b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 2368.214893] RSP: 002b:00007fc13f802ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 2368.216407] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc142240a04 [ 2368.217828] RDX: 0000000000000002 RSI: 00007fc13f803000 RDI: 00000000ffffff9c [ 2368.219231] RBP: 00007fc13f803000 R08: 0000000000000000 R09: ffffffffffffffff [ 2368.220630] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 2368.222033] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2368.223472] [ 2368.265837] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2368.269367] EXT4-fs (loop6): get root inode failed [ 2368.270449] EXT4-fs (loop6): mount failed 19:26:07 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x7e, 0x0) 19:26:07 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="02000000030000", 0x7, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:07 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x200000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:26:07 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x18000000, 0x0) 19:26:07 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 18) 19:26:07 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0), 0x0, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:07 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:07 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xfffe, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2386.607113] loop4: detected capacity change from 0 to 512 [ 2386.609934] FAULT_INJECTION: forcing a failure. [ 2386.609934] name failslab, interval 1, probability 0, space 0, times 0 [ 2386.612240] CPU: 1 PID: 12839 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2386.613913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2386.616176] Call Trace: [ 2386.616690] [ 2386.617124] dump_stack_lvl+0x8b/0xb3 [ 2386.617877] should_fail.cold+0x5/0xa [ 2386.618630] ? create_object.isra.0+0x3a/0xa20 [ 2386.619518] should_failslab+0x5/0x10 [ 2386.620271] kmem_cache_alloc+0x5b/0x480 [ 2386.621089] create_object.isra.0+0x3a/0xa20 [ 2386.621966] ? kasan_unpoison+0x23/0x50 [ 2386.622775] kmem_cache_alloc+0x239/0x480 [ 2386.623621] getname_flags.part.0+0x50/0x4f0 [ 2386.624512] getname+0x8e/0xd0 [ 2386.625043] loop2: detected capacity change from 0 to 512 [ 2386.625160] do_sys_openat2+0xf5/0x4c0 [ 2386.627036] ? build_open_flags+0x6f0/0x6f0 [ 2386.627921] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2386.629040] __x64_sys_openat+0x13f/0x1f0 [ 2386.629862] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2386.630845] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2386.631507] loop5: detected capacity change from 0 to 512 [ 2386.631879] do_syscall_64+0x3b/0x90 [ 2386.633687] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2386.634735] RIP: 0033:0x7fc142240a04 [ 2386.635471] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 2386.639127] RSP: 002b:00007fc13f802ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 2386.640631] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc142240a04 [ 2386.642085] RDX: 0000000000000002 RSI: 00007fc13f803000 RDI: 00000000ffffff9c [ 2386.643511] RBP: 00007fc13f803000 R08: 0000000000000000 R09: ffffffffffffffff [ 2386.644945] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 2386.646397] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2386.647840] [ 2386.650346] loop6: detected capacity change from 0 to 512 [ 2386.654814] loop1: detected capacity change from 0 to 512 [ 2386.659347] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2386.661833] loop3: detected capacity change from 0 to 512 [ 2386.664464] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2386.666926] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2386.668793] EXT4-fs (loop4): group descriptors corrupted! [ 2386.684168] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2386.685575] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2386.687619] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2386.697543] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2386.702499] EXT4-fs (loop6): get root inode failed [ 2386.704289] EXT4-fs (loop6): mount failed [ 2386.715254] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2386.732847] EXT4-fs (loop3): get root inode failed [ 2386.734062] EXT4-fs (loop3): mount failed 19:26:07 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:07 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0xed410000, 0x0) 19:26:08 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="0200000003000000", 0x8, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2386.794659] loop4: detected capacity change from 0 to 512 19:26:08 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2386.799828] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2386.822567] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2386.824386] EXT4-fs (loop4): group descriptors corrupted! 19:26:08 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0), 0x0, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:08 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 19) [ 2386.922137] loop2: detected capacity change from 0 to 512 19:26:08 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="0200000003000000", 0x8, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2386.945218] loop6: detected capacity change from 0 to 512 19:26:08 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2386.960981] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2386.983038] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2386.989038] EXT4-fs (loop6): get root inode failed [ 2386.990181] EXT4-fs (loop6): mount failed [ 2386.992724] FAULT_INJECTION: forcing a failure. [ 2386.992724] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2386.995120] CPU: 0 PID: 12872 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2386.996772] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2386.999073] Call Trace: [ 2386.999586] [ 2387.000042] dump_stack_lvl+0x8b/0xb3 [ 2387.000812] should_fail.cold+0x5/0xa [ 2387.001588] strncpy_from_user+0x34/0x3d0 [ 2387.002435] getname_flags.part.0+0x95/0x4f0 [ 2387.002965] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2387.003324] getname+0x8e/0xd0 [ 2387.005440] do_sys_openat2+0xf5/0x4c0 [ 2387.006260] ? build_open_flags+0x6f0/0x6f0 [ 2387.007155] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2387.008270] __x64_sys_openat+0x13f/0x1f0 [ 2387.009098] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2387.010091] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2387.011132] do_syscall_64+0x3b/0x90 [ 2387.011882] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2387.012932] RIP: 0033:0x7fc142240a04 [ 2387.013674] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 2387.017350] RSP: 002b:00007fc13f802ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 2387.018875] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc142240a04 [ 2387.020297] RDX: 0000000000000002 RSI: 00007fc13f803000 RDI: 00000000ffffff9c [ 2387.021721] RBP: 00007fc13f803000 R08: 0000000000000000 R09: ffffffffffffffff [ 2387.023142] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 2387.024555] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2387.026015] [ 2387.034905] loop4: detected capacity change from 0 to 512 [ 2387.045079] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2387.050585] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2387.052396] EXT4-fs (loop4): group descriptors corrupted! 19:26:20 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 20) [ 2399.282490] FAULT_INJECTION: forcing a failure. [ 2399.282490] name failslab, interval 1, probability 0, space 0, times 0 [ 2399.284932] CPU: 0 PID: 12888 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2399.286679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2399.289029] Call Trace: [ 2399.289563] [ 2399.290030] dump_stack_lvl+0x8b/0xb3 [ 2399.290851] should_fail.cold+0x5/0xa [ 2399.291656] ? __alloc_file+0x21/0x230 [ 2399.292487] should_failslab+0x5/0x10 [ 2399.293296] kmem_cache_alloc+0x5b/0x480 [ 2399.294199] __alloc_file+0x21/0x230 [ 2399.294996] alloc_empty_file+0x6d/0x170 [ 2399.295861] path_openat+0xe1/0x2870 [ 2399.296671] ? path_lookupat+0x850/0x850 [ 2399.297536] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2399.298667] ? lock_is_held_type+0xd7/0x130 [ 2399.299596] do_filp_open+0x1aa/0x400 [ 2399.300406] ? may_open_dev+0xf0/0xf0 [ 2399.301220] ? lock_release+0x3b2/0x750 [ 2399.302061] ? alloc_fd+0x2f0/0x670 [ 2399.302850] ? lock_downgrade+0x6d0/0x6d0 [ 2399.303731] ? rwlock_bug.part.0+0x90/0x90 [ 2399.304630] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2399.305797] ? _find_next_bit+0x1e5/0x260 [ 2399.306706] ? _raw_spin_unlock+0x24/0x40 [ 2399.307586] ? alloc_fd+0x2f0/0x670 [ 2399.308377] do_sys_openat2+0x16d/0x4c0 [ 2399.309233] ? build_open_flags+0x6f0/0x6f0 [ 2399.310179] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2399.311368] __x64_sys_openat+0x13f/0x1f0 [ 2399.312254] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2399.313291] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2399.314409] do_syscall_64+0x3b/0x90 [ 2399.315208] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2399.316311] RIP: 0033:0x7fc142240a04 [ 2399.317091] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 2399.319895] loop2: detected capacity change from 0 to 512 [ 2399.320953] RSP: 002b:00007fc13f802ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 2399.320983] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc142240a04 [ 2399.321001] RDX: 0000000000000002 RSI: 00007fc13f803000 RDI: 00000000ffffff9c [ 2399.321017] RBP: 00007fc13f803000 R08: 0000000000000000 R09: ffffffffffffffff [ 2399.321034] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 2399.321050] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2399.331391] [ 2399.333092] loop4: detected capacity change from 0 to 512 [ 2399.348504] loop1: detected capacity change from 0 to 512 19:26:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0), 0x0, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="0200000003000000", 0x8, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:20 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x82, 0x0) 19:26:20 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xc9ffff, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:26:20 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0xf6ffffff, 0x0) 19:26:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x2000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2399.362737] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:26:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x1000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2399.369154] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2399.378448] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2399.380397] EXT4-fs (loop4): group descriptors corrupted! [ 2399.386757] loop5: detected capacity change from 0 to 512 [ 2399.391656] loop6: detected capacity change from 0 to 512 [ 2399.396373] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:26:20 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0xff000000, 0x0) [ 2399.459127] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2399.471626] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2399.493531] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2399.510498] EXT4-fs (loop6): get root inode failed [ 2399.511668] EXT4-fs (loop6): mount failed 19:26:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2399.550869] loop2: detected capacity change from 0 to 512 [ 2399.566234] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:26:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x2000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2399.627084] loop4: detected capacity change from 0 to 512 19:26:20 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0xfffff000, 0x0) 19:26:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf465", 0xf, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2399.664648] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2399.676927] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 19:26:20 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x83, 0x0) [ 2399.679088] EXT4-fs (loop4): group descriptors corrupted! 19:26:20 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 21) [ 2399.753616] loop6: detected capacity change from 0 to 512 [ 2399.760367] loop2: detected capacity change from 0 to 512 [ 2399.782985] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2399.793576] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2399.811495] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2399.818845] EXT4-fs (loop6): get root inode failed [ 2399.820026] EXT4-fs (loop6): mount failed [ 2399.825345] FAULT_INJECTION: forcing a failure. [ 2399.825345] name failslab, interval 1, probability 0, space 0, times 0 [ 2399.827626] CPU: 1 PID: 12931 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2399.829285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2399.831537] Call Trace: [ 2399.832049] [ 2399.832499] dump_stack_lvl+0x8b/0xb3 [ 2399.833288] should_fail.cold+0x5/0xa [ 2399.834066] ? create_object.isra.0+0x3a/0xa20 [ 2399.835001] should_failslab+0x5/0x10 [ 2399.835776] kmem_cache_alloc+0x5b/0x480 [ 2399.836605] create_object.isra.0+0x3a/0xa20 [ 2399.837464] ? kasan_unpoison+0x23/0x50 [ 2399.838277] kmem_cache_alloc+0x239/0x480 [ 2399.839133] __alloc_file+0x21/0x230 [ 2399.839894] alloc_empty_file+0x6d/0x170 [ 2399.840716] path_openat+0xe1/0x2870 [ 2399.841490] ? path_lookupat+0x850/0x850 [ 2399.842322] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2399.843388] ? lock_is_held_type+0xd7/0x130 [ 2399.844280] do_filp_open+0x1aa/0x400 [ 2399.845036] ? may_open_dev+0xf0/0xf0 [ 2399.845814] ? lock_release+0x3b2/0x750 [ 2399.846609] ? alloc_fd+0x2f0/0x670 [ 2399.847351] ? lock_downgrade+0x6d0/0x6d0 [ 2399.848169] ? rwlock_bug.part.0+0x90/0x90 [ 2399.849027] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2399.850145] ? _find_next_bit+0x1e5/0x260 [ 2399.851004] ? _raw_spin_unlock+0x24/0x40 [ 2399.851855] ? alloc_fd+0x2f0/0x670 [ 2399.852595] do_sys_openat2+0x16d/0x4c0 [ 2399.853415] ? build_open_flags+0x6f0/0x6f0 [ 2399.854311] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2399.855444] __x64_sys_openat+0x13f/0x1f0 [ 2399.856273] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2399.857244] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2399.858295] do_syscall_64+0x3b/0x90 [ 2399.859055] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2399.860100] RIP: 0033:0x7fc142240a04 [ 2399.860840] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 2399.864525] RSP: 002b:00007fc13f802ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 2399.866053] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc142240a04 [ 2399.867553] RDX: 0000000000000002 RSI: 00007fc13f803000 RDI: 00000000ffffff9c [ 2399.869130] RBP: 00007fc13f803000 R08: 0000000000000000 R09: ffffffffffffffff [ 2399.870733] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 2399.872321] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2399.873937] [ 2399.888796] loop5: detected capacity change from 0 to 512 [ 2399.912802] loop3: detected capacity change from 0 to 512 [ 2399.924273] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2399.933325] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2399.936153] EXT4-fs (loop3): get root inode failed [ 2399.937308] EXT4-fs (loop3): mount failed [ 2412.457025] loop5: detected capacity change from 0 to 512 19:26:33 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x84, 0x0) 19:26:33 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x3000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:33 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x1000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:26:33 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:33 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:33 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf465", 0xf, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2412.457644] loop1: detected capacity change from 0 to 512 19:26:33 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 22) [ 2412.464317] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:26:33 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0xfffffff6, 0x0) [ 2412.497672] loop4: detected capacity change from 0 to 512 [ 2412.499158] FAULT_INJECTION: forcing a failure. [ 2412.499158] name failslab, interval 1, probability 0, space 0, times 0 [ 2412.500456] CPU: 1 PID: 12959 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2412.501328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2412.502533] Call Trace: [ 2412.502805] [ 2412.503046] dump_stack_lvl+0x8b/0xb3 [ 2412.503461] should_fail.cold+0x5/0xa [ 2412.503874] ? security_file_alloc+0x34/0x170 [ 2412.504359] should_failslab+0x5/0x10 [ 2412.504776] kmem_cache_alloc+0x5b/0x480 [ 2412.505214] security_file_alloc+0x34/0x170 [ 2412.505679] __alloc_file+0xb6/0x230 [ 2412.506078] alloc_empty_file+0x6d/0x170 [ 2412.506516] path_openat+0xe1/0x2870 [ 2412.506925] ? path_lookupat+0x850/0x850 [ 2412.507349] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2412.507916] ? lock_is_held_type+0xd7/0x130 [ 2412.508382] do_filp_open+0x1aa/0x400 [ 2412.508787] ? may_open_dev+0xf0/0xf0 [ 2412.509194] ? lock_release+0x3b2/0x750 [ 2412.509624] ? alloc_fd+0x2f0/0x670 [ 2412.510018] ? lock_downgrade+0x6d0/0x6d0 [ 2412.510483] ? rwlock_bug.part.0+0x90/0x90 [ 2412.510935] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2412.511518] ? _find_next_bit+0x1e5/0x260 [ 2412.511956] ? _raw_spin_unlock+0x24/0x40 [ 2412.512397] ? alloc_fd+0x2f0/0x670 [ 2412.512796] do_sys_openat2+0x16d/0x4c0 [ 2412.513231] ? build_open_flags+0x6f0/0x6f0 [ 2412.513693] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2412.514283] __x64_sys_openat+0x13f/0x1f0 [ 2412.514733] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2412.515236] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2412.515778] do_syscall_64+0x3b/0x90 [ 2412.516167] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2412.516718] RIP: 0033:0x7fc142240a04 [ 2412.517105] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 2412.519028] RSP: 002b:00007fc13f802ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 2412.519819] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc142240a04 [ 2412.520562] RDX: 0000000000000002 RSI: 00007fc13f803000 RDI: 00000000ffffff9c [ 2412.521297] RBP: 00007fc13f803000 R08: 0000000000000000 R09: ffffffffffffffff [ 2412.522033] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 2412.522784] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2412.523533] [ 2412.526439] loop6: detected capacity change from 0 to 512 [ 2412.528512] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2412.532647] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2412.533818] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2412.535439] loop2: detected capacity change from 0 to 512 [ 2412.535753] EXT4-fs (loop4): group descriptors corrupted! 