d4f0434e6971869416caa1b4ca5b86ec0ad97d09c061645e183355bc525b3f2f4fbb08a29428a28534409047bc976b08a3a2a50b95cdcde62d9614f27d52a23c0a54fbae5086d23b561c8b52f7aa0c7457b680e9e2cc4e4429471ec78ef4ced53a012afc678364a299f80c077789245bf58484ade7c12a17603c3397415f307e04b56cfaa8be5a588fb46e9b811366101ad6fbe6d01cd4fa3009b1a4d2377d569465dfc3834f57b92e2b63f713fa1b24bd6114a9948da063533563d5f5a7880e4c5675c4fe5d0d7e3984d1006e414278d4e28d43f6d54534667b004bfcf6744ea4db748856a208d1164be2ef766c779a824e3ccbe5a1b18f592ab57a492ec8b3b5551edb2439f566be75d1371a84df5a21beb340847f31f61fa047643210be5486d01acd359efa0da96f235993f667d018953de4a28d39b97897d6ea84c1698370b703f5d71ee99c0ae66800a2cc27f36be611bef2bdf39461d3f00e45962e5a5ac518ee10ab7343c0ded01a68858923bb37918f4e7d5e3a9f7046fb0d7aa3adf79989c2726144bdf582a18ce5f74a4a10531977f6a7b60a1138dbdd299a1ff8aef919df0337019c976b8a26b475704655795fe1266348f5bb271d2b237b94aca7009333b7a2f50b5b8c279cc97a8ed38cc5887d99ffb34e929aef091dd29b64d43e5699acf145b9289422a815a5ee41e58a8a0935e564ba15c880d910655fc3dc94cf10dbeef669cad27865d8f196d73cadc4f913258072ce618921d3ae746e5ad5a317a8a9891e4e17c08dd2bd397c80caf1f1b49c9cb252e1dc6571f23ff32107eb95c6e09ca04239de524edbf04e29ac6b9d7ee300a625b48fd64ab8d2fce4ae347b2f78510a5e0287ba69cb823934d7cfd84f740a8c77169a2276a8b5d9dfc4d926b8f003937b2fb802937883464f9da51f8f3f48715309741ede8734549f0c0269fec8e30d269c8bd388360f76af2ee3fbab527b2ae4b532191b834baa488076c6648b06e2edc72e94b548d789302bae7af4e2b955478e2368fbfaf99389f9bf313cf45743020135701d83e2b63ad02427b680ec75c3da39f4e093fc83a6c54e0e588c9f93e678c093d32c8a1c24f03e639d7c524a9f2da86e0d6100e22eb172c25721a3baf7a062f86215274950e71899edeedef0994e63bc84460bde57f4534794bc6db3fd34d053d1e88cc2425ed3d136776ff5cbf7b32781178ea6a3488790d7734abe1cf6eba95a2913f4ba97efb9fa616e71aaa567b9ca2820090a4ea405774a82b4fc9a6f2e19dd78cd6f1ca87cb3f1aa7b2b511a3cc4fcfcf4fd53927c3d79dc5257bb0916eb067b9f3ab1cbf427f25c45e016aad06ab691693cc71cf3a71f953c09b4d09b9ea4a707e1d910c444c3c6a65233c33b0f58f5cf23baed20db399faed7e81b086045450ae6a270b5d8f3fe697bdedf5e0b3c7c90af53af285eb71d83e14d01ee6a50d952fd05a67572a1815aba03a4e40f67d9311db823f6059287add6c6c972e89b348ca8b72f0cc20b6f3654e6a97fcbfe7afb87a781c58b33a70785bcf778627387f168e2fd882df877827c7d0de1b931ac6856116eafbf2de139c8435d8c1917efcb5367429bb557e61920a618be58ce976dc95daf9762847fbd886a33397604a4a0d4fb3f58a114fcd495d800e02058d09ad55bb16f5c5092ecb409a46917b54a25a069f111603d1f0206e79254cfbd035f4e6f2cfa6c79fcbb4767d1149cecefc5400ba06c68b2ab0c53a4d74743547e86ccbbffc8b5475641d50a3656b4939e456dc9d97d6023abf2b84c07f990949ae517e90b6f7ebc00250606b167951bb22cbf934f5b7adae2013914671c72b5fa22d273cc0a0178836f22e897592ce7f10a5ccb3218d8bfe8cf3c", 0x1}, {0x4, 0x72, &(0x7f0000000280)="378957c603aeb5b5ccacce384577a96ae1beb0d70b5ef62eb6b7f05614cd8b5efb3c11e10d434dd05895750c2b1177806770b16aee19fa1e7cc52a9abc5912ddb9829f7bd47f18e855e2f79c854175190ceb27b78082e2fc952743d4150fc7f909652cd2c9ad1a12f8a92ce8e6cb465de468"}]})

03:53:02 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x7, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:02 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xee, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:53:02 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x4, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1165.834799] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1165.835586] EXT4-fs (loop3): group descriptors corrupted!
03:53:02 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x4, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:02 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x6000000}}, 0x414d02)

[ 1165.854744] FAULT_INJECTION: forcing a failure.
[ 1165.854744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1165.856675] CPU: 0 UID: 0 PID: 9313 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1165.856706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1165.856720] Call Trace:
[ 1165.856728]  <TASK>
[ 1165.856736]  dump_stack_lvl+0xfa/0x120
[ 1165.856782]  should_fail_ex+0x4d7/0x5e0
[ 1165.856815]  _copy_from_user+0x30/0xd0
[ 1165.856844]  memdup_user+0x7e/0xe0
[ 1165.856882]  strndup_user+0x78/0xe0
[ 1165.856920]  __x64_sys_mount+0x17f/0x310
[ 1165.856957]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1165.857010]  do_syscall_64+0xbf/0x420
[ 1165.857036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1165.857060] RIP: 0033:0x7f720824704a
[ 1165.857078] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1165.857100] RSP: 002b:00007f72057bafa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1165.857122] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f720824704a
[ 1165.857137] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f72057bb000
[ 1165.857151] RBP: 00007f72057bb040 R08: 00007f72057bb040 R09: 0000000020000000
[ 1165.857166] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[ 1165.857180] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1165.857213]  </TASK>
03:53:03 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 37)

