================================================ WARNING: lock held when returning to user space! 6.18.0-rc7-next-20251128 #1 Not tainted ------------------------------------------------ syz-executor.0/17571 is leaving the kernel with locks still held! 1 lock held by syz-executor.0/17571: #0: ffff888013d50f08 (&sb->s_type->i_mutex_key#25/1){+.+.}-{4:4}, at: start_creating_noperm+0x84/0xd0 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 UID: 0 PID: 17575 Comm: syz-executor.3 Not tainted 6.18.0-rc7-next-20251128 #1 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 Call Trace: dump_stack_lvl+0xfa/0x120 should_fail_ex+0x4d7/0x5e0 should_failslab+0xc2/0x120 kmem_cache_alloc_noprof+0x80/0x710 security_inode_alloc+0x3e/0x130 inode_init_always_gfp+0xc9d/0xff0 alloc_inode+0x8d/0x250 new_inode+0x1e/0x160 __shmem_get_inode+0x17c/0xe80 __shmem_file_setup+0x108/0x370 __do_sys_memfd_create+0x2ce/0xaa0 do_syscall_64+0xbf/0x420 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f4192c37b19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f41901acf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f4192c37b19 RDX: 0000000000008800 RSI: 0000000000000000 RDI: 00007f4192c910fb RBP: 0000000000000005 R08: 0000000000004400 R09: ffffffffffffffff R10: 0000000000000005 R11: 0000000000000246 R12: 0000000008100000 R13: 0000000020000100 R14: 0000000000200000 R15: 0000000020014a00 loop1: detected capacity change from 0 to 512 EXT4-fs error (device loop1): __ext4_fill_super:5553: inode #2: comm syz-executor.1: iget: special inode unallocated EXT4-fs (loop1): get root inode failed EXT4-fs (loop1): mount failed tmpfs: Bad value for 'gid' tmpfs: Bad value for 'gid' loop1: detected capacity change from 0 to 512 EXT4-fs error (device loop1): __ext4_fill_super:5553: inode #2: comm syz-executor.1: iget: special inode unallocated loop5: detected capacity change from 0 to 512 EXT4-fs (loop1): get root inode failed EXT4-fs (loop1): mount failed loop7: detected capacity change from 0 to 4096 loop2: detected capacity change from 0 to 512 EXT4-fs error (device loop7): ext4_ext_check_inode:528: inode #3: comm syz-executor.7: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) EXT4-fs error (device loop5): __ext4_fill_super:5553: inode #2: comm syz-executor.5: iget: special inode unallocated EXT4-fs (loop5): get root inode failed EXT4-fs (loop5): mount failed EXT4-fs error (device loop2): __ext4_fill_super:5553: inode #2: comm syz-executor.2: iget: special inode unallocated EXT4-fs error (device loop7): ext4_quota_enable:7179: comm syz-executor.7: Bad quota inode: 3, type: 0 EXT4-fs (loop2): get root inode failed EXT4-fs (loop2): mount failed EXT4-fs warning (device loop7): ext4_enable_quotas:7217: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. EXT4-fs (loop7): mount failed EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. EXT4-fs error (device loop1): __ext4_fill_super:5553: inode #2: comm syz-executor.1: iget: special inode unallocated EXT4-fs (loop1): get root inode failed EXT4-fs (loop1): mount failed EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.