19:26:33 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2412.548123] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2412.548877] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2412.581955] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2412.588557] EXT4-fs (loop6): get root inode failed [ 2412.589095] EXT4-fs (loop6): mount failed 19:26:33 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:33 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x4000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2412.618915] loop4: detected capacity change from 0 to 512 [ 2412.644105] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem 19:26:33 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x1000000000000, 0x0) [ 2412.669998] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 19:26:33 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x6000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2412.671982] EXT4-fs (loop4): group descriptors corrupted! 19:26:33 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 23) 19:26:33 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf465", 0xf, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:33 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x7000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2412.781182] loop2: detected capacity change from 0 to 512 19:26:34 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x85, 0x0) 19:26:34 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x5000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2412.803646] loop6: detected capacity change from 0 to 512 [ 2412.812887] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2412.828965] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2412.830755] EXT4-fs (loop6): get root inode failed [ 2412.831076] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2412.831280] EXT4-fs (loop6): mount failed [ 2412.835484] FAULT_INJECTION: forcing a failure. [ 2412.835484] name failslab, interval 1, probability 0, space 0, times 0 [ 2412.837850] CPU: 0 PID: 12988 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2412.839624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2412.841992] Call Trace: [ 2412.842544] [ 2412.843016] dump_stack_lvl+0x8b/0xb3 [ 2412.843840] should_fail.cold+0x5/0xa [ 2412.844653] ? create_object.isra.0+0x3a/0xa20 [ 2412.845636] should_failslab+0x5/0x10 [ 2412.846459] kmem_cache_alloc+0x5b/0x480 [ 2412.847337] create_object.isra.0+0x3a/0xa20 [ 2412.848276] ? kasan_unpoison+0x23/0x50 [ 2412.849136] kmem_cache_alloc+0x239/0x480 [ 2412.850036] security_file_alloc+0x34/0x170 [ 2412.850987] __alloc_file+0xb6/0x230 [ 2412.851785] alloc_empty_file+0x6d/0x170 [ 2412.852659] path_openat+0xe1/0x2870 [ 2412.853475] ? path_lookupat+0x850/0x850 [ 2412.854343] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2412.855482] ? lock_is_held_type+0xd7/0x130 [ 2412.856422] do_filp_open+0x1aa/0x400 [ 2412.857244] ? may_open_dev+0xf0/0xf0 [ 2412.858071] ? lock_release+0x3b2/0x750 [ 2412.858931] ? alloc_fd+0x2f0/0x670 [ 2412.859727] ? lock_downgrade+0x6d0/0x6d0 [ 2412.860615] ? rwlock_bug.part.0+0x90/0x90 [ 2412.861527] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2412.862727] ? _find_next_bit+0x1e5/0x260 [ 2412.863621] ? _raw_spin_unlock+0x24/0x40 [ 2412.864499] ? alloc_fd+0x2f0/0x670 [ 2412.865296] do_sys_openat2+0x16d/0x4c0 [ 2412.866143] ? build_open_flags+0x6f0/0x6f0 [ 2412.867086] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2412.868264] __x64_sys_openat+0x13f/0x1f0 [ 2412.869138] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2412.870166] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2412.871279] do_syscall_64+0x3b/0x90 [ 2412.872075] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2412.873179] RIP: 0033:0x7fc142240a04 [ 2412.873962] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 2412.877829] RSP: 002b:00007fc13f802ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 2412.879438] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc142240a04 [ 2412.880936] RDX: 0000000000000002 RSI: 00007fc13f803000 RDI: 00000000ffffff9c [ 2412.882457] RBP: 00007fc13f803000 R08: 0000000000000000 R09: ffffffffffffffff [ 2412.883948] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 2412.885442] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2412.886968] [ 2412.921200] loop5: detected capacity change from 0 to 512 19:26:34 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x2000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:26:34 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:34 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:34 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x6000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:34 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f0000", 0x16, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2412.949330] loop4: detected capacity change from 0 to 512 [ 2412.959952] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2412.969567] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2413.007913] loop6: detected capacity change from 0 to 512 [ 2413.011089] loop1: detected capacity change from 0 to 512 [ 2413.028974] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2413.041038] loop3: detected capacity change from 0 to 512 [ 2413.059489] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2413.072130] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2413.079891] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2413.084108] EXT4-fs (loop6): get root inode failed [ 2413.085204] EXT4-fs (loop6): mount failed [ 2413.099334] EXT4-fs (loop3): get root inode failed [ 2413.100494] EXT4-fs (loop3): mount failed [ 2428.803160] loop1: detected capacity change from 0 to 512 [ 2428.818173] loop2: detected capacity change from 0 to 512 [ 2428.820918] loop5: detected capacity change from 0 to 512 [ 2428.825998] loop6: detected capacity change from 0 to 512 [ 2428.828289] loop4: detected capacity change from 0 to 512 19:26:50 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x4000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:26:50 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x86, 0x0) 19:26:50 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x8000000000000, 0x0) 19:26:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:50 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x18000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:50 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x7000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:50 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f0000", 0x16, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:26:50 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 24) [ 2428.831809] FAULT_INJECTION: forcing a failure. [ 2428.831809] name failslab, interval 1, probability 0, space 0, times 0 [ 2428.834758] CPU: 0 PID: 13030 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2428.836573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2428.839054] Call Trace: [ 2428.839615] [ 2428.840102] dump_stack_lvl+0x8b/0xb3 [ 2428.840960] should_fail.cold+0x5/0xa [ 2428.841784] ? __kernfs_new_node+0xd4/0x8b0 [ 2428.842754] should_failslab+0x5/0x10 [ 2428.843589] kmem_cache_alloc+0x5b/0x480 [ 2428.844479] __kernfs_new_node+0xd4/0x8b0 [ 2428.845399] ? kernfs_path_from_node+0x60/0x60 [ 2428.846422] ? selinux_sb_statfs+0x1ba/0x250 [ 2428.847395] ? find_held_lock+0x2c/0x110 [ 2428.848307] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2428.849517] ? shmem_statfs+0x1b3/0x3e0 [ 2428.850391] kernfs_create_dir_ns+0x9c/0x220 [ 2428.851351] internal_create_group+0x782/0xb20 [ 2428.852335] ? sysfs_remove_group+0x170/0x170 [ 2428.853308] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2428.854376] loop_configure+0xf2f/0x1a10 [ 2428.855295] lo_ioctl+0x932/0x1990 [ 2428.856059] ? __x64_sys_openat+0x13f/0x1f0 [ 2428.856991] ? loop_set_status_old+0x1b0/0x1b0 [ 2428.857949] ? avc_ss_reset+0x180/0x180 [ 2428.858858] ? __lock_acquire+0xbac/0x6120 [ 2428.859878] ? loop_set_status_old+0x1b0/0x1b0 [ 2428.860849] blkdev_ioctl+0x356/0x7f0 [ 2428.861669] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2428.862682] ? selinux_file_ioctl+0xb1/0x260 [ 2428.863628] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2428.864801] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2428.865846] __x64_sys_ioctl+0x196/0x210 [ 2428.866739] do_syscall_64+0x3b/0x90 [ 2428.867555] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2428.868676] RIP: 0033:0x7fc14228d8d7 [ 2428.869496] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2428.873554] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2428.875228] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2428.876772] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2428.878295] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2428.879836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2428.881399] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2428.882977] [ 2428.883740] loop3: detected capacity change from 0 to 512 [ 2428.892215] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2428.893889] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2428.900637] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2428.900930] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2428.919016] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2428.928005] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2428.938534] EXT4-fs (loop6): get root inode failed [ 2428.939680] EXT4-fs (loop6): mount failed [ 2429.062372] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2429.065677] EXT4-fs (loop3): get root inode failed [ 2429.066778] EXT4-fs (loop3): mount failed [ 2441.475923] loop1: detected capacity change from 0 to 512 19:27:02 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 25) 19:27:02 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1c000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:02 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x87, 0x0) 19:27:02 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:02 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x8000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:02 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x40000000000000, 0x0) 19:27:02 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x3f000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:27:02 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f0000", 0x16, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2441.495976] loop4: detected capacity change from 0 to 512 [ 2441.499977] loop2: detected capacity change from 0 to 512 [ 2441.502846] loop6: detected capacity change from 0 to 512 [ 2441.505374] FAULT_INJECTION: forcing a failure. [ 2441.505374] name failslab, interval 1, probability 0, space 0, times 0 [ 2441.506715] CPU: 1 PID: 13063 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2441.507610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2441.508803] Call Trace: [ 2441.509071] [ 2441.509310] dump_stack_lvl+0x8b/0xb3 [ 2441.509718] should_fail.cold+0x5/0xa [ 2441.510129] ? create_object.isra.0+0x3a/0xa20 [ 2441.510629] should_failslab+0x5/0x10 [ 2441.511045] kmem_cache_alloc+0x5b/0x480 [ 2441.511490] create_object.isra.0+0x3a/0xa20 [ 2441.511957] ? kasan_unpoison+0x23/0x50 [ 2441.512069] loop5: detected capacity change from 0 to 512 [ 2441.512392] kmem_cache_alloc+0x239/0x480 [ 2441.512418] __kernfs_new_node+0xd4/0x8b0 [ 2441.512442] ? kernfs_path_from_node+0x60/0x60 [ 2441.512461] ? selinux_sb_statfs+0x1ba/0x250 [ 2441.515427] ? find_held_lock+0x2c/0x110 [ 2441.515897] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2441.516477] ? shmem_statfs+0x1b3/0x3e0 [ 2441.516902] kernfs_create_dir_ns+0x9c/0x220 [ 2441.517378] internal_create_group+0x782/0xb20 [ 2441.517868] ? sysfs_remove_group+0x170/0x170 [ 2441.518350] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2441.518897] loop_configure+0xf2f/0x1a10 [ 2441.519354] lo_ioctl+0x932/0x1990 [ 2441.519734] ? __x64_sys_openat+0x13f/0x1f0 [ 2441.520194] ? loop_set_status_old+0x1b0/0x1b0 [ 2441.520682] ? avc_ss_reset+0x180/0x180 [ 2441.521135] ? __lock_acquire+0xbac/0x6120 [ 2441.521655] ? loop_set_status_old+0x1b0/0x1b0 [ 2441.522147] blkdev_ioctl+0x356/0x7f0 [ 2441.522558] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2441.523087] ? selinux_file_ioctl+0xb1/0x260 [ 2441.523580] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2441.524187] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2441.524705] __x64_sys_ioctl+0x196/0x210 [ 2441.525145] do_syscall_64+0x3b/0x90 [ 2441.525561] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2441.526124] RIP: 0033:0x7fc14228d8d7 [ 2441.526534] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2441.528532] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2441.529350] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2441.530116] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2441.530897] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2441.531676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2441.532448] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2441.533239] [ 2441.535334] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2441.537104] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem 19:27:02 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x18000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:02 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3a000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2441.560960] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2441.569531] EXT4-fs (loop6): get root inode failed [ 2441.570749] EXT4-fs (loop6): mount failed [ 2441.573495] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2441.576598] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2441.577242] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:27:02 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:02 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0xf0ffffffffffff, 0x0) [ 2441.649322] loop3: detected capacity change from 0 to 512 19:27:02 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x8cffffff, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2441.651655] loop4: detected capacity change from 0 to 512 [ 2441.661965] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2441.675469] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2441.676971] EXT4-fs (loop3): get root inode failed [ 2441.677550] EXT4-fs (loop3): mount failed 19:27:02 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000", 0x1a, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:02 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x65000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2441.709342] loop2: detected capacity change from 0 to 512 [ 2441.721081] loop1: detected capacity change from 0 to 512 19:27:02 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x1c000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2441.750194] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2441.762659] loop6: detected capacity change from 0 to 512 19:27:02 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 26) 19:27:02 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2441.790124] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2441.796872] FAULT_INJECTION: forcing a failure. [ 2441.796872] name failslab, interval 1, probability 0, space 0, times 0 [ 2441.798128] CPU: 1 PID: 13097 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2441.799055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2441.800159] Call Trace: [ 2441.800416] [ 2441.800660] dump_stack_lvl+0x8b/0xb3 [ 2441.801090] should_fail.cold+0x5/0xa [ 2441.801483] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2441.802299] ? __kernfs_new_node+0xd4/0x8b0 [ 2441.802788] should_failslab+0x5/0x10 [ 2441.803214] kmem_cache_alloc+0x5b/0x480 [ 2441.803672] __kernfs_new_node+0xd4/0x8b0 [ 2441.804137] ? kernfs_path_from_node+0x60/0x60 [ 2441.804646] ? find_held_lock+0x2c/0x110 [ 2441.805090] ? lock_release+0x3b2/0x750 [ 2441.805526] ? kernfs_add_one+0x3c6/0x550 [ 2441.805984] ? lock_downgrade+0x6d0/0x6d0 [ 2441.806442] ? lock_is_held_type+0xd7/0x130 [ 2441.806934] kernfs_new_node+0x93/0x120 [ 2441.807374] __kernfs_create_file+0x51/0x350 [ 2441.807858] sysfs_add_file_mode_ns+0x218/0x430 [ 2441.808364] ? component_del+0x4c0/0x4c0 [ 2441.808812] internal_create_group+0x322/0xb20 [ 2441.809316] ? sysfs_remove_group+0x170/0x170 [ 2441.809764] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2441.810324] loop_configure+0xf2f/0x1a10 [ 2441.810791] lo_ioctl+0x932/0x1990 [ 2441.811184] ? __x64_sys_openat+0x13f/0x1f0 [ 2441.811657] ? loop_set_status_old+0x1b0/0x1b0 [ 2441.812143] ? avc_ss_reset+0x180/0x180 [ 2441.812601] ? __lock_acquire+0xbac/0x6120 [ 2441.813106] ? loop_set_status_old+0x1b0/0x1b0 [ 2441.813605] blkdev_ioctl+0x356/0x7f0 [ 2441.814025] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2441.814530] ? selinux_file_ioctl+0xb1/0x260 [ 2441.814987] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2441.815590] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2441.816105] __x64_sys_ioctl+0x196/0x210 [ 2441.816553] do_syscall_64+0x3b/0x90 [ 2441.816962] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2441.817532] RIP: 0033:0x7fc14228d8d7 [ 2441.817935] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2441.819942] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2441.820772] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2441.821548] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2441.822315] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2441.823014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2441.823771] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2441.824551] [ 2441.829511] loop3: detected capacity change from 0 to 512 [ 2441.835799] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2441.837312] EXT4-fs (loop3): get root inode failed [ 2441.838852] EXT4-fs (loop3): mount failed [ 2441.885266] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2441.887696] EXT4-fs (loop6): get root inode failed [ 2441.888228] EXT4-fs (loop6): mount failed 19:27:03 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80040000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:03 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x3a000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:03 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000", 0x1a, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2442.027424] loop2: detected capacity change from 0 to 512 19:27:03 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x100000000000000, 0x0) 19:27:03 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2442.036853] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2442.064377] loop4: detected capacity change from 0 to 512 19:27:03 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x88, 0x0) 19:27:03 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 27) [ 2442.071680] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2442.075014] loop5: detected capacity change from 0 to 512 [ 2442.082841] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2442.117021] FAULT_INJECTION: forcing a failure. [ 2442.117021] name failslab, interval 1, probability 0, space 0, times 0 [ 2442.119500] CPU: 0 PID: 13119 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2442.121233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2442.123591] Call Trace: [ 2442.124126] [ 2442.124593] dump_stack_lvl+0x8b/0xb3 [ 2442.125405] should_fail.cold+0x5/0xa [ 2442.126207] ? create_object.isra.0+0x3a/0xa20 [ 2442.127199] should_failslab+0x5/0x10 [ 2442.128020] kmem_cache_alloc+0x5b/0x480 [ 2442.128909] create_object.isra.0+0x3a/0xa20 [ 2442.129851] ? kasan_unpoison+0x23/0x50 [ 2442.130713] kmem_cache_alloc+0x239/0x480 [ 2442.131624] __kernfs_new_node+0xd4/0x8b0 [ 2442.132522] ? kernfs_path_from_node+0x60/0x60 [ 2442.133494] ? find_held_lock+0x2c/0x110 [ 2442.134366] ? lock_release+0x3b2/0x750 [ 2442.135227] ? kernfs_add_one+0x3c6/0x550 [ 2442.136121] ? lock_downgrade+0x6d0/0x6d0 [ 2442.137016] ? lock_is_held_type+0xd7/0x130 [ 2442.137958] kernfs_new_node+0x93/0x120 [ 2442.138838] __kernfs_create_file+0x51/0x350 [ 2442.139780] sysfs_add_file_mode_ns+0x218/0x430 [ 2442.140772] ? component_del+0x4c0/0x4c0 [ 2442.141649] internal_create_group+0x322/0xb20 [ 2442.142636] ? sysfs_remove_group+0x170/0x170 [ 2442.143609] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2442.144690] loop_configure+0xf2f/0x1a10 [ 2442.145593] lo_ioctl+0x932/0x1990 [ 2442.146354] ? __x64_sys_openat+0x13f/0x1f0 [ 2442.147297] ? loop_set_status_old+0x1b0/0x1b0 [ 2442.148265] ? avc_ss_reset+0x180/0x180 [ 2442.149151] ? __lock_acquire+0xbac/0x6120 [ 2442.150141] ? loop_set_status_old+0x1b0/0x1b0 [ 2442.151112] blkdev_ioctl+0x356/0x7f0 [ 2442.151912] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2442.152906] ? selinux_file_ioctl+0xb1/0x260 [ 2442.153847] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2442.155035] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2442.156034] __x64_sys_ioctl+0x196/0x210 [ 2442.156908] do_syscall_64+0x3b/0x90 [ 2442.157700] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2442.158807] RIP: 0033:0x7fc14228d8d7 [ 2442.159592] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2442.163445] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2442.165035] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2442.166529] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2442.168039] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2442.169527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2442.171023] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2442.172540] [ 2442.182989] loop6: detected capacity change from 0 to 512 [ 2442.186349] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2442.194814] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2442.198212] EXT4-fs (loop6): get root inode failed [ 2442.199251] EXT4-fs (loop6): mount failed [ 2442.211507] loop3: detected capacity change from 0 to 512 [ 2442.240574] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2442.242360] EXT4-fs (loop3): get root inode failed [ 2442.242903] EXT4-fs (loop3): mount failed 19:27:17 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 28) 19:27:17 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xe4ffffff, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:27:17 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000", 0x1a, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:17 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280), 0x0, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:17 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x200000000000000, 0x0) 19:27:17 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x89, 0x0) 19:27:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x65000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:17 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8cffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2456.253155] FAULT_INJECTION: forcing a failure. [ 2456.253155] name failslab, interval 1, probability 0, space 0, times 0 [ 2456.256056] CPU: 0 PID: 13139 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2456.257870] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2456.260312] Call Trace: [ 2456.260861] [ 2456.261342] dump_stack_lvl+0x8b/0xb3 [ 2456.262199] should_fail.cold+0x5/0xa [ 2456.263069] ? radix_tree_node_alloc.constprop.0+0x1df/0x330 [ 2456.264298] should_failslab+0x5/0x10 [ 2456.265133] kmem_cache_alloc+0x5b/0x480 [ 2456.266014] radix_tree_node_alloc.constprop.0+0x1df/0x330 [ 2456.267240] idr_get_free+0x4b5/0x8f0 [ 2456.268086] idr_alloc_u32+0x170/0x2d0 [ 2456.268926] ? __fprop_add_percpu_max+0x1a0/0x1a0 [ 2456.269966] ? lock_acquire+0x1b2/0x530 [ 2456.270835] idr_alloc_cyclic+0x102/0x230 [ 2456.271762] ? idr_alloc+0x130/0x130 [ 2456.272558] ? rwlock_bug.part.0+0x90/0x90 [ 2456.273492] __kernfs_new_node+0x117/0x8b0 [ 2456.274420] ? kernfs_path_from_node+0x60/0x60 [ 2456.275434] ? selinux_sb_statfs+0x1ba/0x250 [ 2456.276387] ? find_held_lock+0x2c/0x110 [ 2456.277277] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2456.278464] ? shmem_statfs+0x1b3/0x3e0 [ 2456.279360] kernfs_create_dir_ns+0x9c/0x220 [ 2456.280326] internal_create_group+0x782/0xb20 [ 2456.281321] ? sysfs_remove_group+0x170/0x170 [ 2456.282292] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2456.283415] loop_configure+0xf2f/0x1a10 [ 2456.284326] lo_ioctl+0x932/0x1990 [ 2456.285087] ? __x64_sys_openat+0x13f/0x1f0 [ 2456.286015] ? loop_set_status_old+0x1b0/0x1b0 [ 2456.286986] ? avc_ss_reset+0x180/0x180 [ 2456.287902] ? __lock_acquire+0xbac/0x6120 [ 2456.288918] ? loop_set_status_old+0x1b0/0x1b0 [ 2456.289898] blkdev_ioctl+0x356/0x7f0 [ 2456.290714] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2456.291790] ? selinux_file_ioctl+0xb1/0x260 [ 2456.292748] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2456.293944] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2456.294964] __x64_sys_ioctl+0x196/0x210 [ 2456.295897] do_syscall_64+0x3b/0x90 [ 2456.296713] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2456.297831] RIP: 0033:0x7fc14228d8d7 [ 2456.298623] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2456.302556] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2456.304203] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2456.305722] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2456.307267] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2456.308781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2456.310311] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2456.311912] [ 2456.322248] loop1: detected capacity change from 0 to 512 [ 2456.326221] loop5: detected capacity change from 0 to 512 [ 2456.328354] loop6: detected capacity change from 0 to 512 [ 2456.331858] loop4: detected capacity change from 0 to 512 [ 2456.337788] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2456.348718] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2456.352108] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2456.357100] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2456.358981] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2456.365093] EXT4-fs (loop6): get root inode failed [ 2456.366202] EXT4-fs (loop6): mount failed [ 2456.380916] loop2: detected capacity change from 0 to 512 [ 2456.394645] loop3: detected capacity change from 0 to 512 [ 2456.405791] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2456.414105] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2456.416697] EXT4-fs (loop3): get root inode failed [ 2456.417646] EXT4-fs (loop3): mount failed 19:27:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x80040000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:17 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xf6ffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2470.684168] loop6: detected capacity change from 0 to 512 19:27:31 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xf6ffffff, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:27:31 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 29) 19:27:31 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x300000000000000, 0x0) 19:27:31 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x8a, 0x0) 19:27:31 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f0000000000000400", 0x1c, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:31 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x8cffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:31 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xfcfdffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:31 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280), 0x0, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2470.686924] loop5: detected capacity change from 0 to 512 [ 2470.691456] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2470.698657] loop1: detected capacity change from 0 to 512 [ 2470.702925] FAULT_INJECTION: forcing a failure. [ 2470.702925] name failslab, interval 1, probability 0, space 0, times 0 [ 2470.704247] CPU: 1 PID: 13178 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2470.705184] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2470.706472] Call Trace: [ 2470.706765] [ 2470.707023] dump_stack_lvl+0x8b/0xb3 [ 2470.707484] should_fail.cold+0x5/0xa [ 2470.707926] ? create_object.isra.0+0x3a/0xa20 [ 2470.708461] should_failslab+0x5/0x10 [ 2470.708900] kmem_cache_alloc+0x5b/0x480 [ 2470.709373] create_object.isra.0+0x3a/0xa20 [ 2470.709883] ? kasan_unpoison+0x23/0x50 [ 2470.710360] kmem_cache_alloc+0x239/0x480 [ 2470.710847] __kernfs_new_node+0xd4/0x8b0 [ 2470.711339] ? kernfs_add_one+0x3c6/0x550 [ 2470.711819] ? kernfs_path_from_node+0x60/0x60 [ 2470.712346] ? lock_is_held_type+0xd7/0x130 [ 2470.712884] ? up_write+0x148/0x460 [ 2470.713316] ? kernfs_activate+0x1c4/0x240 [ 2470.713833] kernfs_new_node+0x93/0x120 [ 2470.714316] __kernfs_create_file+0x51/0x350 [ 2470.714854] sysfs_add_file_mode_ns+0x218/0x430 [ 2470.715432] ? component_del+0x4c0/0x4c0 [ 2470.715931] internal_create_group+0x322/0xb20 [ 2470.716481] ? sysfs_remove_group+0x170/0x170 [ 2470.717013] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2470.717621] loop_configure+0xf2f/0x1a10 [ 2470.718127] lo_ioctl+0x932/0x1990 [ 2470.718560] ? __x64_sys_openat+0x13f/0x1f0 [ 2470.719071] ? loop_set_status_old+0x1b0/0x1b0 [ 2470.719629] ? avc_ss_reset+0x180/0x180 [ 2470.720099] ? __lock_acquire+0xbac/0x6120 [ 2470.720604] ? loop_set_status_old+0x1b0/0x1b0 [ 2470.721136] blkdev_ioctl+0x356/0x7f0 [ 2470.721570] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2470.722100] ? selinux_file_ioctl+0xb1/0x260 [ 2470.722606] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2470.723237] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2470.723751] __x64_sys_ioctl+0x196/0x210 [ 2470.724217] do_syscall_64+0x3b/0x90 [ 2470.724642] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2470.725224] RIP: 0033:0x7fc14228d8d7 [ 2470.725644] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2470.727738] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2470.728019] loop2: detected capacity change from 0 to 512 [ 2470.728594] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2470.728604] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2470.728613] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2470.728622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2470.728631] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2470.728655] [ 2470.737803] loop4: detected capacity change from 0 to 512 [ 2470.742860] EXT4-fs (loop6): corrupt root inode, run e2fsck [ 2470.743562] EXT4-fs (loop6): mount failed [ 2470.747248] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2470.749721] loop3: detected capacity change from 0 to 512 [ 2470.759607] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2470.761977] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:27:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xf6ffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2470.798038] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2470.813584] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2470.821470] EXT4-fs (loop3): get root inode failed [ 2470.821968] EXT4-fs (loop3): mount failed 19:27:32 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xfeffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:32 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f0000000000000400", 0x1c, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:32 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280), 0x0, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:32 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x400000000000000, 0x0) [ 2470.915729] loop6: detected capacity change from 0 to 512 [ 2470.926362] loop4: detected capacity change from 0 to 512 [ 2470.930681] loop2: detected capacity change from 0 to 512 [ 2470.933129] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2470.938464] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2470.942042] EXT4-fs (loop6): corrupt root inode, run e2fsck [ 2470.943602] EXT4-fs (loop6): mount failed [ 2470.952461] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:27:48 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 30) [ 2487.034217] loop6: detected capacity change from 0 to 512 19:27:48 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f0000000000000400", 0x1c, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:48 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xfcfdffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:48 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xfffffdfc, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:48 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x8b, 0x0) 19:27:48 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xfbffffff, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:27:48 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000da", 0x2d, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:48 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x1800000000000000, 0x0) [ 2487.053081] FAULT_INJECTION: forcing a failure. [ 2487.053081] name failslab, interval 1, probability 0, space 0, times 0 [ 2487.055415] CPU: 0 PID: 13222 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2487.055588] loop4: detected capacity change from 0 to 512 [ 2487.057109] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2487.057128] Call Trace: 19:27:48 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xfeffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2487.057136] [ 2487.060997] dump_stack_lvl+0x8b/0xb3 [ 2487.061804] should_fail.cold+0x5/0xa [ 2487.062589] ? __kernfs_new_node+0xd4/0x8b0 [ 2487.063494] should_failslab+0x5/0x10 [ 2487.064281] kmem_cache_alloc+0x5b/0x480 [ 2487.065129] __kernfs_new_node+0xd4/0x8b0 [ 2487.065950] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2487.065985] ? kernfs_add_one+0x3c6/0x550 [ 2487.067392] ? kernfs_path_from_node+0x60/0x60 [ 2487.068341] ? lock_is_held_type+0xd7/0x130 [ 2487.069238] ? up_write+0x148/0x460 [ 2487.069962] ? kernfs_activate+0x1c4/0x240 [ 2487.070824] kernfs_new_node+0x93/0x120 [ 2487.071655] __kernfs_create_file+0x51/0x350 [ 2487.072533] sysfs_add_file_mode_ns+0x218/0x430 [ 2487.073463] ? component_del+0x4c0/0x4c0 [ 2487.074279] internal_create_group+0x322/0xb20 [ 2487.075197] ? sysfs_remove_group+0x170/0x170 [ 2487.076105] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2487.077114] loop_configure+0xf2f/0x1a10 [ 2487.077988] lo_ioctl+0x932/0x1990 [ 2487.078698] ? __x64_sys_openat+0x13f/0x1f0 [ 2487.079592] ? loop_set_status_old+0x1b0/0x1b0 [ 2487.080501] ? avc_ss_reset+0x180/0x180 [ 2487.081334] ? __lock_acquire+0xbac/0x6120 [ 2487.081653] loop2: detected capacity change from 0 to 512 [ 2487.082268] ? loop_set_status_old+0x1b0/0x1b0 [ 2487.083631] blkdev_ioctl+0x356/0x7f0 [ 2487.084398] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2487.085346] ? selinux_file_ioctl+0xb1/0x260 [ 2487.086238] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2487.087348] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2487.088300] __x64_sys_ioctl+0x196/0x210 [ 2487.089126] do_syscall_64+0x3b/0x90 [ 2487.089873] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2487.090906] RIP: 0033:0x7fc14228d8d7 [ 2487.091663] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2487.095298] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2487.096809] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2487.098214] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2487.099633] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2487.101034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2487.102442] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2487.103890] 19:27:48 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xffffff8c, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2487.117992] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2487.128266] loop1: detected capacity change from 0 to 512 [ 2487.130303] loop5: detected capacity change from 0 to 512 19:27:48 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000da", 0x2d, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2487.141997] EXT4-fs (loop6): corrupt root inode, run e2fsck [ 2487.146163] EXT4-fs (loop6): mount failed 19:27:48 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xfffffff6, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:27:48 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xfffffdfc, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2487.165507] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2487.167805] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2487.173523] loop3: detected capacity change from 0 to 512 [ 2487.185493] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2487.187807] EXT4-fs (loop3): get root inode failed [ 2487.188306] EXT4-fs (loop3): mount failed [ 2487.196610] loop4: detected capacity change from 0 to 512 [ 2487.218185] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 19:27:48 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2487.248506] loop6: detected capacity change from 0 to 512 [ 2487.253525] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2487.258477] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2487.262608] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2487.265790] EXT4-fs (loop6): get root inode failed [ 2487.266312] EXT4-fs (loop6): mount failed 19:27:48 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffe, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:03 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 31) 19:28:03 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xffffff8c, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:03 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x8c, 0x0) 19:28:03 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2502.204263] loop5: detected capacity change from 0 to 512 [ 2502.213144] loop6: detected capacity change from 0 to 512 19:28:03 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xfeffffff, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:28:03 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:03 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0xed41000000000000, 0x0) 19:28:03 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000da", 0x2d, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2502.233178] FAULT_INJECTION: forcing a failure. [ 2502.233178] name failslab, interval 1, probability 0, space 0, times 0 [ 2502.234397] CPU: 0 PID: 13271 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2502.235270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2502.236457] Call Trace: [ 2502.236727] [ 2502.236961] dump_stack_lvl+0x8b/0xb3 [ 2502.237373] should_fail.cold+0x5/0xa [ 2502.237779] ? create_object.isra.0+0x3a/0xa20 [ 2502.238264] should_failslab+0x5/0x10 [ 2502.238675] kmem_cache_alloc+0x5b/0x480 [ 2502.239112] create_object.isra.0+0x3a/0xa20 [ 2502.239582] ? kasan_unpoison+0x23/0x50 [ 2502.240017] kmem_cache_alloc+0x239/0x480 [ 2502.240463] __kernfs_new_node+0xd4/0x8b0 [ 2502.240907] ? kernfs_add_one+0x3c6/0x550 [ 2502.241344] ? kernfs_path_from_node+0x60/0x60 [ 2502.241829] ? lock_is_held_type+0xd7/0x130 [ 2502.242301] ? up_write+0x148/0x460 [ 2502.242686] ? kernfs_activate+0x1c4/0x240 [ 2502.243153] kernfs_new_node+0x93/0x120 [ 2502.243603] __kernfs_create_file+0x51/0x350 [ 2502.244113] sysfs_add_file_mode_ns+0x218/0x430 [ 2502.244624] ? component_del+0x4c0/0x4c0 [ 2502.245073] internal_create_group+0x322/0xb20 [ 2502.245571] ? sysfs_remove_group+0x170/0x170 [ 2502.246043] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2502.246598] loop_configure+0xf2f/0x1a10 [ 2502.247062] lo_ioctl+0x932/0x1990 [ 2502.247450] ? __x64_sys_openat+0x13f/0x1f0 [ 2502.247912] ? loop_set_status_old+0x1b0/0x1b0 [ 2502.248414] ? avc_ss_reset+0x180/0x180 [ 2502.248866] ? __lock_acquire+0xbac/0x6120 [ 2502.249355] ? loop_set_status_old+0x1b0/0x1b0 [ 2502.249852] blkdev_ioctl+0x356/0x7f0 [ 2502.250271] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2502.250786] ? selinux_file_ioctl+0xb1/0x260 [ 2502.251268] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2502.251877] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2502.252391] __x64_sys_ioctl+0x196/0x210 [ 2502.252842] do_syscall_64+0x3b/0x90 [ 2502.253257] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2502.253822] RIP: 0033:0x7fc14228d8d7 [ 2502.254229] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2502.256250] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2502.257075] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2502.257846] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2502.258621] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2502.259396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2502.260185] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2502.260979] [ 2502.263764] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2502.269846] loop1: detected capacity change from 0 to 512 19:28:03 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xfffffff6, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2502.277273] loop4: detected capacity change from 0 to 512 [ 2502.281321] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2502.282935] EXT4-fs (loop6): get root inode failed [ 2502.283482] loop2: detected capacity change from 0 to 512 [ 2502.284355] EXT4-fs (loop6): mount failed [ 2502.289726] loop3: detected capacity change from 0 to 512 [ 2502.291605] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2502.300800] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2502.305260] EXT4-fs (loop3): get root inode failed [ 2502.306585] EXT4-fs (loop3): mount failed [ 2502.314443] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2502.318008] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2502.337444] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:28:03 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x8d, 0x0) 19:28:03 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x7ffffffffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:03 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2502.389043] loop6: detected capacity change from 0 to 512 [ 2502.394457] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2502.412196] loop5: detected capacity change from 0 to 512 [ 2502.415134] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2502.417455] EXT4-fs (loop6): get root inode failed [ 2502.418045] EXT4-fs (loop6): mount failed 19:28:03 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0xf6ffffff00000000, 0x0) 19:28:03 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f", 0x44, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:03 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffe, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2502.450673] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:28:03 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 32) [ 2502.495103] loop4: detected capacity change from 0 to 512 [ 2502.503457] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2502.523220] loop2: detected capacity change from 0 to 512 19:28:03 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:03 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2502.529253] EXT4-fs error (device loop4): __ext4_fill_super:5311: inode #2: comm syz-executor.4: iget: root inode unallocated [ 2502.532186] EXT4-fs (loop4): get root inode failed [ 2502.533410] EXT4-fs (loop4): mount failed [ 2502.550750] FAULT_INJECTION: forcing a failure. [ 2502.550750] name failslab, interval 1, probability 0, space 0, times 0 [ 2502.553119] CPU: 1 PID: 13309 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2502.554839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2502.557195] Call Trace: [ 2502.557728] [ 2502.558193] dump_stack_lvl+0x8b/0xb3 [ 2502.559006] should_fail.cold+0x5/0xa [ 2502.559831] ? __kernfs_new_node+0xd4/0x8b0 [ 2502.560750] should_failslab+0x5/0x10 [ 2502.561555] kmem_cache_alloc+0x5b/0x480 [ 2502.562427] __kernfs_new_node+0xd4/0x8b0 [ 2502.563306] ? kernfs_add_one+0x3c6/0x550 [ 2502.564192] ? kernfs_path_from_node+0x60/0x60 [ 2502.565164] ? lock_is_held_type+0xd7/0x130 [ 2502.566090] ? up_write+0x148/0x460 [ 2502.566866] ? kernfs_activate+0x1c4/0x240 [ 2502.567783] kernfs_new_node+0x93/0x120 [ 2502.568654] __kernfs_create_file+0x51/0x350 [ 2502.569583] sysfs_add_file_mode_ns+0x218/0x430 [ 2502.570576] ? component_del+0x4c0/0x4c0 [ 2502.571445] internal_create_group+0x322/0xb20 [ 2502.572452] ? sysfs_remove_group+0x170/0x170 [ 2502.573410] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2502.574494] loop_configure+0xf2f/0x1a10 [ 2502.575387] lo_ioctl+0x932/0x1990 [ 2502.576140] ? __x64_sys_openat+0x13f/0x1f0 [ 2502.577086] ? loop_set_status_old+0x1b0/0x1b0 [ 2502.578043] ? avc_ss_reset+0x180/0x180 [ 2502.578913] ? __lock_acquire+0xbac/0x6120 [ 2502.579925] ? loop_set_status_old+0x1b0/0x1b0 [ 2502.580890] blkdev_ioctl+0x356/0x7f0 [ 2502.581695] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2502.582706] ? selinux_file_ioctl+0xb1/0x260 [ 2502.583648] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2502.584833] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2502.585834] __x64_sys_ioctl+0x196/0x210 [ 2502.586711] do_syscall_64+0x3b/0x90 [ 2502.587506] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2502.588613] RIP: 0033:0x7fc14228d8d7 [ 2502.589394] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2502.593261] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2502.594861] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2502.596375] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2502.597867] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2502.599364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2502.600870] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2502.602407] [ 2502.610412] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:28:03 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x1000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2502.657904] loop6: detected capacity change from 0 to 512 19:28:03 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x8e, 0x0) [ 2502.683165] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2502.708608] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2502.709638] EXT4-fs (loop6): group descriptors corrupted! [ 2502.770014] loop5: detected capacity change from 0 to 512 [ 2502.778794] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2502.864469] loop3: detected capacity change from 0 to 512 [ 2502.874544] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2502.876450] EXT4-fs (loop3): get root inode failed [ 2502.876999] EXT4-fs (loop3): mount failed 19:28:19 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x20000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:19 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0xff00000000000000, 0x0) 19:28:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f", 0x44, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:19 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xff0f0000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:28:19 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 33) 19:28:19 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x7ffffffffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:19 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:19 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x8f, 0x0) [ 2518.792018] loop6: detected capacity change from 0 to 512 [ 2518.794158] loop1: detected capacity change from 0 to 512 [ 2518.798936] FAULT_INJECTION: forcing a failure. [ 2518.798936] name failslab, interval 1, probability 0, space 0, times 0 [ 2518.801215] CPU: 0 PID: 13333 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2518.802853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2518.805108] Call Trace: [ 2518.805616] [ 2518.806064] dump_stack_lvl+0x8b/0xb3 [ 2518.806838] should_fail.cold+0x5/0xa [ 2518.807614] ? create_object.isra.0+0x3a/0xa20 [ 2518.808554] should_failslab+0x5/0x10 [ 2518.809313] kmem_cache_alloc+0x5b/0x480 [ 2518.809647] loop2: detected capacity change from 0 to 512 [ 2518.810144] create_object.isra.0+0x3a/0xa20 [ 2518.812122] ? kasan_unpoison+0x23/0x50 [ 2518.812929] kmem_cache_alloc+0x239/0x480 [ 2518.813779] __kernfs_new_node+0xd4/0x8b0 [ 2518.814628] ? kernfs_add_one+0x3c6/0x550 [ 2518.815467] ? kernfs_path_from_node+0x60/0x60 [ 2518.816416] ? lock_is_held_type+0xd7/0x130 [ 2518.816519] loop5: detected capacity change from 0 to 512 [ 2518.817303] ? up_write+0x148/0x460 [ 2518.817330] ? kernfs_activate+0x1c4/0x240 [ 2518.819965] kernfs_new_node+0x93/0x120 [ 2518.820788] __kernfs_create_file+0x51/0x350 [ 2518.821670] sysfs_add_file_mode_ns+0x218/0x430 [ 2518.822605] ? component_del+0x4c0/0x4c0 [ 2518.823426] internal_create_group+0x322/0xb20 [ 2518.824363] ? sysfs_remove_group+0x170/0x170 [ 2518.825274] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2518.826297] loop_configure+0xf2f/0x1a10 [ 2518.827146] lo_ioctl+0x932/0x1990 [ 2518.827849] ? __x64_sys_openat+0x13f/0x1f0 [ 2518.828723] ? loop_set_status_old+0x1b0/0x1b0 [ 2518.829620] ? avc_ss_reset+0x180/0x180 [ 2518.830457] ? __lock_acquire+0xbac/0x6120 [ 2518.831384] ? loop_set_status_old+0x1b0/0x1b0 [ 2518.832305] blkdev_ioctl+0x356/0x7f0 [ 2518.833058] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2518.833994] ? selinux_file_ioctl+0xb1/0x260 [ 2518.834880] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2518.835993] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2518.836944] __x64_sys_ioctl+0x196/0x210 [ 2518.837770] do_syscall_64+0x3b/0x90 [ 2518.838535] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2518.839573] RIP: 0033:0x7fc14228d8d7 [ 2518.840321] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2518.843977] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2518.845486] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2518.846905] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2518.848329] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2518.849742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2518.851149] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2518.852595] [ 2518.862617] loop4: detected capacity change from 0 to 512 [ 2518.864667] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2518.869628] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2518.871507] EXT4-fs (loop6): group descriptors corrupted! [ 2518.876303] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2518.894130] EXT4-fs error (device loop4): __ext4_fill_super:5311: inode #2: comm syz-executor.4: iget: root inode unallocated [ 2518.899694] EXT4-fs (loop4): get root inode failed [ 2518.900813] EXT4-fs (loop4): mount failed [ 2518.904632] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2518.908058] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2518.912390] loop3: detected capacity change from 0 to 512 19:28:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x8000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2518.975614] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2518.981472] EXT4-fs (loop3): get root inode failed [ 2518.982538] EXT4-fs (loop3): mount failed 19:28:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x100000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2519.065641] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2519.083648] loop6: detected capacity change from 0 to 512 [ 2519.088569] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2519.097601] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2519.099540] EXT4-fs (loop6): group descriptors corrupted! 