03:53:03 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x8, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:03 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000020000000b00ffffffff00"/24], 0x414d02)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x5, 0x8010, r1, 0x10000000)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r5=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x3}}, 0x0, r5})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000180)={'syztnl1\x00', r5, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @loopback, 0x0, 0x20}})
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000740)=<r6=>0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000980)={&(0x7f00000018c0)=ANY=[@ANYBLOB="dc0100001800000125bd7000fedbdf25000000000000000000000000000000000a0101020000000000000000000000004e2404014e2300000000000000000000005232c5631a1d434f42f8ca5776bd6687aacaf5d7eb630080743b56b9bf4c6651c3acf092efcc9e6878d11a5d78", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0a010100000000000000000000000000000004d33300000064010100000000000000000000000000c5ffffffffffffff05000000000000000104000000000000210000000000000000000000000000004000000000000000030000000000000000fcffffffffffff0104000000000000d10200000000000009000000000000000800000000000000000800bb0200000002000027bd70000740bf49916e7bb313eb5f1b3500000a0006060200000000000000b500000000000000e4000600fe800000000000000000000000000037000000000000000000000000000000004e20009b4e23", @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="ac1414aa000000000000000000000000000004d46c00000000000000000000000000000000000000dd0e0000000000004d0000000000000000010000000000000200000000000000060000000000000005000000000000001f000000000000000000050000000000000000c2b146d3000007000000500f000028bd7000073500000600ced6470000000000000000000000000000000000000000007df96c0f32031bce905d098640579022f951128a51f0a94d0d8a158830fd967a9e6cd2d16887f41db0b4a502f228e1a8dd42aabffb6c56e59e818fa35da1d319d19e76083099f3f3dbf44bac7c37c1ea951dd77feb62e53e25def1d6cbab44e68198ebbffe1869b31864e13e9d1af46b20da625892408cbaa0a17f1381b120a3767a0acaf922478d8e11374e243f32372f1abc34edb8cf01c19b0d067e5ab8eabeb8525ddc3c1527f1"], 0x1dc}, 0x1, 0x0, 0x0, 0x4000011}, 0x40084)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@ll={0x11, 0xf5, r5, 0x1, 0x4, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000200)="f367f041c470da6da401aca4a15f7894e27eba90d9e338f4d5f3c06f888f264896603bdb69b8", 0x26}], 0x1, &(0x7f00000013c0)=ANY=[@ANYBLOB="78000000000000001801000000020000a08c91caac0f43fc3cb00da6deaa503d79c2788ee4d392585369571d6b3b5fe333a0101160d84446c61524fe40193f23bd7e51071f6d5ea4046c878dde9afb63a167d45f7ad6a6e6e78ef400108f16fa06ea13f8a810f24df6dab8adf0da7f78379300000000000000b000000000000000080100000100000013deec1a0eb8fbb8006a7f053477a6bb35ded80f390fc302bb2c2fc621d130b0a9faac44ad575c375bebc64be388335dde0396309a0f26e04bf2c811cf1b186a172737036879eb03e1af7b9f0f546b0410833748770cd99f2a070a53897783c6969afed592c6a33544c9aa20b2b857d0cec7eec10a9c9ba8b3523e6a57e4afca28e8a6483606d1adc06cbc507380769d127557ee3fd661eb1de8470ed0d870000000ac88e3ed900000000000000010010000080000000e15cb0fa60f112f155fed0e14594608dba2c60edc3f67a64c32dad570e1cad670c937ba9d86ad5fdcc8d5d29972e7bbee34dc5efeb89089924e9f3894a588d10de678f4cb1493b73f2595f213ced0433e4f7e6491d46b73be682f279e1ebda8aec575151e6cd43977a3fc1d843fde3d272e162fa30e3307e1afdc00000000007502ab9cf99b8711100100005a0c0000dc0acc25165a6643ec30c42bc00e4b94c40da6103d8409d01471b0d21e703f331dbe40d13402c97552900264ee5f43ae09743d2d8359819e4259e54d4d5fa4c9e239eb947418a389d38f1707078344084de6ab59f44b4c1d3a5ef99cdc3f7c232f29996710047ac144e234ce926ff9c57281e30ba564a30902d942db2f337f52a9702b3d16f33505d3310fdddfdcd44ea54f610bae7d4948e15aef8081cb8dc9fa76cc812b17279f7fd65d866b36e85e1a385716864215bcabc555e2704b158073bf3993f9424521ee878ab65f9f3212cd7fee5dfc181d937b86f5f2473f08557e5c842510010000000000000101000000020000c593133edd9b0501b546088b8b7199e31f1d4479443cd500f307183db7c0eff02809b2448ac3fb9306000000000000002ed87c2ffbae74f34361fb3cd7c734a39724003df6e9765293f411501ad1f8a90101c525c29e54173c6e633edf30ce98c9338d522a50b3ebf809ee69f432ec41f9b47f7a1ba2f9474aaeb91150a94012913776a97426414b504fb5cf5d865dfdfa63108a18cf03a9c3d58014209ef9c5021a637f4b1036a2658b1b2a7edf0724ceb130f63f1045c70d1d58ecad85718f9046565ca300da940d64b248bcbf8601157786d886c84eacbb06a53d17363bce8c5b2b4b45dacbb8e53aed6f45fd3965aae271dbc75651a0d54920e034d2ba1928e5d10000000066a5d91d703d97317a8cbc869dd93bd874942735ba3867067a38ff7405e6d6f9997b472d6f2641f1abd56388dca26a64a2d3ae0a6013f4d53977b047ba150afe2c345613677f03dfc4bddf7226e7e3a3f908675787a4f3000000000000000000000000000000bb4071768aaae2e8cb2d8b701dbfe590faee3b1c243706e23cb5074d1ea55e1a17f0b23381467d1aeb2fd3a9000000000000000000000000305d1441fd648348c98a83520c649d3a6f15a4670651efc41530ec8811905b5ed7fa6b16bdb69e5ac79dfedd98283a70bcc0b526d7ac941dd3d79aadff04ac7c79f12d7970cdffe13e83c6b52076a90d0a4c7433a410e9dbde"], 0x3d0}, 0x0, 0x8000000, 0x1, {0x0, r7}}, 0x6)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd, 0x0, 0x0, 0x9c, 0x5, 0x0, {0x0, r7}}, 0x3000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x4, 0x0, @fd_index, 0x3f, 0x0, 0x0, 0x0, 0x1, {0x0, r7}}, 0x3f)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000480)=@IORING_OP_FADVISE={0x18, 0x1, 0x0, @fd_index=0x5, 0x1, 0x0, 0x7fff, 0x1, 0x0, {0x0, r7}}, 0x8001)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_WRITEV={0x2, 0x0, 0x2007, @fd, 0x7, &(0x7f0000000000)=[{&(0x7f00000003c0)="8f6c0a3769bf5143e1fea25fca1e4151d5543e69078f5548efa50997eda6008b3033fec2c97b191d958ab58aec5dc9cb4fffdd4f18868ba8d8a9bb5b9e0dd5ad5a4f09366b9c34476b303e3bff90cfebd45b7ab3463a17537c6318374e8dbc5cfb9043b17e0e6ced9d8c9d42d4208673e88d7686ba48df8ae1162241f4e7dfcd2275b7f82970d59373f7b1f05bdef1dceb8f65883d0e5be7dd147dde67a1c2804186a1c5248599ade6f1dda5c41c138168d93fa03a0aa641784e5aee1510ae0ebae6f069f7c5c85fbd105d499d50dc5f1b73d2cc4867c4ae7f13d7cdee9b9c9aa330e386926dc4d6d36867ef789c837140cebb1c8f1f9d795bb20ccfabb9839e8a838956ead881500838902b9a8abe6546323b9fce1c9fc469af1eb70f4c5fb335d329ad508866aa725bd8e028d5577136f8d8efddfa13ee8d7c820260de5941e384125af6aade3e313c5953b934166bfaa75d00fbf75be5dbd0e00e02366661d27f1257f824529cef51b6c84eec727318064845f2d1da010f2ab02a066c0e91db50efe70d305653a2e39e66769914e0869eecec57cf74b85521368360713400ce0a223ecc9fb8da44114a143bd65e2aa8e1570ffa93d2857a58411c50c0c53c6a57f69a760a4d4816d383f8fe2f74e7529b3c1246f25c392f21d2ec840d5a5cc9df2b2fd8c2fd70e62e4d9628f059e2ab30af103a727cc2ee9103e43fe349ed50ef6b83e96dc0b68feb54d9488fd3209ba4bc8dc3d3cabc0d18ac14e3707bd2107ea5d21cfaeb623927c5257a73df75e01305163a8a4a7b0110a3220c461f21a43344614703a2246c67e15cb01c0b3ad4541eaef3d99d83c6cefbdcc25029a5d704dfc6bf4c3a3ce47d2faa2c43873cb611e919e64d6d4142f8e8a46e4f77a3a616c811c00bee708cc4b59d87d0375e90b9a0086d98d92efd5e3f3d734b476e3090d458888b16dfe9945c3613305c095b48bd6878e3f3353e5d4898a2f73359bbec92d51e66816f11179a153cd634aec9e0ddb0e356942f5e391477dfdefc975d099366821b85cf30e1122dcb76ea45eb2e68683d34aada85640cb438ea719a684cf5d496d42063b4cc37c8015265b2c79090a68d8faf3905e9d96ae9f79d8e068b0eb4528c3388cc6a624a65bfcf9746e24bee3ae0a96a7511f5b4c1160d83a6c3999883ff601ee369001cbe8fb860ef6050d481e57cfed678368c1534bb95bd5daa0887752aa6bc57fa956681b56fd813a4ade35f11a3ec02353ef78cf6bc0fdfbe3aa24df8df9c1ad91079c5c0ae9b7e06a60cd4fa7bed0fc7157be1111be2a31396b24cd70a6a56b1f9718ab741158d90d04fe471f2b0c9a25f6c79922f896da0b68dcb80e286f5259784156a4b5f043185a6f968909ac242a1824b6710ffb9c8ebe139aa3713fd9f8b11f3be83354af6eb35f7d4dbf06664729fff76b8500e6d3408f50eefeccf79488b9615197cc05bef6868599abbf5e88789c78fcf09bd2b06b0dbd7c50d89e1d8995edfef29429e54a6aec563a99e57e758bf1b9876711123b038518f99c3a81da41af9b8b456d4d40affc14eb0e74d3fff087d084f5be33942419c0ce92b527f1ce95456397aea6edc513138bf696bdd05e254c5ed7de6c0a8cec14acbb128b0b2d702d7d015f5f9c4edc8f9f0403ce55799e665e1e0e04ea9aff867e3ce6b7832861be56f0152077050d09dd9663374499b308f46f554501c8a205670e074cfa2f3b6484072878604fb0dc3db6f9993e6fcb811622815f2909569f454505fc971baa9f8c99fc13683ba68a796523a12d65862ef140aa27e774cd6bd704d9d77a3fc08d2010e77e517fb2b4c4c34671c3fbeefd1050f957a56e9d86bb2560a255dbd7558b0e66e0e5c450a36fe2201c1b695f53cf9bda8216f2c7ef544bccc225d420507c7ded94e575a13d6f4a677e00816b56104aa2a6ba92a63751be7af4e9265ba4499e00171c8f17ba2f6c3953b77b9775be2482e3dfa10dafea321b4d19dd5799aa8386b20a15139375bc066e9c6bf5aa89b6aad78f8250cac62f15dfb750ff9d6c531b4613426adcee01a5b81aded1cd9431909d97c9bf68cf5d3fb99f5ff0b08a2eaa237af2d2e0c58a51f6b5b99b0c628ffad2ad3fcdaaaddb4801259a7aa548f69cf21c68b1056041c66dbab83d58c9cdc3574825ac5d3fd484cab9c8e99787ca5daf263e93e878712ac09f1352b913fa1c405b198ddb24172ccec31aa094fd537943c73be79722df4f88d70c5ce751278d15047067d1d339dad12b575192b86efa8de1844086f5ca82e6b22d3fb55163413e2446649ffa66dee02771d303121609992d302c51f6b036f38162134c302c4e6b24ca0b7882bd79b2e9a56a9a09e809cd5ecbf73839dfa090d90b96df00bba5c1c58f2e0d2fa03de0a04bf770ffe703eb878b973bd93b0305d03f2184831a96af6a3d03396f9329a776a024455542e88e62badd3b5f660b1017b49c4f98588ab4b067178fabe8055d1435d7080db1df872179cf6caea1a9ad7ab3f0d8c346fb779d0bef2f42570949862c768458deee4a5c552f89e3931bc9547cc1ddf6dd1f5f77d833faf67fce24ffda77e6c04c728c900be5bb921db06b2e9eabb6c78eb2925d1ddb3cec28cbe694719be9714d4af550bb0ad13706db0836a18642d36296e1f2aee0178bdf920d2672aa6fc638d1a2add6fb396330e892ec167ef3641b7daf07bab6d78757629cdf68b7ae4aa70d243f756d6b5aa2d9952c48f93a35d47a10c026ab5b840691d664f95c034cfe509b4766cc9d47871e4e621b9217cb928dbe7e3dc2f8fa543fec3c2bd36b229321a33e81e72295a8e6d1131e25d269d836c82f705ac76d7aa324ed6f5e36d31f1a94c9c40a8d3ba246a1c909e060beb8996f097244858bc48160fe7a515d3bee9d1eb9f7d8cd20e81f241867ea0ac5e96c86040bbdfed7235cab29552d5bfca1009a525ab90975486683ee8ae6ea76bb2f1fcc5db68396da1ed5f5a943f4bd5470cefb0e234b8ea296769ec1da55a74494932b0d083ab5cbc194d120490e1d2101cd1086975898b6a03110893bce59e2892cbc3bb21f509fffabbd8cbb7c46dd5f34eaef51e9a6c6e039992c4018c5d7cc01a4a75740953573f4fc8ddba1a920625b9500ada12616ed53f3a4bebd669e2c74d1bc06b704267745b0451eb43dc53baaeeaa9fb9b93147c14e4f78138760fe466d39fa79e01f6bd0768db82fba63a5858426a894971e0b7c20744e5ef278e0d023f7d13a2d7982f6edc08ad047b29420faa0be1db08eca5190100ed477c29e075bcd2148604a8f95c43cad3f5dbe67df30d1471d54e233746fc594b5a48755b0f179da54f18aa57ab9b582f49c463240998bba653540779999f672074bb8dc0ddada2d65a287fc1c9305562324958ee0e84a96fbddc1952611a2fe4feb2c80899554718dd866db900b987ffc1adc6f193891f7443d00fb2e4a694372faf96fac42c62c4e1272bd74ab2515c15600dd2cbcaf789e57704dbaa672c0bf144012550a85282970c81413c6ae0474f64830da4bdce579e7ecc9536c3f3872cfab643365a58217111bce172a05edc2ba94953dcbdaa5551cb9a488297fb7fe04348465ac2f723c9b28e470758c879b4d43043846e09528c14bb7f5028fe84672d561125ecda9a861f07b067d637b2167a965cc8932ffc6e1572ba2a3fa0f17178476974f9b98a488080710d3be0c77d4cf2c1f850c070607382c6e749a2641ad35b54bc2de014629b6a17603eb53bde5d8c78605b3a74e5db1ac04747d102c0c911b82fca6497e2f2a7cbe7b3efefae0ebb6e2d45e5df6d63eeaba2ae272e6b739fc2b76ef158e2e4be6f0d78e5df0c76bc86aaa6601aaf0a8e95c46758abd05ea93f829c4ea3e5a19152edaff80ede0260d22eba1edb0d020f9249d026c6e677f74ed05fdfc3609e79876e017ab8f402ee05f22c78f28edf14557437a2eb39a86a639d5132b4a9a90be9115f521611e7690297659d09843887cd8252439ee2979b7e5e45d97994f3891784a2144160bae805fccee7752d9a9b1c945e587029265ffd30673bcdfd65d37a2206c29c98abd19fabdf8203fc293843795221cfee0c59f50175636348f9a3f1a3f0f7a7e044156bfec70ebc1d4f408318612cfcb7073d01353370c1798dd47704121bc6dea74705c6433b3ae60529eec741ff4a38236acb85caeb34f718ba9947fadd71f2ce98a85b731444adea5e580e7599599b993799344c7dba432ecb57c51aca8bf5294db8c42c0b0b80fef4f26c1d93f6c1a60afa2876d3fb627bbb104cd0d0e874ac688ad7efd4229470515d2e0238a9678bfcb23155f05919b9b75f08c594b74b477a352e95da172bad85b5513d6b435a130dbaaae9e735150579c437639a920366a4403b2c9c78f76089bfdb7729413c17fe1f5f54ef5987e97b0dbdf33a841972793cbbdabc8d9897ad55111e85a2e0e0f22b62a3024bb58a71409b41cbd6a41e4fde640ac7ef780378f41aa1745ed436553a57d86294db25ffa75a501343774e640595642fdfd6eb48ffb6a4038c3e2611bbfe80ce84bb6677372aa8087c972be4621c453b4ba87adfa2e3e95ff7444e2254d53b8776e01701bf97c4b077b7271297f56fc162965eef139f971c8b5506e17d8228c3edfe28cadca65c0c41057d1538400d55415e50265ebe73ff3b5c136f1ff8c948b60752e05fd614e245202412a6599170a063a84e7bc760716515f586fdd27d38c0b9bd007264494c4945bbe63b74c9c5f5372598c3955e29800afab475a01bf0fc1771e8f7c155301e432b1df14bd7477e389b3ff0455fde742c83d6178ded8f6536a481beb56435978a49e28990ffac86843d57f392dfdfae6d409cad233e835ce3011bfd962fe3d519bd3b51093f4e902e76419406b2c03c6ad64c946dd1312c44a9656a0578419b380fc5bd9b8183caaef3aaf0894b77f688f020e5d87fa983444c6b8292da913f3b59ba211ce4f8a5c5209b1920c3c0687ff42948cb65303af06ad6f326ba5dfa329c0ca8c0bd62a9f32716921da5a7446470499a022b424d5918ea6e589ce4f109f5bbcb930d0ef5a166aaeed46f6e7ddf58be47f3d64cb3ce2f00149691eb668e63ad4a29de88b8beadb06c90f73f0df04fb60eb248c42770f335e49465479d2d73848c64743e846d69ce16f9f9ff97aa40de4e473c316037f0fb47b5d9162abba7b904ac6805ba13bc59d3fc20a78faa97038d727834c28cfe028f562d72e3141180d8dabfb77bbc6cc1f674c0701fec17dc9ba6f998d57aaa84ff874136daafe412076f295ecac4f1fe77898b1b227b2b3b28609dcd39541f33463155221b15d8cf85f0a06f2187bd40862406396576919411fa7f78d3cac5c8f66a330738b6e3fabfacfa440626386a8d9829479c2144580b288f421e106a5f413a25223e6f49d265e03e77ebc738bbce58b89429402c4a91061a84ee0da22541b384e625a5f1f0b3b6b539e312be439fabb21c416d70e02f72edcb86e0898956c99c39458a0588f71c078a23779651f45893a0a3b19d937d55ad2b46d74dc8a42bdc3f20bcbde737e0b7dc9409856cc3a7273e2c1f42a48b82e428be78132ebe1c496aed4b91d27856386d6ce724c297ee80ad7dddc98621f3cbbcceeca563824ca5dfb44b09092872ed77d171b99bca5e66b6635e85fba0f4fe8e956e46b0b3dbbe22a56b5eb4cc280c245177ac13c62611048f5bb285f2c373fc5323a3bad7b507db5223b2e39d50480fa74a0b59cfa82b70720e", 0x1000}], 0x1, 0x0, 0x0, {0x1, r7}}, 0x2)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x1, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r7}}, 0x7)
close_range(r1, 0xffffffffffffffff, 0x0)

03:53:03 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xef, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:53:03 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x5, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:03 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 81)

[ 1166.014227] loop6: detected capacity change from 0 to 22
[ 1166.020096] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
03:53:03 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x5, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1166.040690] loop3: detected capacity change from 0 to 512
03:53:03 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000020000000b000000000000"], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x1290c1, 0x1c)

03:53:03 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xf0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1166.084026] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1166.085758] EXT4-fs (loop3): group descriptors corrupted!
[ 1166.127039] loop6: detected capacity change from 0 to 22
[ 1166.142234] loop5: detected capacity change from 0 to 512
[ 1166.148144] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (11 blocks)
[ 1166.157251] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1166.158000] EXT4-fs (loop5): group descriptors corrupted!
03:53:12 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 82)

03:53:12 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x64ec, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:53:12 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x7000000}}, 0x414d02)

03:53:12 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000020001000b0000000500"/24], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

03:53:12 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x9, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:12 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x6, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:12 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 38)

03:53:12 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x6, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1174.970757] loop5: detected capacity change from 0 to 512
03:53:12 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x8040000}}, 0x414d02)

03:53:12 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 83)

[ 1175.007563] loop6: detected capacity change from 0 to 50
[ 1175.018133] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (25 blocks)
[ 1175.023771] FAULT_INJECTION: forcing a failure.
[ 1175.023771] name failslab, interval 1, probability 0, space 0, times 0
[ 1175.024772] CPU: 0 UID: 0 PID: 9367 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1175.024788] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1175.024796] Call Trace:
[ 1175.024800]  <TASK>
[ 1175.024805]  dump_stack_lvl+0xfa/0x120
[ 1175.024833]  should_fail_ex+0x4d7/0x5e0
[ 1175.024851]  ? __kernfs_new_node+0xd3/0x930
[ 1175.024866]  should_failslab+0xc2/0x120
[ 1175.024884]  kmem_cache_alloc_noprof+0x80/0x710
[ 1175.024903]  ? __kernfs_new_node+0xd3/0x930
[ 1175.024914]  __kernfs_new_node+0xd3/0x930
[ 1175.024929]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1175.024945]  ? lock_acquire+0x15e/0x2d0
[ 1175.024961]  ? kernfs_root+0x23/0x2a0
[ 1175.024978]  ? find_held_lock+0x2b/0x80
[ 1175.024990]  ? kernfs_root+0xee/0x2a0
[ 1175.025002]  ? lock_release+0xc8/0x270
[ 1175.025015]  ? lock_is_held_type+0x9e/0x120
[ 1175.025038]  kernfs_new_node+0x13c/0x1e0
[ 1175.025055]  __kernfs_create_file+0x55/0x360
[ 1175.025075]  sysfs_add_file_mode_ns+0x21c/0x430
[ 1175.025089]  ? __pfx_dev_attr_store+0x10/0x10
[ 1175.025113]  internal_create_group+0x662/0xeb0
[ 1175.025133]  ? __pfx_internal_create_group+0x10/0x10
[ 1175.025146]  ? blk_validate_limits+0xc27/0x15c0
[ 1175.025170]  ? lock_is_held_type+0x9e/0x120
[ 1175.025190]  loop_configure+0xc46/0x15a0
[ 1175.025225]  ? __pfx_loop_configure+0x10/0x10
[ 1175.025253]  ? avc_has_extended_perms+0x107/0xf20
[ 1175.025273]  ? find_held_lock+0x2b/0x80
[ 1175.025283]  ? avc_has_extended_perms+0x23b/0xf20
[ 1175.025301]  ? lock_release+0xc8/0x270
[ 1175.025318]  lo_ioctl+0x66d/0x1ca0
[ 1175.025339]  ? __pfx_lo_ioctl+0x10/0x10
[ 1175.025356]  ? __pfx_avc_has_extended_perms+0x10/0x10
[ 1175.025377]  ? lock_acquire+0x15e/0x2d0
[ 1175.025391]  ? __virt_addr_valid+0x1c6/0x5d0
[ 1175.025407]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1175.025425]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1175.025442]  ? lock_release+0xc8/0x270
[ 1175.025459]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1175.025499]  ? check_irq_usage+0x210/0xb40
[ 1175.025513]  ? __fget_files+0x34/0x3b0
[ 1175.025529]  ? find_held_lock+0x2b/0x80
[ 1175.025540]  ? __fget_files+0x203/0x3b0
[ 1175.025557]  ? __pfx_lo_ioctl+0x10/0x10
[ 1175.025574]  blkdev_ioctl+0x365/0x6d0
[ 1175.025595]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1175.025613]  ? selinux_file_ioctl+0xb9/0x280
[ 1175.025631]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1175.025650]  __x64_sys_ioctl+0x18f/0x210
[ 1175.025666]  do_syscall_64+0xbf/0x420
[ 1175.025679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1175.025692] RIP: 0033:0x7f2dac41a8d7
[ 1175.025702] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1175.025714] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1175.025726] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac41a8d7
[ 1175.025734] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1175.025742] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[ 1175.025749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1175.025756] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[ 1175.025773]  </TASK>
03:53:12 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x64ed, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1175.092570] loop3: detected capacity change from 0 to 512
[ 1175.097971] loop6: detected capacity change from 0 to 50
[ 1175.099795] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1175.100711] EXT4-fs (loop3): group descriptors corrupted!
[ 1175.102891] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (25 blocks)
03:53:12 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0xd, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:12 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x7, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:12 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x7, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1175.122559] loop6: detected capacity change from 0 to 50
[ 1175.140827] loop5: detected capacity change from 0 to 512
[ 1175.170875] FAULT_INJECTION: forcing a failure.
[ 1175.170875] name failslab, interval 1, probability 0, space 0, times 0
[ 1175.172667] CPU: 1 UID: 0 PID: 9378 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1175.172698] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1175.172711] Call Trace:
[ 1175.172719]  <TASK>
[ 1175.172727]  dump_stack_lvl+0xfa/0x120
[ 1175.172773]  should_fail_ex+0x4d7/0x5e0
[ 1175.172806]  ? copy_mount_options+0x55/0x180
[ 1175.172829]  should_failslab+0xc2/0x120
[ 1175.172864]  __kmalloc_cache_noprof+0x80/0x730
[ 1175.172902]  ? __might_fault+0xe0/0x190
[ 1175.172941]  ? copy_mount_options+0x55/0x180
[ 1175.172961]  ? memdup_user+0x95/0xe0
[ 1175.173003]  copy_mount_options+0x55/0x180
[ 1175.173029]  __x64_sys_mount+0x1ab/0x310
[ 1175.173064]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1175.173110]  do_syscall_64+0xbf/0x420
[ 1175.173135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1175.173160] RIP: 0033:0x7f720824704a
[ 1175.173178] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1175.173200] RSP: 002b:00007f72057bafa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1175.173223] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f720824704a
[ 1175.173239] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f72057bb000
[ 1175.173253] RBP: 00007f72057bb040 R08: 00007f72057bb040 R09: 0000000020000000
[ 1175.173268] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[ 1175.173281] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1175.173315]  </TASK>
[ 1175.245229] Process accounting resumed
03:53:20 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 84)

03:53:20 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 39)

03:53:20 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x8, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:20 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x64ee, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:53:20 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0xb000000}}, 0x414d02)

03:53:20 executing program 4:
ioctl$SNAPSHOT_S2RAM(0xffffffffffffffff, 0x330b)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x80)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r2, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
copy_file_range(r2, 0x0, r3, 0x0, 0x101, 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0x100b}, 0x0, 0xfffffffe}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:53:20 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x10, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:20 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x8, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:20 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x9, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1183.611928] loop5: detected capacity change from 0 to 512
[ 1183.627047] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1183.627814] EXT4-fs (loop5): group descriptors corrupted!
[ 1183.641960] loop3: detected capacity change from 0 to 512
[ 1183.653781] loop6: detected capacity change from 0 to 50
[ 1183.662191] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1183.663167] EXT4-fs (loop3): group descriptors corrupted!
03:53:20 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000020000000b00000000000000000000b116b90000"], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x3, 0x6, 0x3})

[ 1183.664515] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (25 blocks)
03:53:20 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 85)

[ 1183.697556] loop6: detected capacity change from 0 to 50
03:53:20 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x11, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:20 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x9, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1183.796756] loop5: detected capacity change from 0 to 512
[ 1183.811345] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1183.812279] EXT4-fs (loop5): group descriptors corrupted!
03:53:29 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0xd, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 86)

03:53:29 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0xd, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:29 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x10000000}}, 0x414d02)

03:53:29 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 40)

03:53:29 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x64ef, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:53:29 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0xf4, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:29 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000020000000b00000000f0ff000000000000000000"], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[ 1192.273398] loop6: detected capacity change from 0 to 50
[ 1192.281037] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (25 blocks)
[ 1192.301883] FAULT_INJECTION: forcing a failure.
[ 1192.301883] name failslab, interval 1, probability 0, space 0, times 0
[ 1192.302866] CPU: 0 UID: 0 PID: 9437 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1192.302881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1192.302897] Call Trace:
[ 1192.302902]  <TASK>
[ 1192.302906]  dump_stack_lvl+0xfa/0x120
[ 1192.302932]  should_fail_ex+0x4d7/0x5e0
[ 1192.302949]  ? __kernfs_new_node+0xd3/0x930
[ 1192.302962]  should_failslab+0xc2/0x120
[ 1192.302983]  kmem_cache_alloc_noprof+0x80/0x710
[ 1192.303002]  ? __kernfs_new_node+0xd3/0x930
[ 1192.303013]  __kernfs_new_node+0xd3/0x930
[ 1192.303028]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1192.303043]  ? lock_acquire+0x15e/0x2d0
[ 1192.303059]  ? kernfs_root+0x23/0x2a0
[ 1192.303071]  ? find_held_lock+0x2b/0x80
[ 1192.303082]  ? kernfs_root+0xee/0x2a0
[ 1192.303094]  ? lock_release+0xc8/0x270
[ 1192.303107]  ? lock_is_held_type+0x9e/0x120
[ 1192.303129]  kernfs_new_node+0x13c/0x1e0
[ 1192.303147]  __kernfs_create_file+0x55/0x360
[ 1192.303166]  sysfs_add_file_mode_ns+0x21c/0x430
[ 1192.303179]  ? __pfx_dev_attr_store+0x10/0x10
[ 1192.303201]  internal_create_group+0x662/0xeb0
[ 1192.303219]  ? __pfx_internal_create_group+0x10/0x10
[ 1192.303232]  ? blk_validate_limits+0xc27/0x15c0
[ 1192.303253]  ? lock_is_held_type+0x9e/0x120
[ 1192.303272]  loop_configure+0xc46/0x15a0
[ 1192.303306]  ? __pfx_loop_configure+0x10/0x10
[ 1192.303334]  ? avc_has_extended_perms+0x107/0xf20
[ 1192.303353]  ? find_held_lock+0x2b/0x80
[ 1192.303363]  ? avc_has_extended_perms+0x23b/0xf20
[ 1192.303380]  ? lock_release+0xc8/0x270
[ 1192.303397]  lo_ioctl+0x66d/0x1ca0
[ 1192.303418]  ? __pfx_lo_ioctl+0x10/0x10
[ 1192.303435]  ? __pfx_avc_has_extended_perms+0x10/0x10
[ 1192.303456]  ? lock_acquire+0x15e/0x2d0
[ 1192.303470]  ? __virt_addr_valid+0x1c6/0x5d0
[ 1192.303485]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1192.303503]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1192.303519]  ? lock_release+0xc8/0x270
[ 1192.303537]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1192.303575]  ? check_irq_usage+0x210/0xb40
[ 1192.303588]  ? __fget_files+0x34/0x3b0
[ 1192.303604]  ? find_held_lock+0x2b/0x80
[ 1192.303615]  ? __fget_files+0x203/0x3b0
[ 1192.303631]  ? __pfx_lo_ioctl+0x10/0x10
[ 1192.303649]  blkdev_ioctl+0x365/0x6d0
[ 1192.303668]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1192.303687]  ? selinux_file_ioctl+0xb9/0x280
[ 1192.303702]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1192.303721]  __x64_sys_ioctl+0x18f/0x210
[ 1192.303736]  do_syscall_64+0xbf/0x420
[ 1192.303749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.303762] RIP: 0033:0x7f2dac41a8d7
[ 1192.303772] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1192.303783] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1192.303795] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac41a8d7
[ 1192.303803] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1192.303809] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[ 1192.303816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1192.303823] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[ 1192.303840]  </TASK>
[ 1192.337712] loop5: detected capacity change from 0 to 512
[ 1192.360839] FAULT_INJECTION: forcing a failure.
[ 1192.360839] name failslab, interval 1, probability 0, space 0, times 0
[ 1192.361184] loop3: detected capacity change from 0 to 512
[ 1192.362770] CPU: 1 UID: 0 PID: 9439 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1192.362802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1192.362816] Call Trace:
[ 1192.362824]  <TASK>
[ 1192.362832]  dump_stack_lvl+0xfa/0x120
[ 1192.362877]  should_fail_ex+0x4d7/0x5e0
[ 1192.362930]  ? getname_flags.part.0+0x48/0x540
[ 1192.362951]  should_failslab+0xc2/0x120
[ 1192.362990]  kmem_cache_alloc_noprof+0x80/0x710
[ 1192.363026]  ? getname_flags.part.0+0x48/0x540
[ 1192.363047]  getname_flags.part.0+0x48/0x540
[ 1192.363084]  getname_flags+0x95/0xe0
[ 1192.363113]  user_path_at+0x27/0x90
[ 1192.363142]  __x64_sys_mount+0x1fb/0x310
[ 1192.363178]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1192.363224]  do_syscall_64+0xbf/0x420
[ 1192.363250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.363274] RIP: 0033:0x7f720824704a
03:53:29 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1604c, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:53:29 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x12010000}}, 0x414d02)