19:28:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f", 0x44, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:20 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 34) 19:28:20 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0xfffffffffffff000, 0x0) 19:28:20 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x90, 0x0) [ 2519.174163] loop4: detected capacity change from 0 to 512 [ 2519.193217] loop2: detected capacity change from 0 to 512 [ 2519.204539] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2519.241649] loop5: detected capacity change from 0 to 512 [ 2519.242145] EXT4-fs error (device loop4): __ext4_fill_super:5311: inode #2: comm syz-executor.4: iget: root inode unallocated [ 2519.256142] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2519.271662] EXT4-fs (loop4): get root inode failed [ 2519.272900] EXT4-fs (loop4): mount failed [ 2519.277462] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2519.287243] FAULT_INJECTION: forcing a failure. [ 2519.287243] name failslab, interval 1, probability 0, space 0, times 0 [ 2519.289524] CPU: 0 PID: 13372 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2519.291168] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2519.293406] Call Trace: [ 2519.293912] [ 2519.294356] dump_stack_lvl+0x8b/0xb3 [ 2519.295130] should_fail.cold+0x5/0xa [ 2519.295889] ? create_object.isra.0+0x3a/0xa20 [ 2519.296815] should_failslab+0x5/0x10 [ 2519.297588] kmem_cache_alloc+0x5b/0x480 [ 2519.298427] create_object.isra.0+0x3a/0xa20 [ 2519.299311] ? kasan_unpoison+0x23/0x50 [ 2519.300128] kmem_cache_alloc+0x239/0x480 [ 2519.300979] __kernfs_new_node+0xd4/0x8b0 [ 2519.301829] ? kernfs_add_one+0x3c6/0x550 [ 2519.302676] ? kernfs_path_from_node+0x60/0x60 [ 2519.303607] ? lock_is_held_type+0xd7/0x130 [ 2519.304513] ? up_write+0x148/0x460 [ 2519.305243] ? kernfs_activate+0x1c4/0x240 [ 2519.306116] kernfs_new_node+0x93/0x120 [ 2519.306930] __kernfs_create_file+0x51/0x350 [ 2519.307802] sysfs_add_file_mode_ns+0x218/0x430 [ 2519.308749] ? component_del+0x4c0/0x4c0 [ 2519.309565] internal_create_group+0x322/0xb20 [ 2519.310504] ? sysfs_remove_group+0x170/0x170 [ 2519.311420] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2519.312440] loop_configure+0xf2f/0x1a10 [ 2519.313307] lo_ioctl+0x932/0x1990 [ 2519.314021] ? __x64_sys_openat+0x13f/0x1f0 [ 2519.314875] ? loop_set_status_old+0x1b0/0x1b0 [ 2519.315790] ? avc_ss_reset+0x180/0x180 [ 2519.316625] ? __lock_acquire+0xbac/0x6120 [ 2519.317575] ? loop_set_status_old+0x1b0/0x1b0 [ 2519.318474] blkdev_ioctl+0x356/0x7f0 [ 2519.319238] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2519.320197] ? selinux_file_ioctl+0xb1/0x260 [ 2519.321094] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2519.322208] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2519.323166] __x64_sys_ioctl+0x196/0x210 [ 2519.324020] do_syscall_64+0x3b/0x90 [ 2519.324778] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2519.325831] RIP: 0033:0x7fc14228d8d7 [ 2519.326577] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2519.330260] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2519.331781] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2519.333226] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2519.334650] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2519.336079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2519.337507] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2519.338957] [ 2519.347514] loop3: detected capacity change from 0 to 512 [ 2519.371112] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2519.377744] EXT4-fs (loop3): get root inode failed [ 2519.378715] EXT4-fs (loop3): mount failed 19:28:37 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x91, 0x0) 19:28:37 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:37 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 35) 19:28:37 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f0000000000000000010000", 0x4f, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:37 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:37 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x20000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:37 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xffffff8c, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:28:37 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x2) [ 2536.010070] loop1: detected capacity change from 0 to 512 [ 2536.025563] loop2: detected capacity change from 0 to 512 [ 2536.027179] loop5: detected capacity change from 0 to 512 [ 2536.029049] loop6: detected capacity change from 0 to 512 [ 2536.043845] loop4: detected capacity change from 0 to 512 [ 2536.045129] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2536.051143] FAULT_INJECTION: forcing a failure. [ 2536.051143] name failslab, interval 1, probability 0, space 0, times 0 [ 2536.053411] CPU: 1 PID: 13400 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2536.055050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2536.056267] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2536.057296] Call Trace: [ 2536.057307] [ 2536.057317] dump_stack_lvl+0x8b/0xb3 [ 2536.060492] should_fail.cold+0x5/0xa [ 2536.061266] ? create_object.isra.0+0x3a/0xa20 [ 2536.062188] should_failslab+0x5/0x10 [ 2536.062950] kmem_cache_alloc+0x5b/0x480 [ 2536.062979] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2536.063777] create_object.isra.0+0x3a/0xa20 [ 2536.066148] ? kasan_unpoison+0x23/0x50 [ 2536.066944] kmem_cache_alloc+0x239/0x480 [ 2536.067787] __kernfs_new_node+0xd4/0x8b0 [ 2536.068634] ? kernfs_add_one+0x3c6/0x550 [ 2536.069465] ? kernfs_path_from_node+0x60/0x60 [ 2536.070387] ? lock_is_held_type+0xd7/0x130 [ 2536.071265] ? up_write+0x148/0x460 [ 2536.071391] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2536.071980] ? kernfs_activate+0x1c4/0x240 [ 2536.073786] EXT4-fs (loop6): group descriptors corrupted! [ 2536.074586] kernfs_new_node+0x93/0x120 [ 2536.076640] __kernfs_create_file+0x51/0x350 [ 2536.077512] sysfs_add_file_mode_ns+0x218/0x430 [ 2536.078431] ? component_del+0x4c0/0x4c0 [ 2536.079256] internal_create_group+0x322/0xb20 [ 2536.080177] ? sysfs_remove_group+0x170/0x170 [ 2536.081075] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2536.082079] loop_configure+0xf2f/0x1a10 [ 2536.082917] lo_ioctl+0x932/0x1990 [ 2536.083619] ? __x64_sys_openat+0x13f/0x1f0 [ 2536.084493] ? loop_set_status_old+0x1b0/0x1b0 [ 2536.085391] ? avc_ss_reset+0x180/0x180 [ 2536.086213] ? __lock_acquire+0xbac/0x6120 [ 2536.087134] ? loop_set_status_old+0x1b0/0x1b0 [ 2536.087715] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2536.088035] blkdev_ioctl+0x356/0x7f0 [ 2536.090532] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2536.091466] ? selinux_file_ioctl+0xb1/0x260 [ 2536.092354] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2536.093449] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2536.094386] __x64_sys_ioctl+0x196/0x210 [ 2536.095205] do_syscall_64+0x3b/0x90 [ 2536.095949] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2536.096993] RIP: 0033:0x7fc14228d8d7 [ 2536.097721] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2536.101357] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2536.102850] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2536.104268] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2536.105674] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2536.107077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2536.108491] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2536.109940] [ 2536.147900] EXT4-fs (loop4): invalid first ino: 0 19:28:37 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x300000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:37 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2536.223778] loop3: detected capacity change from 0 to 512 [ 2536.240024] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2536.242989] EXT4-fs (loop3): get root inode failed [ 2536.244251] EXT4-fs (loop3): mount failed [ 2536.247682] loop6: detected capacity change from 0 to 512 19:28:37 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x100000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:37 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x3) 19:28:37 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f0000000000000000010000", 0x4f, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2536.301194] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2536.313051] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2536.314914] EXT4-fs (loop6): group descriptors corrupted! [ 2536.403057] loop4: detected capacity change from 0 to 512 [ 2536.414318] loop2: detected capacity change from 0 to 512 [ 2536.425691] EXT4-fs (loop4): invalid first ino: 0 [ 2536.451218] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:28:50 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x92, 0x0) 19:28:50 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:50 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xffffffe4, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:28:50 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2549.676433] FAULT_INJECTION: forcing a failure. [ 2549.676433] name failslab, interval 1, probability 0, space 0, times 0 [ 2549.677843] CPU: 1 PID: 13431 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2549.678852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2549.680318] Call Trace: [ 2549.680603] [ 2549.680841] dump_stack_lvl+0x8b/0xb3 [ 2549.681245] should_fail.cold+0x5/0xa [ 2549.681791] ? __kernfs_new_node+0xd4/0x8b0 [ 2549.682302] should_failslab+0x5/0x10 [ 2549.682724] kmem_cache_alloc+0x5b/0x480 [ 2549.683266] __kernfs_new_node+0xd4/0x8b0 [ 2549.683726] ? kernfs_add_one+0x3c6/0x550 [ 2549.684275] ? kernfs_path_from_node+0x60/0x60 [ 2549.684784] ? lock_is_held_type+0xd7/0x130 [ 2549.685258] ? up_write+0x148/0x460 [ 2549.685648] ? kernfs_activate+0x1c4/0x240 [ 2549.686114] kernfs_new_node+0x93/0x120 [ 2549.686547] __kernfs_create_file+0x51/0x350 [ 2549.687018] sysfs_add_file_mode_ns+0x218/0x430 [ 2549.687517] ? component_del+0x4c0/0x4c0 [ 2549.687953] internal_create_group+0x322/0xb20 [ 2549.688454] ? sysfs_remove_group+0x170/0x170 [ 2549.688923] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2549.689458] loop_configure+0xf2f/0x1a10 [ 2549.689902] lo_ioctl+0x932/0x1990 [ 2549.690271] ? __x64_sys_openat+0x13f/0x1f0 [ 2549.690742] ? loop_set_status_old+0x1b0/0x1b0 [ 2549.691212] ? avc_ss_reset+0x180/0x180 [ 2549.691671] ? __lock_acquire+0xbac/0x6120 [ 2549.692281] ? loop_set_status_old+0x1b0/0x1b0 [ 2549.692782] blkdev_ioctl+0x356/0x7f0 [ 2549.693178] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2549.693663] ? selinux_file_ioctl+0xb1/0x260 [ 2549.694267] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2549.694839] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2549.695335] __x64_sys_ioctl+0x196/0x210 [ 2549.695765] do_syscall_64+0x3b/0x90 [ 2549.696154] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2549.696736] RIP: 0033:0x7fc14228d8d7 [ 2549.697213] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2549.699360] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2549.700171] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2549.701018] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2549.701765] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2549.702618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2549.704428] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2549.706385] [ 2549.731294] loop6: detected capacity change from 0 to 512 [ 2549.736615] loop4: detected capacity change from 0 to 512 [ 2549.750237] loop1: detected capacity change from 0 to 512 [ 2549.752448] loop5: detected capacity change from 0 to 512 19:28:50 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 36) 19:28:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f0000000000000000010000", 0x4f, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:50 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x4) 19:28:50 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x200000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2549.766444] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2549.776101] EXT4-fs (loop4): invalid first ino: 0 [ 2549.780492] loop2: detected capacity change from 0 to 512 [ 2549.787718] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2549.790121] EXT4-fs (loop6): group descriptors corrupted! [ 2549.833078] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2549.836587] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2549.843884] loop3: detected capacity change from 0 to 512 [ 2549.855702] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2549.882881] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2549.885895] EXT4-fs (loop3): get root inode failed [ 2549.887134] EXT4-fs (loop3): mount failed 19:28:51 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x500000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:51 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b", 0x55, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:51 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 37) 19:28:51 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x300000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:51 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300), 0x0, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2550.011581] loop4: detected capacity change from 0 to 512 [ 2550.020087] EXT4-fs (loop4): unsupported inode size: 0 [ 2550.021502] EXT4-fs (loop4): blocksize: 2048 19:28:51 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x93, 0x0) 19:28:51 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x8) [ 2550.060200] FAULT_INJECTION: forcing a failure. [ 2550.060200] name failslab, interval 1, probability 0, space 0, times 0 [ 2550.062790] CPU: 0 PID: 13461 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2550.064724] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2550.067246] Call Trace: [ 2550.067818] [ 2550.068316] dump_stack_lvl+0x8b/0xb3 [ 2550.069212] should_fail.cold+0x5/0xa [ 2550.070074] ? create_object.isra.0+0x3a/0xa20 [ 2550.071108] should_failslab+0x5/0x10 [ 2550.071970] kmem_cache_alloc+0x5b/0x480 [ 2550.072914] create_object.isra.0+0x3a/0xa20 [ 2550.073908] ? kasan_unpoison+0x23/0x50 [ 2550.074814] kmem_cache_alloc+0x239/0x480 [ 2550.075771] __kernfs_new_node+0xd4/0x8b0 [ 2550.076736] ? kernfs_add_one+0x3c6/0x550 [ 2550.077673] ? kernfs_path_from_node+0x60/0x60 [ 2550.078710] ? lock_is_held_type+0xd7/0x130 [ 2550.079698] ? up_write+0x148/0x460 [ 2550.080520] ? kernfs_activate+0x1c4/0x240 [ 2550.081485] kernfs_new_node+0x93/0x120 [ 2550.082392] __kernfs_create_file+0x51/0x350 [ 2550.083376] sysfs_add_file_mode_ns+0x218/0x430 [ 2550.084424] ? component_del+0x4c0/0x4c0 [ 2550.085345] internal_create_group+0x322/0xb20 [ 2550.086383] ? sysfs_remove_group+0x170/0x170 [ 2550.087389] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2550.088536] loop_configure+0xf2f/0x1a10 [ 2550.089489] lo_ioctl+0x932/0x1990 [ 2550.090276] ? __x64_sys_openat+0x13f/0x1f0 [ 2550.091231] ? loop_set_status_old+0x1b0/0x1b0 [ 2550.092229] ? avc_ss_reset+0x180/0x180 [ 2550.093153] ? __lock_acquire+0xbac/0x6120 [ 2550.094188] ? loop_set_status_old+0x1b0/0x1b0 [ 2550.095193] blkdev_ioctl+0x356/0x7f0 [ 2550.096032] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2550.097079] ? selinux_file_ioctl+0xb1/0x260 [ 2550.098061] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2550.099284] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2550.099660] loop6: detected capacity change from 0 to 512 [ 2550.100326] __x64_sys_ioctl+0x196/0x210 [ 2550.102316] do_syscall_64+0x3b/0x90 [ 2550.103150] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2550.104312] RIP: 0033:0x7fc14228d8d7 [ 2550.105136] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2550.109130] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2550.110777] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2550.112323] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2550.113891] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2550.115438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2550.117005] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2550.118580] [ 2550.122213] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem 19:28:51 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b", 0x55, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2550.138579] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2550.140551] EXT4-fs (loop6): group descriptors corrupted! [ 2550.154286] loop5: detected capacity change