[ 1192.363292] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1192.363314] RSP: 002b:00007f72057bafa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1192.363336] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f720824704a
[ 1192.363352] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f72057bb000
[ 1192.363367] RBP: 00007f72057bb040 R08: 00007f72057bb040 R09: 0000000020000000
[ 1192.363381] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[ 1192.363395] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1192.363429]  </TASK>
03:53:29 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x10, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1192.405403] loop6: detected capacity change from 0 to 176
[ 1192.411063] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (88 blocks)
[ 1192.427528] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1192.429170] EXT4-fs (loop3): group descriptors corrupted!
03:53:29 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x10, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:29 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x250, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:29 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1604e, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:53:29 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x21030000}}, 0x414d02)

03:53:29 executing program 4:
r0 = fork()
tkill(r0, 0x6)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x7a, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="10000010020000000b00000000000000000000000000ea00"], 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
ptrace(0x8, 0xffffffffffffffff)

03:53:29 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x11, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1192.505569] loop6: detected capacity change from 0 to 176
03:53:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 87)

[ 1192.513149] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (88 blocks)
[ 1192.536425] loop5: detected capacity change from 0 to 512
[ 1192.559646] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1192.560533] EXT4-fs (loop5): group descriptors corrupted!
03:53:29 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 41)

03:53:29 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0xf4, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:29 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1604f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1192.636511] loop3: detected capacity change from 0 to 512
[ 1192.662316] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1192.664164] EXT4-fs (loop3): group descriptors corrupted!
03:53:39 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 42)

03:53:39 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x210, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:39 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = fork()
tkill(r1, 0x6)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
inotify_add_watch(r0, &(0x7f00000000c0)='./file0\x00', 0x2000002)
open_by_handle_at(r2, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r2, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x40, 0x8, 0x1, 0x1, 0x0, 0x7fffffff, 0x2641, 0x10, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x80, 0x5, @perf_config_ext={0x200, 0xd3a2}, 0x100, 0x6, 0x1000, 0x3, 0x2, 0x3, 0x400, 0x0, 0x731, 0x0, 0x7fff}, r1, 0xe, r2, 0x0)

03:53:39 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x11, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:39 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 88)

03:53:39 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x300, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:39 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x24000000}}, 0x414d02)

03:53:39 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x16d9a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1202.172422] loop3: detected capacity change from 0 to 512
[ 1202.174578] loop5: detected capacity change from 0 to 512
[ 1202.176141] FAULT_INJECTION: forcing a failure.
[ 1202.176141] name failslab, interval 1, probability 0, space 0, times 0
[ 1202.177124] CPU: 0 UID: 0 PID: 9489 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1202.177140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1202.177148] Call Trace:
[ 1202.177153]  <TASK>
[ 1202.177158]  dump_stack_lvl+0xfa/0x120
[ 1202.177189]  should_fail_ex+0x4d7/0x5e0
[ 1202.177208]  ? kobject_uevent_env+0x22e/0xf90
[ 1202.177223]  should_failslab+0xc2/0x120
[ 1202.177241]  __kmalloc_cache_noprof+0x80/0x730
[ 1202.177261]  ? ___ratelimit+0x3c0/0x910
[ 1202.177284]  ? kobject_uevent_env+0x22e/0xf90
[ 1202.177299]  kobject_uevent_env+0x22e/0xf90
[ 1202.177318]  ? lock_is_held_type+0x9e/0x120
[ 1202.177338]  loop_configure+0xe31/0x15a0
[ 1202.177373]  ? __pfx_loop_configure+0x10/0x10
[ 1202.177401]  ? avc_has_extended_perms+0x107/0xf20
[ 1202.177420]  ? find_held_lock+0x2b/0x80
[ 1202.177433]  ? avc_has_extended_perms+0x23b/0xf20
[ 1202.177450]  ? lock_release+0xc8/0x270
[ 1202.177468]  lo_ioctl+0x66d/0x1ca0
[ 1202.177489]  ? __pfx_lo_ioctl+0x10/0x10
[ 1202.177506]  ? __pfx_avc_has_extended_perms+0x10/0x10
[ 1202.177528]  ? lock_acquire+0x15e/0x2d0
[ 1202.177543]  ? __virt_addr_valid+0x1c6/0x5d0
[ 1202.177558]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1202.177577]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1202.177593]  ? lock_release+0xc8/0x270
[ 1202.177611]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1202.177649]  ? check_irq_usage+0x210/0xb40
[ 1202.177664]  ? __fget_files+0x34/0x3b0
[ 1202.177680]  ? find_held_lock+0x2b/0x80
[ 1202.177691]  ? __fget_files+0x203/0x3b0
[ 1202.177707]  ? __pfx_lo_ioctl+0x10/0x10
[ 1202.177724]  blkdev_ioctl+0x365/0x6d0
[ 1202.177744]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1202.177762]  ? selinux_file_ioctl+0xb9/0x280
[ 1202.177778]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1202.177797]  __x64_sys_ioctl+0x18f/0x210
[ 1202.177813]  do_syscall_64+0xbf/0x420
[ 1202.177826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1202.177839] RIP: 0033:0x7f2dac41a8d7
[ 1202.177849] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1202.177861] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1202.177873] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac41a8d7
[ 1202.177881] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1202.177889] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[ 1202.177896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1202.177903] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[ 1202.177920]  </TASK>
[ 1202.209672] loop6: detected capacity change from 0 to 182
03:53:39 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0xf4, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1202.210882] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1202.211861] EXT4-fs (loop5): group descriptors corrupted!
03:53:39 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x500, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1202.242103] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (91 blocks)
03:53:39 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 89)

[ 1202.267445] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1202.268193] EXT4-fs (loop3): group descriptors corrupted!
[ 1202.287905] loop5: detected capacity change from 0 to 512
[ 1202.302098] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1202.302810] EXT4-fs (loop5): group descriptors corrupted!
03:53:49 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 43)

03:53:49 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 90)

03:53:49 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x600, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:49 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x300, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:49 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x17560, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:53:49 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x274, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:49 executing program 4:
ioctl$TIOCSIG(0xffffffffffffffff, 0x40045436, 0x23)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x1, 0x4, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xcba58a5, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x3fdfc163, 0x3, 0xfffc, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000140), &(0x7f0000000180), 0x2, 0x2843dc0d364539d5)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$KDGKBMETA(r1, 0x4b62, &(0x7f0000000100))

03:53:49 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x2f000000}}, 0x414d02)

[ 1211.935884] loop5: detected capacity change from 0 to 512
[ 1211.937286] loop6: detected capacity change from 0 to 186
[ 1211.939834] FAULT_INJECTION: forcing a failure.
[ 1211.939834] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1211.940786] CPU: 0 UID: 0 PID: 9517 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1211.940802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1211.940809] Call Trace:
[ 1211.940813]  <TASK>
[ 1211.940817]  dump_stack_lvl+0xfa/0x120
[ 1211.940843]  should_fail_ex+0x4d7/0x5e0
[ 1211.940861]  strncpy_from_user+0x3b/0x2f0
[ 1211.940881]  getname_flags.part.0+0x8d/0x540
[ 1211.940896]  getname_flags+0x95/0xe0
[ 1211.940910]  user_path_at+0x27/0x90
[ 1211.940924]  __x64_sys_mount+0x1fb/0x310
[ 1211.940943]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1211.940966]  do_syscall_64+0xbf/0x420
[ 1211.940983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1211.940996] RIP: 0033:0x7f720824704a
[ 1211.941006] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1211.941018] RSP: 002b:00007f72057bafa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1211.941029] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f720824704a
[ 1211.941037] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f72057bb000
[ 1211.941044] RBP: 00007f72057bb040 R08: 00007f72057bb040 R09: 0000000020000000
[ 1211.941052] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[ 1211.941059] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1211.941076]  </TASK>
[ 1211.961822] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (93 blocks)
[ 1211.970677] loop3: detected capacity change from 0 to 512
03:53:49 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x64000000}}, 0x414d02)

[ 1212.000659] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1212.002229] EXT4-fs (loop3): group descriptors corrupted!
03:53:49 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x20000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:53:49 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x300, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1212.031942] Process accounting paused
03:53:49 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 91)

03:53:49 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x700, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1212.067958] loop6: detected capacity change from 0 to 256
03:53:49 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x500, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1212.074372] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (128 blocks)
03:53:49 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000002003f000b00"/24], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

[ 1212.089190] loop6: detected capacity change from 0 to 256
[ 1212.095548] loop5: detected capacity change from 0 to 512
[ 1212.104251] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1212.105132] EXT4-fs (loop5): group descriptors corrupted!
03:53:49 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x70000000}}, 0x414d02)

03:53:49 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 44)