from 0 to 512 19:28:51 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:51 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x600000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2550.212018] loop2: detected capacity change from 0 to 512 [ 2550.235240] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2550.258248] loop3: detected capacity change from 0 to 512 [ 2550.292888] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2550.294550] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2550.299488] EXT4-fs (loop3): get root inode failed [ 2550.300607] EXT4-fs (loop3): mount failed 19:28:51 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xfffffff6, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:28:51 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300), 0x0, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:51 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 38) 19:28:51 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b", 0x55, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:28:51 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x500000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2550.442877] loop6: detected capacity change from 0 to 512 [ 2550.447169] loop3: detected capacity change from 0 to 512 [ 2550.452883] FAULT_INJECTION: forcing a failure. [ 2550.452883] name failslab, interval 1, probability 0, space 0, times 0 [ 2550.455167] CPU: 1 PID: 13483 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2550.456832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2550.459079] Call Trace: [ 2550.459592] [ 2550.460040] dump_stack_lvl+0x8b/0xb3 [ 2550.460827] should_fail.cold+0x5/0xa [ 2550.461593] ? getname_flags.part.0+0x50/0x4f0 [ 2550.462511] should_failslab+0x5/0x10 [ 2550.463277] kmem_cache_alloc+0x5b/0x480 [ 2550.464108] getname_flags.part.0+0x50/0x4f0 [ 2550.465020] __x64_sys_mkdir+0xda/0x140 [ 2550.465829] do_syscall_64+0x3b/0x90 [ 2550.466586] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2550.467625] RIP: 0033:0x7fc14228cc27 [ 2550.468379] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2550.472022] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2550.473561] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2550.474978] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2550.476411] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2550.477829] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2550.479245] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2550.480693] [ 2550.482933] loop1: detected capacity change from 0 to 512 [ 2550.494068] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2550.502117] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2550.504082] EXT4-fs (loop6): group descriptors corrupted! [ 2550.507254] loop4: detected capacity change from 0 to 512 [ 2550.519511] EXT4-fs (loop4): unsupported inode size: 0 [ 2550.520853] EXT4-fs (loop4): blocksize: 2048 [ 2550.527701] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2563.446382] FAULT_INJECTION: forcing a failure. [ 2563.446382] name failslab, interval 1, probability 0, space 0, times 0 [ 2563.448918] CPU: 1 PID: 13499 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2563.450697] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2563.453230] Call Trace: [ 2563.453797] [ 2563.454264] dump_stack_lvl+0x8b/0xb3 [ 2563.455091] should_fail.cold+0x5/0xa [ 2563.455304] loop4: detected capacity change from 0 to 512 [ 2563.455926] ? create_object.isra.0+0x3a/0xa20 [ 2563.457545] should_failslab+0x5/0x10 [ 2563.458369] kmem_cache_alloc+0x5b/0x480 [ 2563.459248] create_object.isra.0+0x3a/0xa20 [ 2563.460188] ? kasan_unpoison+0x23/0x50 [ 2563.461098] kmem_cache_alloc+0x239/0x480 [ 2563.462253] __kernfs_new_node+0xd4/0x8b0 [ 2563.463425] ? kernfs_add_one+0x3c6/0x550 [ 2563.464590] ? kernfs_path_from_node+0x60/0x60 [ 2563.465645] ? lock_is_held_type+0xd7/0x130 [ 2563.466575] ? up_write+0x148/0x460 [ 2563.467344] ? kernfs_activate+0x1c4/0x240 [ 2563.468271] kernfs_new_node+0x93/0x120 [ 2563.469149] __kernfs_create_file+0x51/0x350 [ 2563.469411] loop6: detected capacity change from 0 to 512 [ 2563.470084] sysfs_add_file_mode_ns+0x218/0x430 [ 2563.471687] ? component_del+0x4c0/0x4c0 [ 2563.472576] internal_create_group+0x322/0xb20 [ 2563.473555] ? sysfs_remove_group+0x170/0x170 [ 2563.474514] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2563.475594] loop_configure+0xf2f/0x1a10 [ 2563.476511] lo_ioctl+0x932/0x1990 [ 2563.477272] ? __x64_sys_openat+0x13f/0x1f0 [ 2563.478181] ? loop_set_status_old+0x1b0/0x1b0 [ 2563.479128] ? avc_ss_reset+0x180/0x180 [ 2563.480018] ? __lock_acquire+0xbac/0x6120 [ 2563.481016] ? loop_set_status_old+0x1b0/0x1b0 [ 2563.481984] blkdev_ioctl+0x356/0x7f0 [ 2563.482809] ? blkdev_common_ioctl+0x16d0/0x16d0 19:29:04 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xfffffffb, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:29:04 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 39) 19:29:04 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x94, 0x0) 19:29:04 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b000000", 0x58, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:04 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x18) 19:29:04 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x700000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300), 0x0, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x600000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2563.483819] ? selinux_file_ioctl+0xb1/0x260 [ 2563.484962] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2563.486181] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2563.487179] __x64_sys_ioctl+0x196/0x210 [ 2563.488061] do_syscall_64+0x3b/0x90 [ 2563.488874] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2563.489990] RIP: 0033:0x7fc14228d8d7 [ 2563.490756] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2563.494518] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2563.496083] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2563.497557] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2563.499022] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2563.500503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2563.502004] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2563.503505] 19:29:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x700000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2563.517243] loop5: detected capacity change from 0 to 512 [ 2563.521586] EXT4-fs (loop4): unsupported inode size: 0 [ 2563.522199] EXT4-fs (loop4): blocksize: 2048 [ 2563.523034] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2563.524307] loop1: detected capacity change from 0 to 512 [ 2563.532664] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2563.533683] EXT4-fs (loop6): group descriptors corrupted! [ 2563.534773] loop2: detected capacity change from 0 to 512 [ 2563.561743] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2563.562725] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:29:04 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b000000", 0x58, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x800000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2563.580907] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2563.603147] loop4: detected capacity change from 0 to 512 [ 2563.606928] loop3: detected capacity change from 0 to 512 [ 2563.608562] EXT4-fs (loop4): unsupported inode size: 0 [ 2563.609138] EXT4-fs (loop4): blocksize: 2048 [ 2563.624892] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2563.626514] EXT4-fs (loop3): get root inode failed [ 2563.627052] EXT4-fs (loop3): mount failed [ 2576.918781] loop5: detected capacity change from 0 to 512 [ 2576.919095] loop2: detected capacity change from 0 to 512 [ 2576.926881] loop4: detected capacity change from 0 to 512 [ 2576.932122] loop6: detected capacity change from 0 to 512 [ 2576.933769] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2576.935887] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2576.936872] EXT4-fs (loop6): group descriptors corrupted! 19:29:18 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xf0) 19:29:18 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="0200000003", 0x5, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:18 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x95, 0x0) 19:29:18 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xfffffffe, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:29:18 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 40) 19:29:18 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b000000", 0x58, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:18 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x1800000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:18 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x800000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2576.937545] EXT4-fs (loop4): unsupported inode size: 0 [ 2576.938405] EXT4-fs (loop4): blocksize: 2048 [ 2576.952549] loop3: detected capacity change from 0 to 512 [ 2576.953208] FAULT_INJECTION: forcing a failure. [ 2576.953208] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2576.954477] CPU: 1 PID: 13547 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2576.955354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2576.956557] Call Trace: [ 2576.956852] [ 2576.957091] dump_stack_lvl+0x8b/0xb3 [ 2576.957511] should_fail.cold+0x5/0xa [ 2576.957935] strncpy_from_user+0x34/0x3d0 [ 2576.958386] getname_flags.part.0+0x95/0x4f0 [ 2576.958861] __x64_sys_mkdir+0xda/0x140 [ 2576.959296] do_syscall_64+0x3b/0x90 [ 2576.959713] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2576.960279] RIP: 0033:0x7fc14228cc27 [ 2576.960667] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2576.962620] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2576.963422] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2576.964183] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2576.964974] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2576.965750] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2576.966518] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2576.967313] [ 2576.968069] loop1: detected capacity change from 0 to 512 [ 2576.981894] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2576.997008] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:29:18 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1800000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:18 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b00000000", 0x59, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2577.040173] loop4: detected capacity change from 0 to 512 [ 2577.045502] EXT4-fs (loop4): unsupported inode size: 0 [ 2577.046088] EXT4-fs (loop4): blocksize: 2048 [ 2577.051322] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:29:18 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x1c00000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:18 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="0200000003", 0x5, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:18 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x3a00000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:18 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b00000000", 0x59, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:18 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1c00000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:18 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x300) [ 2577.184404] loop6: detected capacity change from 0 to 512 [ 2577.187582] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2577.191488] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2577.192541] EXT4-fs (loop6): group descriptors corrupted! 19:29:18 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 41) [ 2577.227607] loop4: detected capacity change from 0 to 512 [ 2577.237656] loop3: detected capacity change from 0 to 512 [ 2577.239425] FAULT_INJECTION: forcing a failure. [ 2577.239425] name failslab, interval 1, probability 0, space 0, times 0 [ 2577.240868] CPU: 1 PID: 13570 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2577.241751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2577.242528] EXT4-fs (loop4): unsupported inode size: 0 [ 2577.242927] Call Trace: [ 2577.243848] EXT4-fs (loop4): blocksize: 2048 [ 2577.244084] [ 2577.245067] dump_stack_lvl+0x8b/0xb3 [ 2577.245489] should_fail.cold+0x5/0xa [ 2577.245898] should_failslab+0x5/0x10 [ 2577.246311] kmem_cache_alloc_lru+0x60/0x7c0 [ 2577.246787] ? __d_alloc+0x31/0x990 [ 2577.247173] ? __d_lookup+0x42c/0x780 [ 2577.247579] __d_alloc+0x31/0x990 [ 2577.247947] d_alloc+0x46/0x1c0 [ 2577.248297] __lookup_hash+0xc8/0x190 [ 2577.248706] filename_create+0x184/0x480 [ 2577.249146] ? filename_parentat+0x5a0/0x5a0 [ 2577.249629] ? lock_downgrade+0x6d0/0x6d0 [ 2577.250091] ? __virt_addr_valid+0xe9/0x350 [ 2577.250570] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2577.251129] ? is_vmalloc_addr+0x7b/0xb0 [ 2577.251577] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2577.252186] do_mkdirat+0x92/0x2e0 [ 2577.252586] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2577.253203] ? do_file_open_root+0x590/0x590 [ 2577.253699] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2577.254312] ? getname_flags.part.0+0x1dd/0x4f0 [ 2577.254824] __x64_sys_mkdir+0xf2/0x140 [ 2577.255268] do_syscall_64+0x3b/0x90 [ 2577.255684] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2577.256265] RIP: 0033:0x7fc14228cc27 [ 2577.256675] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2577.258706] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2577.259535] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2577.260326] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2577.261119] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2577.261895] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2577.262688] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2577.263479] [ 2577.293623] loop2: detected capacity change from 0 to 512 [ 2577.332825] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2591.081862] FAULT_INJECTION: forcing a failure. [ 2591.081862] name failslab, interval 1, probability 0, space 0, times 0 [ 2591.084169] CPU: 0 PID: 13587 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2591.085173] loop1: detected capacity change from 0 to 512 19:29:32 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x8000000000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:29:32 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x96, 0x0) 19:29:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x6500000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:32 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b00000000", 0x59, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:32 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3a00000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:32 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 42) 19:29:32 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x1800) 19:29:32 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="0200000003", 0x5, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2591.085826] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2591.085845] Call Trace: [ 2591.085855] [ 2591.089819] dump_stack_lvl+0x8b/0xb3 [ 2591.090598] should_fail.cold+0x5/0xa [ 2591.091376] ? __kernfs_new_node+0xd4/0x8b0 [ 2591.092264] should_failslab+0x5/0x10 [ 2591.093054] kmem_cache_alloc+0x5b/0x480 [ 2591.093891] __kernfs_new_node+0xd4/0x8b0 [ 2591.094731] ? kernfs_add_one+0x3c6/0x550 [ 2591.095579] ? kernfs_path_from_node+0x60/0x60 [ 2591.096516] ? lock_is_held_type+0xd7/0x130 [ 2591.097427] ? up_write+0x148/0x460 [ 2591.098159] ? kernfs_activate+0x1c4/0x240 [ 2591.099025] kernfs_new_node+0x93/0x120 [ 2591.099939] __kernfs_create_file+0x51/0x350 [ 2591.101046] sysfs_add_file_mode_ns+0x218/0x430 [ 2591.102463] ? component_del+0x4c0/0x4c0 [ 2591.103721] internal_create_group+0x322/0xb20 [ 2591.105124] ? sysfs_remove_group+0x170/0x170 [ 2591.106456] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 2591.107989] loop_configure+0xf2f/0x1a10 [ 2591.109216] lo_ioctl+0x932/0x1990 [ 2591.110068] ? __x64_sys_openat+0x13f/0x1f0 [ 2591.111095] ? loop_set_status_old+0x1b0/0x1b0 [ 2591.112175] ? avc_ss_reset+0x180/0x180 [ 2591.113170] ? __lock_acquire+0xbac/0x6120 [ 2591.114276] ? loop_set_status_old+0x1b0/0x1b0 [ 2591.115351] blkdev_ioctl+0x356/0x7f0 [ 2591.116247] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2591.117402] ? selinux_file_ioctl+0xb1/0x260 [ 2591.118456] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2591.119765] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 2591.120903] __x64_sys_ioctl+0x196/0x210 [ 2591.121897] do_syscall_64+0x3b/0x90 [ 2591.122795] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2591.124018] RIP: 0033:0x7fc14228d8d7 [ 2591.124966] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2591.129228] RSP: 002b:00007fc13f802f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2591.131034] RAX: ffffffffffffffda RBX: 00007fc1422d7970 RCX: 00007fc14228d8d7 [ 2591.132695] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2591.134380] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 2591.136077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2591.137776] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2591.139481] [ 2591.147779] loop2: detected capacity change from 0 to 512 [ 2591.153524] loop6: detected capacity change from 0 to 512 [ 2591.162900] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2591.163722] loop4: detected capacity change from 0 to 512 [ 2591.166324] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2591.167245] loop5: detected capacity change from 0 to 512 [ 2591.168558] EXT4-fs (loop6): group descriptors corrupted! [ 2591.170883] loop3: detected capacity change from 0 to 512 [ 2591.171747] EXT4-fs (loop4): unsupported inode size: 0 [ 2591.172758] EXT4-fs (loop4): blocksize: 2048 19:29:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x8004000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2591.186844] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2591.204540] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2591.206266] EXT4-fs (loop3): get root inode failed [ 2591.206825] EXT4-fs (loop3): mount failed [ 2591.215479] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2591.225942] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:29:32 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="02000000030000", 0x7, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:32 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x6500000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2591.266319] loop6: detected capacity change from 0 to 512 [ 2591.283288] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem 19:29:32 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 43) 19:29:32 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:32 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x4000) [ 2591.298542] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2591.299794] EXT4-fs (loop6): group descriptors corrupted! 