03:53:49 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x30000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1212.201231] loop6: detected capacity change from 0 to 384
[ 1212.205913] EXT4-fs (loop6): bad geometry: block count 256 exceeds size of device (192 blocks)
[ 1212.215537] loop6: detected capacity change from 0 to 384
[ 1212.243887] loop3: detected capacity change from 0 to 512
[ 1212.248050] FAULT_INJECTION: forcing a failure.
[ 1212.248050] name failslab, interval 1, probability 0, space 0, times 0
[ 1212.248944] CPU: 0 UID: 0 PID: 9551 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1212.248959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1212.248966] Call Trace:
[ 1212.248974]  <TASK>
[ 1212.248979]  dump_stack_lvl+0xfa/0x120
[ 1212.249005]  should_fail_ex+0x4d7/0x5e0
[ 1212.249023]  should_failslab+0xc2/0x120
[ 1212.249042]  __kmalloc_noprof+0xd6/0x830
[ 1212.249062]  ? __create_object+0x59/0x80
[ 1212.249074]  ? kobject_get_path+0xc9/0x200
[ 1212.249092]  ? kobject_get_path+0xc9/0x200
[ 1212.249105]  kobject_get_path+0xc9/0x200
[ 1212.249119]  ? kasan_save_track+0x14/0x30
[ 1212.249137]  kobject_uevent_env+0x252/0xf90
[ 1212.249156]  ? lock_is_held_type+0x9e/0x120
[ 1212.249177]  loop_configure+0xe31/0x15a0
[ 1212.249211]  ? __pfx_loop_configure+0x10/0x10
[ 1212.249239]  ? avc_has_extended_perms+0x107/0xf20
[ 1212.249258]  ? find_held_lock+0x2b/0x80
[ 1212.249271]  ? avc_has_extended_perms+0x23b/0xf20
[ 1212.249288]  ? lock_release+0xc8/0x270
[ 1212.249306]  lo_ioctl+0x66d/0x1ca0
[ 1212.249327]  ? __pfx_lo_ioctl+0x10/0x10
[ 1212.249344]  ? __pfx_avc_has_extended_perms+0x10/0x10
[ 1212.249366]  ? lock_acquire+0x15e/0x2d0
[ 1212.249380]  ? __virt_addr_valid+0x1c6/0x5d0
[ 1212.249395]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1212.249414]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1212.249430]  ? lock_release+0xc8/0x270
[ 1212.249447]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1212.249484]  ? check_irq_usage+0x210/0xb40
[ 1212.249498]  ? __fget_files+0x34/0x3b0
[ 1212.249514]  ? find_held_lock+0x2b/0x80
[ 1212.249525]  ? __fget_files+0x203/0x3b0
[ 1212.249541]  ? __pfx_lo_ioctl+0x10/0x10
[ 1212.249559]  blkdev_ioctl+0x365/0x6d0
[ 1212.249578]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1212.249596]  ? selinux_file_ioctl+0xb9/0x280
[ 1212.249611]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1212.249631]  __x64_sys_ioctl+0x18f/0x210
[ 1212.249646]  do_syscall_64+0xbf/0x420
[ 1212.249659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1212.249671] RIP: 0033:0x7f2dac41a8d7
[ 1212.249682] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1212.249693] RSP: 002b:00007f2da998ff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1212.249705] RAX: ffffffffffffffda RBX: 00007f2dac464970 RCX: 00007f2dac41a8d7
[ 1212.249713] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 1212.249721] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[ 1212.249728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1212.249734] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002
[ 1212.249752]  </TASK>
[ 1212.288304] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1212.290033] EXT4-fs (loop3): group descriptors corrupted!
03:53:59 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 92)

03:53:59 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 45)

03:53:59 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="101599a01ce4736c716005820000000b0000000000000000000000aa060000"], 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
dup2(r0, r1)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r2, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r2, 0xffffffffffffffff, 0x0)

03:53:59 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x80040000}}, 0x414d02)

03:53:59 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x600, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:59 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x900, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:59 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x500, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:59 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40002, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1222.316429] loop5: detected capacity change from 0 to 512
[ 1222.323049] loop6: detected capacity change from 0 to 512
[ 1222.327172] FAULT_INJECTION: forcing a failure.
[ 1222.327172] name failslab, interval 1, probability 0, space 0, times 0
[ 1222.328189] CPU: 0 UID: 0 PID: 9566 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1222.328213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1222.328221] Call Trace:
[ 1222.328227]  <TASK>
[ 1222.328233]  dump_stack_lvl+0xfa/0x120
[ 1222.328262]  should_fail_ex+0x4d7/0x5e0
[ 1222.328282]  ? alloc_fs_context+0x57/0xb20
[ 1222.328300]  should_failslab+0xc2/0x120
[ 1222.328319]  __kmalloc_cache_noprof+0x80/0x730
[ 1222.328340]  ? __get_fs_type+0xe6/0x160
[ 1222.328365]  ? alloc_fs_context+0x57/0xb20
[ 1222.328382]  alloc_fs_context+0x57/0xb20
[ 1222.328403]  path_mount+0xd8d/0x2140
[ 1222.328425]  ? kasan_quarantine_put+0x84/0x1e0
[ 1222.328442]  ? __pfx_path_mount+0x10/0x10
[ 1222.328460]  ? kmem_cache_free+0x2cd/0x660
[ 1222.328475]  ? putname.part.0+0xc0/0x160
[ 1222.328500]  ? putname.part.0+0xc0/0x160
[ 1222.328518]  ? putname.part.0+0xc0/0x160
[ 1222.328540]  __x64_sys_mount+0x293/0x310
[ 1222.328559]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1222.328585]  do_syscall_64+0xbf/0x420
[ 1222.328600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1222.328614] RIP: 0033:0x7f720824704a
[ 1222.328624] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1222.328637] RSP: 002b:00007f72057bafa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1222.328650] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f720824704a
[ 1222.328658] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f72057bb000
[ 1222.328666] RBP: 00007f72057bb040 R08: 00007f72057bb040 R09: 0000000020000000
[ 1222.328674] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[ 1222.328681] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1222.328700]  </TASK>
[ 1222.348165] loop3: detected capacity change from 0 to 512
[ 1222.371694] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1222.373353] EXT4-fs (loop3): group descriptors corrupted!
03:53:59 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x700, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:59 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0xd00, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:53:59 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 93)

03:53:59 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x600, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1222.459902] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1222.489869] loop5: detected capacity change from 0 to 512
03:53:59 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xb)
r2 = fork()
tkill(r2, 0x6)
r3 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r3, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r3, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x81, 0xfb, 0x20, 0xca, 0x0, 0x5, 0x160c8, 0x4, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x400, 0x9}, 0x400, 0x1, 0x3, 0x3, 0x6, 0x6, 0x1, 0x0, 0x5, 0x0, 0x3}, r2, 0x8, r3, 0xa)
fcntl$dupfd(r1, 0x0, r0)
r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r4, &(0x7f0000000240)=@FILEID_BTRFS_WITH_PARENT_ROOT={0x28, 0x4e, {0x200, 0x9, 0x3, 0x1, 0x1, 0xfffffffc}}, 0x414d02)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$IPVS_CMD_NEW_DEST(r4, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="c4000000", @ANYRES16=0x0, @ANYBLOB="000827bd7000fbdbdf25050000005800028006000f000180000006000b000200000014000100ac1414220000000000000000000000000800060034000000080006009890000006000f000600000006000b000000000008000900ff00000008000800040000000c00038005000800010000001400028006000f00ff03000006000f005ebe00000800060002000000080005000000000008000500be030000080004007f000000080005000000000008000500ff7f00000800060001800000c2dfc79d113cb101bea8c70fd7fb5118ca77419e76a5526688abd2b551587e54a5c0f9ea4e2587580d00b9c2ba709b1529360a3e49b09f915c83007256959af80b47fd05fbae033470f95fa6f62e006abfafc59fb490c6872a5037f1e91f0899e280ed210bf0e368af8f357e98dbc35ed9ae217cf6628a74c681e163cf0911bc4916a406036ab40952227e08cdba448724c4a0c9db13b8019bab1292cd377b00cc3bb728f8fdc3d39bcd620fc0ac2a097b71018681ab8b2ec02501fd89e86d240ce7c44b42ba3e1455370b40aa198c9f32dacda00129aa17b589ba0ee611f09b4dd108d83876fd3dca08d9b122b41a009debf6593460c1eb7aecca06f5f7e46ad875753448de00032be5e5e3ba03e3e437f5a3e119b92ccf634105d704e8cfe8c0908d8dd2b6dacd4ea2ac7aed80802f3aa266e45f1d543f99522ee30be439b6337374d0de24c38a1e5ebe38634176f94f4163449e00bd4d2bcda6e72aa513dcb66b4e7a1b3317d827b14527158c2e05e0e8d448a5cf8ff530ef6180c0138ec4b8c1f6adcaf9f668a96a486b39dd1aa403c9923ad53acf16183e557fa176fa1c7fa56adcbf0a0814243983bf54c8edc2b37b9bcc729ad93461240d4f765aff306ff8d25831fde98c"], 0xc4}, 0x1, 0x0, 0x0, 0x5}, 0x4004)
close_range(r1, 0xffffffffffffffff, 0x0)

03:53:59 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0x9f0a0000}}, 0x414d02)

[ 1222.501738] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1222.512151] FAULT_INJECTION: forcing a failure.
[ 1222.512151] name failslab, interval 1, probability 0, space 0, times 0
[ 1222.514080] CPU: 1 UID: 0 PID: 9580 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1222.514111] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1222.514125] Call Trace:
[ 1222.514133]  <TASK>
[ 1222.514141]  dump_stack_lvl+0xfa/0x120
[ 1222.514186]  should_fail_ex+0x4d7/0x5e0
[ 1222.514219]  should_failslab+0xc2/0x120
[ 1222.514253]  __kmalloc_node_track_caller_noprof+0xd7/0x820
[ 1222.514282]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[ 1222.514313]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1222.514347]  ? vfs_parse_fs_qstr+0x112/0x1c0
[ 1222.514377]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 1222.514416]  ? kmemdup_nul+0x3b/0xa0
[ 1222.514448]  kmemdup_nul+0x3b/0xa0
[ 1222.514482]  vfs_parse_fs_qstr+0x112/0x1c0
[ 1222.514514]  ? __pfx_vfs_parse_fs_qstr+0x10/0x10
[ 1222.514543]  ? kasan_save_track+0x14/0x30
[ 1222.514574]  ? __kasan_kmalloc+0x7f/0x90
[ 1222.514608]  ? __pfx_ext4_init_fs_context+0x10/0x10
[ 1222.514644]  ? alloc_fs_context+0x5d0/0xb20
[ 1222.514682]  path_mount+0x6b1/0x2140
[ 1222.514720]  ? kasan_quarantine_put+0x84/0x1e0
[ 1222.514752]  ? __pfx_path_mount+0x10/0x10
[ 1222.514784]  ? kmem_cache_free+0x2cd/0x660
[ 1222.514808]  ? putname.part.0+0xc0/0x160
[ 1222.514851]  ? putname.part.0+0xc0/0x160
[ 1222.514884]  ? putname.part.0+0xc0/0x160
[ 1222.514924]  __x64_sys_mount+0x293/0x310
[ 1222.514959]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1222.515012]  do_syscall_64+0xbf/0x420
[ 1222.515038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1222.515062] RIP: 0033:0x7f720824704a
[ 1222.515080] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1222.515103] RSP: 002b:00007f72057bafa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1222.515125] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f720824704a
[ 1222.515153] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f72057bb000
[ 1222.515168] RBP: 00007f72057bb040 R08: 00007f72057bb040 R09: 0000000020000000
[ 1222.515182] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[ 1222.515196] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1222.515230]  </TASK>
03:53:59 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 46)

03:53:59 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x840, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1222.596523] loop3: detected capacity change from 0 to 512
[ 1222.601609] FAULT_INJECTION: forcing a failure.
[ 1222.601609] name failslab, interval 1, probability 0, space 0, times 0
[ 1222.602659] CPU: 0 UID: 0 PID: 9590 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1222.602675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1222.602682] Call Trace:
[ 1222.602687]  <TASK>
[ 1222.602691]  dump_stack_lvl+0xfa/0x120
[ 1222.602717]  should_fail_ex+0x4d7/0x5e0
[ 1222.602735]  ? getname_flags.part.0+0x48/0x540
[ 1222.602746]  should_failslab+0xc2/0x120
[ 1222.602764]  kmem_cache_alloc_noprof+0x80/0x710
[ 1222.602777]  ? blkdev_ioctl+0x188/0x6d0
[ 1222.602796]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1222.602817]  ? getname_flags.part.0+0x48/0x540
[ 1222.602827]  getname_flags.part.0+0x48/0x540
[ 1222.602840]  __x64_sys_mkdir+0xdb/0x140
[ 1222.602858]  do_syscall_64+0xbf/0x420
[ 1222.602871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1222.602884] RIP: 0033:0x7f2dac419c27
[ 1222.602894] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1222.602905] RSP: 002b:00007f2da998ffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1222.602917] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2dac419c27
[ 1222.602925] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1222.602932] RBP: 00007f2da9990040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1222.602939] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1222.602945] R13: 0000000020000100 R14: 00007f2da9990000 R15: 0000000020012900
[ 1222.602963]  </TASK>
03:53:59 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40003, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1222.751898] loop6: detected capacity change from 0 to 512
[ 1222.764636] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1222.771650] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:54:09 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x1100, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:09 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 47)

03:54:09 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x3, 0x2, 0x3, 0x1, 0x0, 0x81, 0x44020, 0xf, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x800, 0x1, @perf_bp={&(0x7f0000000040), 0x62990c013072eb52}, 0x80, 0x9c, 0x0, 0x5, 0x4, 0x400, 0x6, 0x0, 0x7, 0x0, 0x7ff}, 0x0, 0xa, 0xffffffffffffffff, 0x9)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:54:09 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:54:09 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x700, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:09 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0xa1ffffff}}, 0x414d02)

03:54:09 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x900, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:09 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 94)

03:54:09 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x8, 0x1f, 0x8, 0x7f, 0x0, 0x2, 0x18040, 0xa, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x1, @perf_config_ext={0x3, 0x291}, 0x8000, 0x7, 0x7, 0x3, 0x0, 0xac, 0x5357, 0x0, 0x100, 0x0, 0x7}, 0x0, 0x7, r0, 0x9)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r2 = open$dir(&(0x7f0000000180)='./file0\x00', 0x20900, 0xc1)
open_by_handle_at(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="10000000020000000b000000000000000000000000000000cbe95504ef94630303d045355924759e888685340a547bd5e9197f4a2158d4f09d533e7b695df38dd96c06ad5aaa98922a33db5903b3cfc84d8dd8eed78e0b8818f809f5ae20fccd69c25d1897945bc62b39d7480000000000000094dcd71883204dcaf54259b75493a938b028f0df4d8a8fb5e49a83abc0990460b79c728a92fe235765ba93cbf1d77b28eb990340598bef5350313d570d74c65eb035ae5c0fc4c2a68dfa6d4aceedcabbcc1de85c77ffc274c9d43a1daedc81235497d1d8b21357569eb1c061bb5fa5c5f5d689d2da12e43aed677723a631d955292a64682c14c1fbb13bb419ba83f7de92492361837bbcba09bf30c4afac0784abb15000a576d1843a851cd74dd54bfd7ab84c94b63236d8b7e7f8c85b472b672d07e2ef0b429ea0b29c6376c77b403e1a48b2a352fc3aa64ee36b8520fd19d0de0e09a577"], 0x414d02)
ioctl$RTC_WIE_OFF(r1, 0x7010)
close_range(r1, 0xffffffffffffffff, 0x0)
r3 = accept4$inet(r1, &(0x7f0000000000)={0x2, 0x0, @loopback}, &(0x7f0000000100)=0x10, 0x80800)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'ipvlan0\x00'})

[ 1232.552492] loop5: detected capacity change from 0 to 512
[ 1232.556474] loop6: detected capacity change from 0 to 512
[ 1232.562280] FAULT_INJECTION: forcing a failure.
[ 1232.562280] name failslab, interval 1, probability 0, space 0, times 0
[ 1232.563556] CPU: 0 UID: 0 PID: 9611 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1232.563575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1232.563584] Call Trace:
[ 1232.563589]  <TASK>
[ 1232.563594]  dump_stack_lvl+0xfa/0x120
[ 1232.563624]  should_fail_ex+0x4d7/0x5e0
[ 1232.563645]  ? ext4_init_fs_context+0x45/0x110
[ 1232.563667]  should_failslab+0xc2/0x120
[ 1232.563689]  __kmalloc_cache_noprof+0x80/0x730
[ 1232.563714]  ? __kmalloc_cache_noprof+0x4ae/0x730
[ 1232.563736]  ? lockdep_init_map_type+0x4b/0x220
[ 1232.563762]  ? ext4_init_fs_context+0x45/0x110
[ 1232.563782]  ext4_init_fs_context+0x45/0x110
[ 1232.563803]  ? __pfx_ext4_init_fs_context+0x10/0x10
[ 1232.563824]  alloc_fs_context+0x580/0xb20
[ 1232.563851]  path_mount+0xd8d/0x2140
[ 1232.563874]  ? kasan_quarantine_put+0x84/0x1e0
[ 1232.563894]  ? __pfx_path_mount+0x10/0x10
[ 1232.563914]  ? kmem_cache_free+0x2cd/0x660
[ 1232.563930]  ? putname.part.0+0xc0/0x160
[ 1232.563957]  ? putname.part.0+0xc0/0x160
[ 1232.563983]  ? putname.part.0+0xc0/0x160
[ 1232.564011]  __x64_sys_mount+0x293/0x310
[ 1232.564033]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1232.564062]  do_syscall_64+0xbf/0x420
[ 1232.564079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1232.564094] RIP: 0033:0x7f720824704a
[ 1232.564107] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1232.564121] RSP: 002b:00007f72057bafa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1232.564136] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f720824704a
[ 1232.564146] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f72057bb000
[ 1232.564155] RBP: 00007f72057bb040 R08: 00007f72057bb040 R09: 0000000020000000
[ 1232.564164] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[ 1232.564173] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1232.564194]  </TASK>
[ 1232.594774] loop3: detected capacity change from 0 to 512
03:54:09 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x2000, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:09 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0xd00, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1232.625188] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1232.629694] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1232.630481] EXT4-fs (loop3): group descriptors corrupted!
[ 1232.638540] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:54:09 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x900, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:18 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0xd00, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:18 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x1002, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:18 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40005, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:54:18 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0xfbffffff}}, 0x414d02)

03:54:18 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 48)

03:54:18 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 95)

03:54:18 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x3f00, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:18 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="100000003f0000000b00"/24], 0x414d02)
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r3 = eventfd2(0xb, 0x80001)
io_setup(0x3f, &(0x7f00000001c0)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000001740)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000200)="992bee7a575534f3", 0x8}])
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r5=>r1}, './file1\x00'})
r6 = mq_open(&(0x7f0000000240)=')^\xeb\x00', 0x2, 0x100, &(0x7f0000000280)={0xc00000, 0x3, 0xfff, 0x54a6f97d})
io_submit(r4, 0x3, &(0x7f0000000400)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x7, 0x9, r5, &(0x7f0000000080)="c4e19981c605829b733400f34a76724fab57a61b8e46a7ac3f9235b1808d62b12ab63172147461dd495ff2e417fc9f34341fc8485fe845f12b075959488afdf96d320ba17c2ae7330918587d0798a5257fa46dc35c8c1c2f1e0e76d9eb098f086e5e64f0e6ad6149aba2ad69d67e1aafe14b389eb20ef30c93cef3092d4d933af895d50366b13ab727004e42c1a02fb1cd4782f11ff4296ccfda315c531d796e22cc8bb8c047be91f5aae73416065c0145f9677582282dd7ae7ef9d449b926e6232d1e1180a8907ac45706a581aba978bae6662b638f", 0xd6, 0x7de, 0x0, 0x6, r2}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x81, r2, &(0x7f00000001c0)="183bd9850e52261b31712c48895d5cd113daf98c3fa5b08f693ed63c37ed", 0x1e, 0x1c, 0x0, 0x7}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x3, 0x401, r6, &(0x7f00000002c0)="6fef1b598720594a060690476f4ea77ed847f8b0e5e23c6de066f6e7", 0x1c, 0x5, 0x0, 0x1}])
open_by_handle_at(r2, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
lseek(r3, 0x1, 0x2)
close_range(r2, 0xffffffffffffffff, 0x0)
ioctl$FICLONE(r0, 0x40049409, r2)

[ 1241.760934] loop6: detected capacity change from 0 to 512
[ 1241.773804] loop5: detected capacity change from 0 to 512
[ 1241.781201] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1241.785875] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
03:54:18 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x1100, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1241.811949] loop6: detected capacity change from 0 to 512
[ 1241.822314] FAULT_INJECTION: forcing a failure.
[ 1241.822314] name failslab, interval 1, probability 0, space 0, times 0
[ 1241.824228] CPU: 0 UID: 0 PID: 9646 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1241.824259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1241.824273] Call Trace:
[ 1241.824281]  <TASK>
[ 1241.824290]  dump_stack_lvl+0xfa/0x120
[ 1241.824336]  should_fail_ex+0x4d7/0x5e0
[ 1241.824369]  should_failslab+0xc2/0x120
[ 1241.824403]  __kmalloc_node_track_caller_noprof+0xd7/0x820
[ 1241.824437]  ? vfs_parse_fs_qstr+0x112/0x1c0
[ 1241.824477]  ? kmemdup_nul+0x3b/0xa0
[ 1241.824511]  kmemdup_nul+0x3b/0xa0
[ 1241.824546]  vfs_parse_fs_qstr+0x112/0x1c0
[ 1241.824576]  ? lockdep_hardirqs_on_prepare+0xdb/0x190
[ 1241.824609]  ? __pfx_vfs_parse_fs_qstr+0x10/0x10
[ 1241.824657]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 1241.824687]  vfs_parse_monolithic_sep+0x198/0x220
[ 1241.824723]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[ 1241.824759]  ? alloc_fs_context+0x5d0/0xb20
[ 1241.824797]  path_mount+0x6d6/0x2140
[ 1241.824838]  ? kasan_quarantine_put+0x84/0x1e0
[ 1241.824871]  ? __pfx_path_mount+0x10/0x10
[ 1241.824903]  ? kmem_cache_free+0x2cd/0x660
[ 1241.824928]  ? putname.part.0+0xc0/0x160
[ 1241.824972]  ? putname.part.0+0xc0/0x160
[ 1241.825013]  ? putname.part.0+0xc0/0x160
[ 1241.825054]  __x64_sys_mount+0x293/0x310
[ 1241.825090]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1241.825136]  do_syscall_64+0xbf/0x420
[ 1241.825163]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1241.825188] RIP: 0033:0x7f720824704a
[ 1241.825206] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1241.825230] RSP: 002b:00007f72057bafa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1241.825253] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f720824704a
[ 1241.825269] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f72057bb000
[ 1241.825284] RBP: 00007f72057bb040 R08: 00007f72057bb040 R09: 0000000020000000
[ 1241.825299] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
[ 1241.825314] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1241.825348]  </TASK>
[ 1241.863108] 
[ 1241.863432] ================================================
[ 1241.864339] WARNING: lock held when returning to user space!
[ 1241.865256] 6.18.0-rc7-next-20251128 #1 Not tainted
[ 1241.866066] ------------------------------------------------
[ 1241.866975] syz-executor.4/9653 is leaving the kernel with locks still held!
[ 1241.868113] 1 lock held by syz-executor.4/9653:
[ 1241.868888]  #0: ffff888016220848 (&sb->s_type->i_mutex_key#23/1){+.+.}-{4:4}, at: start_creating_noperm+0x84/0xd0
[ 1241.870480] loop3: detected capacity change from 0 to 512
[ 1241.891288] FAULT_INJECTION: forcing a failure.
[ 1241.891288] name failslab, interval 1, probability 0, space 0, times 0
[ 1241.893027] CPU: 1 UID: 0 PID: 9661 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1241.893060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1241.893074] Call Trace:
[ 1241.893081]  <TASK>
[ 1241.893089]  dump_stack_lvl+0xfa/0x120
[ 1241.893133]  should_fail_ex+0x4d7/0x5e0
[ 1241.893161]  ? getname_flags.part.0+0x48/0x540
[ 1241.893182]  should_failslab+0xc2/0x120
[ 1241.893213]  kmem_cache_alloc_noprof+0x80/0x710
[ 1241.893235]  ? blkdev_ioctl+0x188/0x6d0
[ 1241.893269]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1241.893304]  ? getname_flags.part.0+0x48/0x540
[ 1241.893323]  getname_flags.part.0+0x48/0x540
[ 1241.893346]  __x64_sys_mkdir+0xdb/0x140
[ 1241.893380]  do_syscall_64+0xbf/0x420
[ 1241.893415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1241.893445] RIP: 0033:0x7f2dac419c27
[ 1241.893462] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1241.893484] RSP: 002b:00007f2da998ffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1241.893506] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2dac419c27
[ 1241.893521] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1241.893534] RBP: 00007f2da9990040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1241.893548] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1241.893561] R13: 0000000020000100 R14: 00007f2da9990000 R15: 0000000020012900
[ 1241.893586]  </TASK>
03:54:19 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x2000, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:19 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40006, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

03:54:19 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x1100, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:19 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0xfeffffff}}, 0x414d02)

03:54:19 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x4000, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:19 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 49)

03:54:19 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 96)