19:29:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x8cffffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2591.352173] loop2: detected capacity change from 0 to 512 [ 2591.361465] loop3: detected capacity change from 0 to 512 [ 2591.373843] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2591.374758] FAULT_INJECTION: forcing a failure. [ 2591.374758] name failslab, interval 1, probability 0, space 0, times 0 [ 2591.377607] CPU: 0 PID: 13615 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2591.379452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2591.381958] Call Trace: [ 2591.382519] [ 2591.383019] dump_stack_lvl+0x8b/0xb3 [ 2591.383887] should_fail.cold+0x5/0xa [ 2591.384738] should_failslab+0x5/0x10 [ 2591.385624] kmem_cache_alloc_lru+0x60/0x7c0 [ 2591.386607] ? ext4_alloc_inode+0x24/0x640 [ 2591.387571] ? lock_downgrade+0x6d0/0x6d0 [ 2591.388520] ? ext4_quota_read+0x2e0/0x2e0 [ 2591.389690] ext4_alloc_inode+0x24/0x640 [ 2591.390673] ? ext4_quota_read+0x2e0/0x2e0 [ 2591.391605] alloc_inode+0x63/0x240 [ 2591.392436] new_inode+0x23/0x240 [ 2591.393238] __ext4_new_inode+0x335/0x5620 [ 2591.394200] ? lock_downgrade+0x6d0/0x6d0 [ 2591.395142] ? ext4_mark_inode_used+0x14a0/0x14a0 [ 2591.396236] ? selinux_determine_inode_label+0x1b6/0x340 [ 2591.397462] ? ext4_mkdir+0x6c3/0xb20 [ 2591.398314] ext4_mkdir+0x33a/0xb20 [ 2591.399148] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2591.400231] ? inode_permission.part.0+0xb5/0x670 [ 2591.401311] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2591.402793] vfs_mkdir+0x1d0/0x3c0 [ 2591.403589] do_mkdirat+0x17b/0x2e0 [ 2591.404560] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2591.405803] ? do_file_open_root+0x590/0x590 [ 2591.406981] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2591.408173] ? getname_flags.part.0+0x1dd/0x4f0 [ 2591.409410] __x64_sys_mkdir+0xf2/0x140 [ 2591.410279] do_syscall_64+0x3b/0x90 [ 2591.411257] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2591.412391] RIP: 0033:0x7fc14228cc27 [ 2591.413367] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2591.417286] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2591.419259] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2591.420787] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2591.422330] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2591.423852] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2591.425386] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2591.426933] 19:29:32 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="02000000030000", 0x7, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2591.477147] loop4: detected capacity change from 0 to 512 [ 2591.482036] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2591.515526] loop6: detected capacity change from 0 to 512 [ 2591.518868] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2591.521100] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2591.522106] EXT4-fs (loop6): group descriptors corrupted! 19:29:51 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="02000000030000", 0x7, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:51 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8004000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:51 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x97, 0x0) 19:29:51 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x20000000000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:29:51 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:51 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 44) 19:29:51 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xf6ffffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:51 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x41ed) [ 2610.751273] loop3: detected capacity change from 0 to 512 [ 2610.751948] FAULT_INJECTION: forcing a failure. [ 2610.751948] name failslab, interval 1, probability 0, space 0, times 0 [ 2610.752121] loop4: detected capacity change from 0 to 512 [ 2610.753155] CPU: 1 PID: 13638 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2610.753170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2610.753180] Call Trace: [ 2610.753185] [ 2610.753191] dump_stack_lvl+0x8b/0xb3 [ 2610.753228] should_fail.cold+0x5/0xa [ 2610.757777] ? getname_flags.part.0+0x50/0x4f0 [ 2610.758260] should_failslab+0x5/0x10 [ 2610.758672] kmem_cache_alloc+0x5b/0x480 [ 2610.759116] getname_flags.part.0+0x50/0x4f0 [ 2610.759586] __x64_sys_mkdir+0xda/0x140 [ 2610.760015] do_syscall_64+0x3b/0x90 [ 2610.760419] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2610.760987] RIP: 0033:0x7fc14228cc27 [ 2610.761404] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2610.763365] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2610.764177] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2610.764948] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2610.765717] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2610.766493] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2610.767254] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2610.768044] [ 2610.769651] loop6: detected capacity change from 0 to 512 [ 2610.770063] loop2: detected capacity change from 0 to 512 [ 2610.771359] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2610.772524] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2610.773570] EXT4-fs (loop6): group descriptors corrupted! [ 2610.775937] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2610.777254] loop1: detected capacity change from 0 to 512 [ 2610.787963] loop5: detected capacity change from 0 to 512 19:29:52 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8cffffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:52 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 45) 19:29:52 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2610.838153] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2610.847215] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2610.852364] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:29:52 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x98, 0x0) 19:29:52 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xed41) 19:29:52 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="0200000003000000", 0x8, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:52 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xfcfdffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2610.970240] loop3: detected capacity change from 0 to 512 [ 2610.970998] FAULT_INJECTION: forcing a failure. [ 2610.970998] name failslab, interval 1, probability 0, space 0, times 0 [ 2610.972192] CPU: 1 PID: 13660 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2610.973070] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2610.974276] Call Trace: [ 2610.974550] [ 2610.974788] dump_stack_lvl+0x8b/0xb3 [ 2610.975211] should_fail.cold+0x5/0xa [ 2610.975622] ? security_inode_alloc+0x34/0x160 [ 2610.976122] should_failslab+0x5/0x10 [ 2610.976533] kmem_cache_alloc+0x5b/0x480 [ 2610.976982] security_inode_alloc+0x34/0x160 [ 2610.977469] inode_init_always+0x5d8/0xd20 [ 2610.977928] alloc_inode+0x84/0x240 [ 2610.978319] new_inode+0x23/0x240 [ 2610.978690] __ext4_new_inode+0x335/0x5620 [ 2610.979145] ? lock_downgrade+0x6d0/0x6d0 [ 2610.979611] ? ext4_mark_inode_used+0x14a0/0x14a0 [ 2610.980146] ? selinux_determine_inode_label+0x1b6/0x340 [ 2610.980737] ? ext4_mkdir+0x6c3/0xb20 [ 2610.981151] ext4_mkdir+0x33a/0xb20 [ 2610.981567] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2610.982045] ? inode_permission.part.0+0xb5/0x670 [ 2610.982568] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2610.983176] vfs_mkdir+0x1d0/0x3c0 [ 2610.983568] do_mkdirat+0x17b/0x2e0 [ 2610.983968] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2610.984564] ? do_file_open_root+0x590/0x590 [ 2610.985044] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2610.985652] ? getname_flags.part.0+0x1dd/0x4f0 [ 2610.986174] __x64_sys_mkdir+0xf2/0x140 [ 2610.986614] do_syscall_64+0x3b/0x90 [ 2610.987030] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2610.987591] RIP: 0033:0x7fc14228cc27 [ 2610.987994] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2610.989972] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2610.990792] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2610.991554] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2610.992312] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2610.993077] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2610.993857] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2610.994640] [ 2610.999256] loop4: detected capacity change from 0 to 512 [ 2611.011299] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2611.019930] loop5: detected capacity change from 0 to 512 19:29:52 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xf6ffffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2611.046826] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2611.053644] loop6: detected capacity change from 0 to 512 [ 2611.072620] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2611.083394] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2611.085395] EXT4-fs (loop6): group descriptors corrupted! 19:29:52 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, 0x0) 19:29:52 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xfeffffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:52 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="0200000003000000", 0x8, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2611.186659] loop2: detected capacity change from 0 to 512 [ 2611.213857] loop4: detected capacity change from 0 to 512 [ 2611.239688] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:29:52 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x100000000000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:29:52 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x99, 0x0) 19:29:52 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xfcfdffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:29:52 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, 0x0) 19:29:52 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xfeffffffffffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2611.340540] loop1: detected capacity change from 0 to 512 19:29:52 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xf000) [ 2611.345786] loop6: detected capacity change from 0 to 512 [ 2611.377045] loop2: detected capacity change from 0 to 512 [ 2611.379313] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2611.389580] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2611.394690] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2611.396626] EXT4-fs (loop6): group descriptors corrupted! [ 2611.398456] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2611.432502] loop5: detected capacity change from 0 to 512 [ 2611.441882] loop4: detected capacity change from 0 to 512 [ 2611.469243] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:30:06 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 46) 19:30:06 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xff00) 19:30:06 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x9a, 0x0) 19:30:06 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x200000000000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:30:06 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xffffffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:06 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="0200000003000000", 0x8, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:06 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, 0x0) 19:30:06 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xfeffffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2625.277198] loop4: detected capacity change from 0 to 512 [ 2625.308394] loop1: detected capacity change from 0 to 512 [ 2625.314873] loop5: detected capacity change from 0 to 512 [ 2625.316652] loop2: detected capacity change from 0 to 512 [ 2625.323782] loop3: detected capacity change from 0 to 512 [ 2625.329541] FAULT_INJECTION: forcing a failure. [ 2625.329541] name failslab, interval 1, probability 0, space 0, times 0 [ 2625.331044] CPU: 0 PID: 13717 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2625.332112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2625.333575] Call Trace: [ 2625.333902] [ 2625.334188] dump_stack_lvl+0x8b/0xb3 [ 2625.334698] should_fail.cold+0x5/0xa [ 2625.335199] ? create_object.isra.0+0x3a/0xa20 [ 2625.335797] should_failslab+0x5/0x10 [ 2625.336290] kmem_cache_alloc+0x5b/0x480 [ 2625.336828] create_object.isra.0+0x3a/0xa20 [ 2625.337276] loop6: detected capacity change from 0 to 512 [ 2625.337394] ? kasan_unpoison+0x23/0x50 [ 2625.337432] kmem_cache_alloc+0x239/0x480 [ 2625.337461] security_inode_alloc+0x34/0x160 [ 2625.340241] inode_init_always+0x5d8/0xd20 [ 2625.340808] alloc_inode+0x84/0x240 [ 2625.341290] new_inode+0x23/0x240 [ 2625.341771] __ext4_new_inode+0x335/0x5620 [ 2625.342343] ? lock_downgrade+0x6d0/0x6d0 [ 2625.342915] ? ext4_mark_inode_used+0x14a0/0x14a0 [ 2625.343570] ? selinux_determine_inode_label+0x1b6/0x340 [ 2625.344300] ? ext4_mkdir+0x6c3/0xb20 [ 2625.344813] ext4_mkdir+0x33a/0xb20 [ 2625.345306] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2625.345906] ? inode_permission.part.0+0xb5/0x670 [ 2625.346552] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2625.347292] vfs_mkdir+0x1d0/0x3c0 [ 2625.347764] do_mkdirat+0x17b/0x2e0 [ 2625.348259] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2625.348961] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2625.348997] ? do_file_open_root+0x590/0x590 [ 2625.351173] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2625.351901] ? getname_flags.part.0+0x1dd/0x4f0 [ 2625.352517] __x64_sys_mkdir+0xf2/0x140 [ 2625.353031] do_syscall_64+0x3b/0x90 [ 2625.353540] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2625.354221] RIP: 0033:0x7fc14228cc27 [ 2625.354704] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2625.357079] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2625.358080] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2625.359008] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2625.359929] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2625.360861] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2625.361808] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2625.362743] [ 2625.375244] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2625.376047] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2625.378443] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:30:06 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xfeffffffffffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2625.401862] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2625.404185] EXT4-fs (loop6): group descriptors corrupted! [ 2625.538624] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2625.540401] EXT4-fs (loop3): get root inode failed [ 2625.540930] EXT4-fs (loop3): mount failed 19:30:20 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x400000000000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:30:20 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x9b, 0x0) 19:30:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xffffffffffff0700, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xffffffff00000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2639.348233] loop2: detected capacity change from 0 to 512 [ 2639.351218] loop1: detected capacity change from 0 to 512 19:30:20 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x80000) 19:30:20 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 47) 19:30:20 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x9a, 0x0) [ 2639.354583] loop5: detected capacity