03:54:19 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40007, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1242.061782] loop3: detected capacity change from 0 to 512
03:54:19 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, &(0x7f0000000400)={{}, "85baaad752782d5d960dd9e3c45f79082e7a366435a8ba2c3b68f91774dc196b1f6361ed26fe696cbe1fcdfb5a06528aea4de56552529ea768986785ed111f44ac134c9b84372b98e9149d8044cf22714f00dc1b33c2c841652da46319ef9c289d12560c1ed48d4a3b2bf63460bf5267e4130a5c60d24487da951e71a421a57b62d4325527548d6ace4ff030b43fd28632a0413be3dbaaa0ec087312fb12c3bd786ef17c3f22d16692e719d783ca775c41ca8c62c923516799db6e972e7e692f29f71a22eaf6fa96e941378878add05cae72045776a9a94663a6cc9dc2376187da6dc863794946598e6d93daee35efc97dff47cad35520770148714940cf34099af01b12f583e5164c8c556848db7812fa5a0464fd399b5b7ba78e82743e23d00ed3fbe10dad62a09366cb88abebb77ca653a07be1403b3a49173c8bd8141c85fb41a9d5af8855eeb6c9b04c160da9c12e8ae814b99d73041ef866c39b76414fbad85e39ed469dc1cda5d254f3822e7265d4ff3bccbbb57670898de240ad1f5e82b5e71289a1f063adea943602c131a00f84dc6812daf381737d33cad1ab7610da0e0b2c3e43a7557e499fc73af0aee2c80d1a765e32b7e1ce81a12cea5878dae50fc8ad7c9acc7471961eb2f24aee594a827e3b7b35fc012630b0862ff68517555f57e793e48a0f3d4abaaa5667575271be06c5b53c6e6a17d9d42e333c00df6ad63962addd8a0c00eb14a507cc4bc24d3dc1622b4034889bc611f6a5d696e1e9043d7415afc63ec166300ebcfbc94dd7d11d935a1fb9de14792c95a79a37597053ad87798db6caeb4b997acb37c7d98a07da2a75cc6d6cc2f6e5b416a90e2e7cd9613b8de6fb0a12f7db2a22147f6fc9f03c93e1a773d82ac6bd47310cee4ed6c7c22639362773963d84e7e893380aab681b3965284959fb156f81472105ddb45c2061a03d73dd9510fe789af41cc511b62a3eef07850d8222adb9b6d6194bf41f19394bec7cf30cc4b501ec3cbf5cedef6c2880c122a7099007c2d497c6512d7dd8a58f099fcb50166065c6027db8b7969b3bc23d847618b15cb6bc1924d0c0623b45e787a2005230b157f8ab9942a9f6380385ff4524e76e82422471fc74b96860ab5925d61dc9d34f89a475324553ed5bb41dbef629e58d03f3461d83a4bba03597dca178474ba8541bcb9763b458b81e81dd9a04b8125c95d94a004061c9a619cfad5ae3b9f8185f2e8f8ebb0989803e5e74294176b2a1794f6945e58d43c5d24a414348073ff64f6833e88995a17742a4667570718bd2c95dfc0518344c553ecac2ba16ff22ac61858ef0e334679d71d9fe134291d5fbd499eedc43d69e6fef17858cc853b25577a03ce5497f20f45ae6f40062ec7c9aa7f6af0c9b4212d502f5ca7024cf919ec60a840538d5d609e5ea80838a124984e132103c1357c6c3c3d97f6a9302c0b87897a76bfceddddbd99a779f687081f35d9caf71857e5271a4b49d5273b7ba0621758c13ca46f637a3dce15627fc4e7a5a7f802a8c87a4abd5ef98a8ce3374a0375a5a9e70f462c166ead34a0b8f211fd68758cc76cd8a921acc5f68a605a327029ca695c28e9f8a09450fe2e37f80090f04042570a40ec6f4530e3b6803dde2af354b3393bd5f60582d69fb225d816b8bf7026a42f9e94fffbb311d3f5bbc244d9594c3dea23c2780b3972f26d9f60760782f9d1f600dc8d8fec0f91e5488b026f7ae6e4b0dc7db03d1bff965f2196f9da8ac2b331f46e31a941c1b73f92a01829089e81747aa2d0e681d13c920e4011f0e2c89e3ec32f66b8628f361202348fd7c262d02240ef101b2e0047716246d712f6dc1b7f00cf7142586f493753537f54ad96fcd726ebe9a2476c0f97d47c2c9f50d5364f7c4cfdd33e680227713afdf2082fde2441d3fe6972d1c1fe6e4d157f4747e6f31579e074e72764b5ec0d377cf32f10e20c4c395a0cba48c8d732669260da2097bf6ff36626be6ffac53d093b37a376ac392697a121204644d90e1d5f653ced74e5e94f835cee1426d05d586568e651e9bb207d0dd5636d552b852fe9795d524a84956f72e0e7ae91ff15636ef07eaa7a8e04b274d270270d0f501008f3d94fb8ed29a2544140800a4e869d7d09136c0d496888881098c8dfeccf35e7e96a11c649ce8f7d0223413eccc4687aefe10bd4a8aa3cf6a996b84361cf8e1eb586a04a194fe09873fa9582a6b9b0dae14b740d7e567dd0825e9e01010dc2ea55774b1e04871b465949a8f8b1b0dcd4dfb46293a01aaba5eb770936cfcf5e2f05c9554a907e1196602c01fdf9f5d68fe5f706c4d0c31387feddbe7cd521e702740b8706192687833f23f5b4794959cf639d8e900b399db18b992e24e27ad5013dd07bf0f6e675913bbe138d9eec73c3095c3c33a10c47fcc80da71648ddb5dde220533a92dccd32f45fc3b7979baeea52c5863c332529b0710f1fa6a29005a3a14778fb56fd59f358990054eb3a5374bc3d1515bef2bc88e3f3765810f7460da3ad330a9239544b99e49e84a231989f2427444588b1d9c8f00490d09f42cbeb64c1e70cb1362a29063b7bf0de743f09059a377cc7c97cfc980a59c729a0844bad947d686bb00fcf92499e20a11926db78d6ebb5b0d56d9d2785eba748c3b1cf9d7de335b306c30e2511891b7b4f971091d5eba629a0993fa6b7ad6434d118cd6bf176178442156be7381511c05486849960e2bde1f2c8deef3ecbda30a5d8aa9499ed0aecf91cdc198db09f6fe07cdd210c04bdd4f55ff862fdac71caa45bcb0af04f51bd81713f242cc38313805ab90cf3125f86cc36c9fd4d28aafa0e3e1fc4836d459c369b506ed109e4d3abcb4d5727f3a221feae7b23aeedd952f899c8a1a9a1fb0f0e860967082a56b5796caee40596fe2b1f4729af0739ba19c21b11fc8671d8dae834baa09ea69ff5f2a1cc6a1f3c651173bb0ca92d488b50ee8d32e2455324a66a2dce4d1814985db72d9d5f09a1c6d0f43810586b297aefe6f110358aad358440527fb068b4b87bb13e91b0a9429bdff00d6ca4dd64fadb096e5c97322004f61a491d3a4c3a542df5bbfa18dffee47e022297ca7539161f933edc0be48ee7350d49121888377d9b1d7aa85f072d8d1598af084322c4705ebe0f72a68656953be68bb02464eb9677a13431c201b51024c109601cd29998b4fa92ceb483f92b760e4f75fdf301a1e443cd91bd4313788f39f816e98d05ec5fb8acf91dc318ea98978fda29372c7cc5d6bb9314eddd4307570b5e071e1e73347b474edf373039dae8423b8972cec145b8bc6dd772b2b50e04a8a5b9c04549200ba65313d30a83626b671395a98223c5b453496ff76b122752f311b1b360359f93b4c14a921433f0354fd1f4f6ffcbbc7876254789c035e75e094284514953fb47ac935397b603c20a1913a820de337f1a0263f6deaee7de7306d117840353f4b231698e86486aa47dc1c4e15895ea2f466ea7a2e79a3fbc929a60a8043f70314cdd0816423ce093e896c419cc4e4fcff5de9158922c8045c5263267c1d92077807ea033382949523a2cf0a821e469fd3b8f2c3f9731eb2e4edd2ea4b9cd3247bcfe623b9a4e0071ac1601a4aa2c65dcdc85de051270fddfe89fe2d7c5b8f7211191c693543f8ac478862f7adaa122038f244441e196b6f601b24f78b21db8cf73d870f144c85eeb99650776c3a518f4fb490d7b07852c8200e68ab27382d52c5f7d04e301f27a10bd6c5a19dc0a25af0c32a8c6d1803f43376efee93ea1099dc78a72abb952ab1e1c18b9e12ae13f569d0406a2900cc7778d06c230f0ac3f21fc4cf4b94a035551fc3143e93c2c611b124f9073305d296edc8e2a200ad385c12056a432402d2e801f125ac96cbcab317fee8db168de0cd0a1553ba18ec719492e4265c37897229a8ed2508ea225f726237a8780322c975b84d1e775d13803fd3c078b00be8e66e86750f5b6dc27684fb2655d696927639910a45934791a8b23dc5f2c545bb7acd46ba8b457c36c2098655353d84864644bdde893021463562c965dd8d84b0d0cc54577a0327a63f20c9d1585c414bd4788d3b04e848cb004c191f456c093e21dc401db1fc1dee048bbe7f281e2c054f9c12c0b7378385f3e90f64b01e0071b5b279572f861a7fff6c24a3561f56e7e50afc6c1c27a2664113b0cf017e9bd236f32de909c7bb32461e38545acec246c3aa8451de2f75961cbf4cfe38a2287644d5eaebe83112fd6800e47559e2e0276047c895196ac12b0b7f2de134225676ca006f9b50d6c8fb236235b92394472506595915ff9e492061aa9578d091dc89cc1151d49c3401bbb674a6bd3ba72aafe3b0982c7f909f65c68b52cca7b9f9659cb5c3fe4ce2572b8da70f27da7be80dbfd720aae008620e3e3a10705869bf191c69e78de80c4f68e6081abb28d700a362b4ba2742c6a0fbcabbefaff512012152ef39ee554f8a0f28cd1577ff9794191c20663e4b2e57ad6115a5dae85d6224b1972475b764e196a52bdb54a9cf376ce116cd9e4fbaa7f60cf6a9acb26b6bdbd69ea04ce38961f4f590c840a7b1f6ee9a5701969531ffe9840c1508a28bedeae8ce804af37cf017f10c83778aa6ba2b6b784cd9d97b1c229645798ba015770ad9420853332b19d421754f6d4c5e2223ed43d0dcbf5fe18bee42270405b8347c7b261c6e5492610f3112cf8f7f0396af1fbad934769ce13918c97a110160a9fc97e5a1bdd8165c6a19de8a3aa7be47da32a6cb17b964cec9c0208b368412055a3767c545b2cb2ac181a072b9e85b8b898ed4b70604461fcfa8b9c9936c34bfe611e82aca82b0881780c6e144868ba5785ae4f97f829de132c16692083c45520fe663daf283c76519b6e76bdb176de4a9696f75aea5d9ab16f86e91b9e12e7f0839356d48a27760e716d6c80208f3b7405464daa5352c5462410faf0eadb0f018cada74b292b3200474438b3e27ce903d86fa8e37817602e300007134958b1770dde5cf7b5ff3fb1b8ebae8d0abf7fd5c14d6ae257ad6925be8d14451ebe73058161b2cdaa37a9227aa269681d2c8fef727ff77fb9dc9297dce7d100731a77ada850aa5c266889a4a39fd3fd3f3e1880a445f7abb28994167e946bfbe5dfe3512daa2411bed8160f12cf5d9afcacb380bb4907dc4e4fbeb8c6c1719434ac5e5579ae0a8533b0502d6434e77043a97e3a396aa15aa5b22164fa2d29289fe7ff0412d1ee24561d9c86fdad18d6d83245312e6060dbbfae6d6a354c758c344d787001250fc5ebaf441911e132ab990e1d1e2bdf45db00e43722ba20686bd140a150a2f8e5230f4c03b7c2f5687afa541c90d383019c0e0ea60811a1a1d749c8af342d4ab70469b620ca70fdc551b03cdf7f886ab831f3607ea081238669b3b16d2d3fbb52292aedccb88ebb112eb03e2d6cab017b2c20ca3641634c02e390cc0b2e7c6a7496a788de11a8a51f59baeecd3e653d1e37e3d83ab308fb289e0e96aeb624c4cb3aee6426e63dc39b30c1d7f212255ab7e007bce0d4e3453fade67ff48b331d0ffd157450a1c9f3ba69946e074051174151ff01c3e1aa0bd5f7864e4947b883867eec0b78c2f2e2d0d3a47455a23e7f8359baa2fa2888f6507117f887f8a79ac4cbf8625a75743c680401fcf6116d4c95701a4dac4e94ae8a696ee4fc8e3cbe7bedf60975af2f1834a0c49b98270ee290dd4cdd5f3fce3c25fc3f4f851b07013229d874503176985f535e280335cb14a5a152046780515a0"})
close_range(r1, 0xffffffffffffffff, 0x0)

[ 1242.074706] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1242.076191] EXT4-fs (loop3): group descriptors corrupted!
[ 1242.127865] loop6: detected capacity change from 0 to 512
[ 1242.139947] loop5: detected capacity change from 0 to 512
[ 1242.154486] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1242.155873] EXT4-fs (loop5): group descriptors corrupted!
[ 1242.169210] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1242.174702] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1242.218316] Process accounting resumed
03:54:27 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 97)

03:54:27 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="10000000020000000b0000000000000000000000000000002e0885da4097ee00dedb3a6f8ff2572637d65a58be033e0c989bbfbf9cf4faa0a524ca45762ca7d959c0fe56089dfd38e254df"], 0x414d02)
close_range(r0, 0xffffffffffffffff, 0x0)

03:54:27 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0xffff8000}}, 0x414d02)

03:54:27 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x3f00, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:27 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x2000, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:27 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 50)

03:54:27 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x5002, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:27 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40008, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1250.470794] loop3: detected capacity change from 0 to 512
[ 1250.472573] FAULT_INJECTION: forcing a failure.
[ 1250.472573] name failslab, interval 1, probability 0, space 0, times 0
[ 1250.473562] CPU: 0 UID: 0 PID: 9694 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1250.473579] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1250.473587] Call Trace:
[ 1250.473591]  <TASK>
[ 1250.473596]  dump_stack_lvl+0xfa/0x120
[ 1250.473626]  should_fail_ex+0x4d7/0x5e0
[ 1250.473643]  ? getname_flags.part.0+0x48/0x540
[ 1250.473656]  should_failslab+0xc2/0x120
[ 1250.473674]  kmem_cache_alloc_noprof+0x80/0x710
[ 1250.473687]  ? blkdev_ioctl+0x188/0x6d0
[ 1250.473706]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1250.473727]  ? getname_flags.part.0+0x48/0x540
[ 1250.473737]  getname_flags.part.0+0x48/0x540
[ 1250.473749]  __x64_sys_mkdir+0xdb/0x140
[ 1250.473767]  do_syscall_64+0xbf/0x420
[ 1250.473782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1250.473795] RIP: 0033:0x7f2dac419c27
[ 1250.473804] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1250.473817] RSP: 002b:00007f2da998ffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1250.473829] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2dac419c27
[ 1250.473837] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1250.473845] RBP: 00007f2da9990040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1250.473853] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1250.473860] R13: 0000000020000100 R14: 00007f2da9990000 R15: 0000000020012900
[ 1250.473873]  </TASK>
[ 1250.496556] loop6: detected capacity change from 0 to 512
[ 1250.501927] loop5: detected capacity change from 0 to 512
03:54:27 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 51)

[ 1250.516553] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1250.516846] FAULT_INJECTION: forcing a failure.
[ 1250.516846] name failslab, interval 1, probability 0, space 0, times 0
[ 1250.519461] CPU: 1 UID: 0 PID: 9699 Comm: syz-executor.5 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1250.519497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1250.519513] Call Trace:
[ 1250.519523]  <TASK>
[ 1250.519533]  dump_stack_lvl+0xfa/0x120
[ 1250.519581]  should_fail_ex+0x4d7/0x5e0
[ 1250.519614]  ? getname_kernel+0x52/0x390
[ 1250.519651]  should_failslab+0xc2/0x120
[ 1250.519687]  kmem_cache_alloc_noprof+0x80/0x710
[ 1250.519714]  ? trace_hardirqs_on+0x16/0x110
[ 1250.519755]  ? getname_kernel+0x52/0x390
[ 1250.519791]  getname_kernel+0x52/0x390
[ 1250.519829]  kern_path+0x1f/0x80
[ 1250.519859]  lookup_bdev+0xc6/0x270
[ 1250.519898]  ? __pfx_lookup_bdev+0x10/0x10
[ 1250.519937]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[ 1250.519983]  get_tree_bdev_flags+0xb8/0x620
[ 1250.520015]  ? __pfx_ext4_fill_super+0x10/0x10
[ 1250.520048]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 1250.520080]  ? cap_capable+0xdb/0x380
[ 1250.520111]  ? security_capable+0x2f/0x90
[ 1250.520141]  vfs_get_tree+0x93/0x340
[ 1250.520168]  path_mount+0x726/0x2140
[ 1250.520204]  ? kasan_quarantine_put+0x84/0x1e0
[ 1250.520236]  ? __pfx_path_mount+0x10/0x10
[ 1250.520268]  ? kmem_cache_free+0x2cd/0x660
[ 1250.520298]  ? putname.part.0+0xc0/0x160
[ 1250.520332]  ? putname.part.0+0xc0/0x160
[ 1250.520369]  __x64_sys_mount+0x293/0x310
[ 1250.520403]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1250.520444]  do_syscall_64+0xbf/0x420
[ 1250.520469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1250.520493] RIP: 0033:0x7f720824704a
[ 1250.520511] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1250.520534] RSP: 002b:00007f72057bafa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 1250.520557] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f720824704a
[ 1250.520573] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f72057bb000
[ 1250.520588] RBP: 00007f72057bb040 R08: 00007f72057bb040 R09: 0000000020000000
[ 1250.520604] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000
03:54:27 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0xf400, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1250.520618] R13: 0000000020000100 R14: 00007f72057bb000 R15: 0000000020012900
[ 1250.520645]  </TASK>
[ 1250.525811] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1250.526135] /dev/loop5: Can't lookup blockdev
[ 1250.529171] loop3: detected capacity change from 0 to 512
[ 1250.557125] FAULT_INJECTION: forcing a failure.
[ 1250.557125] name failslab, interval 1, probability 0, space 0, times 0
[ 1250.558051] CPU: 0 UID: 0 PID: 9708 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1250.558067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1250.558075] Call Trace:
[ 1250.558080]  <TASK>
[ 1250.558084]  dump_stack_lvl+0xfa/0x120
[ 1250.558111]  should_fail_ex+0x4d7/0x5e0
[ 1250.558128]  ? __d_alloc+0x34/0xa10
[ 1250.558145]  should_failslab+0xc2/0x120
[ 1250.558163]  kmem_cache_alloc_lru_noprof+0x84/0x720
[ 1250.558181]  ? __d_alloc+0x34/0xa10
[ 1250.558197]  __d_alloc+0x34/0xa10
[ 1250.558214]  d_alloc+0x4a/0x1e0
[ 1250.558231]  lookup_one_qstr_excl+0x174/0x270
[ 1250.558243]  ? mnt_want_write+0x153/0x420
[ 1250.558258]  filename_create+0x1c1/0x400
[ 1250.558272]  ? __pfx_filename_create+0x10/0x10
[ 1250.558287]  ? __virt_addr_valid+0x2e8/0x5d0
[ 1250.558310]  do_mkdirat+0xa8/0x450
[ 1250.558326]  ? __pfx_do_mkdirat+0x10/0x10
[ 1250.558342]  ? strncpy_from_user+0x21b/0x2f0
[ 1250.558364]  __x64_sys_mkdir+0xf3/0x140
[ 1250.558381]  do_syscall_64+0xbf/0x420
[ 1250.558394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1250.558407] RIP: 0033:0x7f2dac419c27
[ 1250.558417] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1250.558429] RSP: 002b:00007f2da998ffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1250.558441] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2dac419c27
[ 1250.558450] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1250.558458] RBP: 00007f2da9990040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1250.558467] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1250.558474] R13: 0000000020000100 R14: 00007f2da9990000 R15: 0000000020012900
[ 1250.558488]  </TASK>
03:54:27 executing program 2:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x3f00, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:27 executing program 0:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}, 0xfffff000}}, 0x414d02)

03:54:27 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 52)

03:54:27 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x4000, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1250.633137] loop3: detected capacity change from 0 to 512
03:54:27 executing program 4:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xfeffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
open_by_handle_at(r1, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0xb}}}, 0x414d02)
ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000100)=<r2=>0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x8, 0x1, 0x5, 0x96, 0x0, 0x80000000, 0xc, 0x9, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x2, @perf_bp={&(0x7f0000000040), 0x6}, 0x0, 0x4, 0x7, 0x9, 0x400, 0x3, 0x6, 0x0, 0xfffffffc, 0x0, 0x50}, r2, 0x2, r0, 0x9)
close_range(r1, 0xffffffffffffffff, 0x0)

03:54:27 executing program 1:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x20010, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

03:54:27 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 98)

[ 1250.648372] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[ 1250.649209] EXT4-fs (loop3): group descriptors corrupted!
03:54:27 executing program 6:
creat(&(0x7f0000000340)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40009, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000d0f4655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900))

[ 1250.682063] loop6: detected capacity change from 0 to 512
03:54:27 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012900)) (fail_nth: 53)

03:54:27 executing program 7:
clone3(&(0x7f0000005880)={0x0, 0x0, &(0x7f0000000280), 0x0, {}, 0x0, 0x4008, &(0x7f0000005900)=""/102394, 0x0}, 0x6c)

[ 1250.710453] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1250.722702] loop5: detected capacity change from 0 to 512
[ 1250.725792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1250.740652] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[ 1250.741492] EXT4-fs (loop5): group descriptors corrupted!
[ 1250.793508] loop3: detected capacity change from 0 to 512
[ 1250.799505] FAULT_INJECTION: forcing a failure.
[ 1250.799505] name failslab, interval 1, probability 0, space 0, times 0
[ 1250.801404] CPU: 1 UID: 0 PID: 9735 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) 
[ 1250.801436] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1250.801449] Call Trace:
[ 1250.801457]  <TASK>
[ 1250.801466]  dump_stack_lvl+0xfa/0x120
[ 1250.801510]  should_fail_ex+0x4d7/0x5e0
[ 1250.801540]  ? getname_flags.part.0+0x48/0x540
[ 1250.801563]  should_failslab+0xc2/0x120
[ 1250.801597]  kmem_cache_alloc_noprof+0x80/0x710
[ 1250.801621]  ? blkdev_ioctl+0x188/0x6d0
[ 1250.801658]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1250.801697]  ? getname_flags.part.0+0x48/0x540
[ 1250.801718]  getname_flags.part.0+0x48/0x540
[ 1250.801743]  __x64_sys_mkdir+0xdb/0x140
[ 1250.801777]  do_syscall_64+0xbf/0x420
[ 1250.801801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1250.801825] RIP: 0033:0x7f2dac419c27
[ 1250.801843] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1250.801865] RSP: 002b:00007f2da998ffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[ 1250.801889] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2dac419c27
[ 1250.801905] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[ 1250.801919] RBP: 00007f2da9990040 R08: 0000000000000000 R09: ffffffffffffffff
[ 1250.801934] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[ 1250.801948] R13: 0000000020000100 R14: 00007f2da9990000 R15: 0000000020012900
[ 1250.801982]  </TASK>

VM DIAGNOSIS:
03:54:19  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=ffff88806ce38540 RCX=0000000000000000 RDX=1ffff110026a3080
RSI=0000000000000008 RDI=ffff888013518400 RBP=0000000000000000 RSP=ffff88801b06fad0
R8 =0000000000000000 R9 =ffffffff86663494 R10=ffffffff86662a57 R11=0000000000000000
R12=ffff888013518000 R13=ffff88806ce38551 R14=ffff888013518000 R15=ffff888013518000
RIP=ffffffff815c7586 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 000055555f274400 00000000 00000000
GS =0000 ffff8880e5368000 00000000 00000000
LDT=0000 fffffe1600000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2d627000 CR3=000000000d78d000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffffea0000e55d40 RCX=ffffffff81a5749d RDX=ffff888048f39bc0
RSI=0000000000000008 RDI=ffffea0000e55d40 RBP=0000000000000001 RSP=ffff8880520075e8
R8 =0000000000000000 R9 =fffff940001caba8 R10=0000000000000000 R11=0000000000000000
R12=ffffea0000e55d40 R13=0000000000000000 R14=ffff888050a72140 R15=ffffea0000e55d70
RIP=ffffffff81b37280 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e5468000 00000000 00000000
LDT=0000 fffffe5300000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f6a12cf33a4 CR3=000000000d04c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000