change from 0 to 512 [ 2639.359107] loop6: detected capacity change from 0 to 512 [ 2639.374004] loop4: detected capacity change from 0 to 512 19:30:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2639.382467] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2639.389747] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2639.391792] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2639.394487] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2639.397823] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2639.399614] EXT4-fs (loop6): group descriptors corrupted! [ 2639.406200] loop3: detected capacity change from 0 to 512 [ 2639.411391] FAULT_INJECTION: forcing a failure. [ 2639.411391] name failslab, interval 1, probability 0, space 0, times 0 [ 2639.412459] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2639.413685] CPU: 1 PID: 13758 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2639.416002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2639.418209] Call Trace: [ 2639.418717] [ 2639.419153] dump_stack_lvl+0x8b/0xb3 [ 2639.419922] should_fail.cold+0x5/0xa [ 2639.420674] ? jbd2__journal_start+0x18c/0x8d0 [ 2639.421578] should_failslab+0x5/0x10 [ 2639.422361] kmem_cache_alloc+0x5b/0x480 [ 2639.423181] jbd2__journal_start+0x18c/0x8d0 [ 2639.424048] __ext4_journal_start_sb+0x392/0x470 [ 2639.424982] __ext4_new_inode+0x2f46/0x5620 [ 2639.425875] ? ext4_mark_inode_used+0x14a0/0x14a0 [ 2639.426846] ? selinux_determine_inode_label+0x1b6/0x340 [ 2639.427920] ? ext4_mkdir+0x6c3/0xb20 [ 2639.428681] ext4_mkdir+0x33a/0xb20 [ 2639.429419] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2639.430291] ? inode_permission.part.0+0xb5/0x670 [ 2639.431245] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2639.432346] vfs_mkdir+0x1d0/0x3c0 [ 2639.433053] do_mkdirat+0x17b/0x2e0 [ 2639.433791] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2639.434925] ? do_file_open_root+0x590/0x590 [ 2639.435897] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2639.437105] ? getname_flags.part.0+0x1dd/0x4f0 [ 2639.438142] __x64_sys_mkdir+0xf2/0x140 [ 2639.439021] do_syscall_64+0x3b/0x90 [ 2639.439852] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2639.440997] RIP: 0033:0x7fc14228cc27 [ 2639.441821] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2639.445450] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2639.446930] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2639.448328] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2639.449729] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2639.451183] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 19:30:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xffffffffffff0700, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2639.452736] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2639.454452] [ 2639.455043] EXT4-fs error (device sda) in __ext4_new_inode:1085: Out of memory 19:30:35 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 48) 19:30:35 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x9c, 0x0) 19:30:35 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:35 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x3f00000000000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:30:35 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2654.603707] loop1: detected capacity change from 0 to 512 [ 2654.613599] loop5: detected capacity change from 0 to 512 19:30:35 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffe, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:35 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x96, 0x0) 19:30:35 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x400000) [ 2654.633913] loop3: detected capacity change from 0 to 512 [ 2654.639506] loop4: detected capacity change from 0 to 512 [ 2654.641231] FAULT_INJECTION: forcing a failure. [ 2654.641231] name failslab, interval 1, probability 0, space 0, times 0 [ 2654.643985] CPU: 0 PID: 13775 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2654.646005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2654.648642] Call Trace: [ 2654.649150] [ 2654.649592] dump_stack_lvl+0x8b/0xb3 [ 2654.650377] should_fail.cold+0x5/0xa [ 2654.651136] ? create_object.isra.0+0x3a/0xa20 [ 2654.652046] should_failslab+0x5/0x10 [ 2654.652803] kmem_cache_alloc+0x5b/0x480 [ 2654.653624] create_object.isra.0+0x3a/0xa20 [ 2654.654502] ? kasan_unpoison+0x23/0x50 [ 2654.655301] kmem_cache_alloc+0x239/0x480 [ 2654.656137] jbd2__journal_start+0x18c/0x8d0 [ 2654.657014] __ext4_journal_start_sb+0x392/0x470 [ 2654.657971] __ext4_new_inode+0x2f46/0x5620 [ 2654.658865] ? ext4_mark_inode_used+0x14a0/0x14a0 [ 2654.659838] ? selinux_determine_inode_label+0x1b6/0x340 [ 2654.660913] ? ext4_mkdir+0x6c3/0xb20 [ 2654.661672] ext4_mkdir+0x33a/0xb20 [ 2654.662420] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2654.663283] ? inode_permission.part.0+0xb5/0x670 [ 2654.664232] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2654.665324] vfs_mkdir+0x1d0/0x3c0 [ 2654.666040] do_mkdirat+0x17b/0x2e0 [ 2654.666761] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2654.667848] ? do_file_open_root+0x590/0x590 [ 2654.668719] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2654.669798] ? getname_flags.part.0+0x1dd/0x4f0 [ 2654.670744] __x64_sys_mkdir+0xf2/0x140 [ 2654.671539] do_syscall_64+0x3b/0x90 [ 2654.672275] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2654.673295] RIP: 0033:0x7fc14228cc27 [ 2654.674026] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2654.677583] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2654.679061] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2654.680442] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2654.681817] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2654.683211] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2654.684594] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2654.686005] [ 2654.699049] loop2: detected capacity change from 0 to 512 [ 2654.702867] loop6: detected capacity change from 0 to 512 [ 2654.718814] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2654.724257] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2654.726196] EXT4-fs (loop6): group descriptors corrupted! [ 2654.739005] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2654.740494] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2654.750546] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2654.755031] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:30:35 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:36 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:36 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x8cffffff00000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2654.894289] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2654.897247] EXT4-fs (loop3): get root inode failed [ 2654.898471] EXT4-fs (loop3): mount failed [ 2654.918902] loop1: detected capacity change from 0 to 512 19:30:36 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:36 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xf0ffff) 19:30:36 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:36 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x9d, 0x0) 19:30:36 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x400000000000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2654.998757] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2655.021005] loop2: detected capacity change from 0 to 512 [ 2655.023951] loop6: detected capacity change from 0 to 512 19:30:36 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 49) [ 2655.048710] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem 19:30:36 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2655.052189] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2655.054064] EXT4-fs (loop6): group descriptors corrupted! [ 2655.061366] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2655.092271] loop5: detected capacity change from 0 to 512 19:30:36 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2655.121066] loop4: detected capacity change from 0 to 512 [ 2655.159454] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2655.166715] loop3: detected capacity change from 0 to 512 [ 2655.174041] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2655.181622] FAULT_INJECTION: forcing a failure. 19:30:36 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2655.181622] name failslab, interval 1, probability 0, space 0, times 0 [ 2655.184469] CPU: 1 PID: 13825 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2655.186144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2655.188404] Call Trace: [ 2655.188915] [ 2655.189367] dump_stack_lvl+0x8b/0xb3 [ 2655.190159] should_fail.cold+0x5/0xa [ 2655.190938] should_failslab+0x5/0x10 [ 2655.191712] __kmalloc_track_caller+0x79/0x430 [ 2655.192644] ? sidtab_sid2str_get+0x17c/0x650 [ 2655.193554] kmemdup+0x23/0x50 [ 2655.194225] sidtab_sid2str_get+0x17c/0x650 [ 2655.195097] sidtab_entry_to_string+0x33/0x110 [ 2655.196025] security_sid_to_context_core+0x337/0x560 [ 2655.197073] selinux_inode_init_security+0x4c2/0x6b0 [ 2655.198116] ? selinux_dentry_init_security+0x2c0/0x2c0 [ 2655.199198] ? posix_acl_fix_xattr_userns+0x390/0x390 [ 2655.200237] ? lock_is_held_type+0xd7/0x130 [ 2655.201131] ? find_held_lock+0x2c/0x110 [ 2655.201973] security_inode_init_security+0x151/0x350 [ 2655.203017] ? ext4_init_acl+0x310/0x310 [ 2655.203838] ? inode_free_by_rcu+0x20/0x20 [ 2655.204708] ? chksum_update+0x4c/0xb0 [ 2655.205524] __ext4_new_inode+0x39c8/0x5620 [ 2655.206447] ? ext4_mark_inode_used+0x14a0/0x14a0 [ 2655.207456] ? ext4_mkdir+0x6c3/0xb20 [ 2655.208238] ext4_mkdir+0x33a/0xb20 [ 2655.209000] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2655.209894] ? inode_permission.part.0+0xb5/0x670 [ 2655.210869] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2655.211986] vfs_mkdir+0x1d0/0x3c0 [ 2655.212709] do_mkdirat+0x17b/0x2e0 [ 2655.213448] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2655.214577] ? do_file_open_root+0x590/0x590 [ 2655.215481] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2655.216589] ? getname_flags.part.0+0x1dd/0x4f0 [ 2655.217526] __x64_sys_mkdir+0xf2/0x140 [ 2655.218340] do_syscall_64+0x3b/0x90 [ 2655.219097] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2655.220149] RIP: 0033:0x7fc14228cc27 [ 2655.220897] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2655.224587] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2655.226127] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2655.227576] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2655.228984] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2655.230425] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2655.231851] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 19:30:36 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2655.233299] [ 2655.256264] loop6: detected capacity change from 0 to 512 19:30:36 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x1000000) [ 2655.276363] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 2655.347188] loop2: detected capacity change from 0 to 512 19:30:36 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:36 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xfffffffe, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:30:36 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2655.437366] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:30:36 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2655.560355] loop4: detected capacity change from 0 to 512 [ 2655.563003] loop6: detected capacity change from 0 to 512 [ 2655.574050] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2655.588652] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 19:30:36 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 50) 19:30:36 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xe4ffffff00000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:30:36 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2655.658163] loop3: detected capacity change from 0 to 512 19:30:36 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x2000000) [ 2655.669975] FAULT_INJECTION: forcing a failure. [ 2655.669975] name failslab, interval 1, probability 0, space 0, times 0 [ 2655.672259] CPU: 1 PID: 13848 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2655.673912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2655.676157] Call Trace: [ 2655.676670] [ 2655.677121] dump_stack_lvl+0x8b/0xb3 [ 2655.677901] should_fail.cold+0x5/0xa [ 2655.678668] ? create_object.isra.0+0x3a/0xa20 [ 2655.679595] should_failslab+0x5/0x10 [ 2655.680365] kmem_cache_alloc+0x5b/0x480 [ 2655.681205] create_object.isra.0+0x3a/0xa20 [ 2655.682113] ? kasan_unpoison+0x23/0x50 [ 2655.682919] __kmalloc_track_caller+0x25e/0x430 [ 2655.683859] ? sidtab_sid2str_get+0x17c/0x650 [ 2655.684774] kmemdup+0x23/0x50 [ 2655.685424] sidtab_sid2str_get+0x17c/0x650 [ 2655.686311] sidtab_entry_to_string+0x33/0x110 [ 2655.687234] security_sid_to_context_core+0x337/0x560 [ 2655.688291] selinux_inode_init_security+0x4c2/0x6b0 [ 2655.689329] ? selinux_dentry_init_security+0x2c0/0x2c0 [ 2655.690414] ? posix_acl_fix_xattr_userns+0x390/0x390 [ 2655.691466] ? lock_is_held_type+0xd7/0x130 [ 2655.692333] ? find_held_lock+0x2c/0x110 [ 2655.693164] security_inode_init_security+0x151/0x350 [ 2655.694215] ? ext4_init_acl+0x310/0x310 [ 2655.695033] ? inode_free_by_rcu+0x20/0x20 [ 2655.695904] ? chksum_update+0x4c/0xb0 [ 2655.696715] __ext4_new_inode+0x39c8/0x5620 [ 2655.697626] ? ext4_mark_inode_used+0x14a0/0x14a0 [ 2655.698641] ? ext4_mkdir+0x6c3/0xb20 [ 2655.699427] ext4_mkdir+0x33a/0xb20 [ 2655.700188] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2655.701076] ? inode_permission.part.0+0xb5/0x670 [ 2655.702078] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2655.703208] vfs_mkdir+0x1d0/0x3c0 [ 2655.703932] do_mkdirat+0x17b/0x2e0 [ 2655.704674] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2655.705795] ? do_file_open_root+0x590/0x590 [ 2655.706690] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2655.707796] ? getname_flags.part.0+0x1dd/0x4f0 [ 2655.708747] __x64_sys_mkdir+0xf2/0x140 [ 2655.709571] do_syscall_64+0x3b/0x90 [ 2655.710342] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2655.711394] RIP: 0033:0x7fc14228cc27 [ 2655.712133] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2655.715815] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2655.717332] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2655.718756] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2655.720186] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2655.721610] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2655.723050] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2655.724509] [ 2655.726059] loop1: detected capacity change from 0 to 512 [ 2655.776112] loop2: detected capacity change from 0 to 512 [ 2655.782157] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2655.802279] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2655.805442] EXT4-fs (loop3): get root inode failed [ 2655.806537] EXT4-fs (loop3): mount failed [ 2655.831553] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2667.907596] loop5: detected capacity change from 0 to 512 19:30:49 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:49 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x9e, 0x0) 19:30:49 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:49 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xf, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:49 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xfffffffe, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:30:49 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xf6ffffff00000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:30:49 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x3000000) 19:30:49 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 51) [ 2667.914370] loop6: detected capacity change from 0 to 512 [ 2667.922550] loop3: detected capacity change from 0 to 512 [ 2667.925815] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 2667.928499] loop2: detected capacity change from 0 to 512 [ 2667.933694] FAULT_INJECTION: forcing a failure. [ 2667.933694] name failslab, interval 1, probability 0, space 0, times 0 [ 2667.935096] loop1: detected capacity change from 0 to 512 [ 2667.935986] CPU: 0 PID: 13870 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2667.938083] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2667.940300] Call Trace: [ 2667.940805] [ 2667.941245] dump_stack_lvl+0x8b/0xb3 [ 2667.942010] should_fail.cold+0x5/0xa [ 2667.942785] should_failslab+0x5/0x10 [ 2667.943539] __kmalloc_track_caller+0x79/0x430 [ 2667.944446] ? sidtab_sid2str_get+0x17c/0x650 [ 2667.945333] kmemdup+0x23/0x50 [ 2667.945974] sidtab_sid2str_get+0x17c/0x650 [ 2667.946868] sidtab_entry_to_string+0x33/0x110 [ 2667.947773] security_sid_to_context_core+0x337/0x560 [ 2667.948793] selinux_inode_init_security+0x4c2/0x6b0 [ 2667.949797] ? selinux_dentry_init_security+0x2c0/0x2c0 [ 2667.950855] ? posix_acl_fix_xattr_userns+0x390/0x390 [ 2667.951869] ? lock_is_held_type+0xd7/0x130 [ 2667.952730] ? find_held_lock+0x2c/0x110 [ 2667.953541] security_inode_init_security+0x151/0x350 [ 2667.954565] ? ext4_init_acl+0x310/0x310 [ 2667.955364] ? inode_free_by_rcu+0x20/0x20 [ 2667.956207] ? chksum_update+0x4c/0xb0 [ 2667.957002] __ext4_new_inode+0x39c8/0x5620 [ 2667.957886] ? ext4_mark_inode_used+0x14a0/0x14a0 [ 2667.958897] ? ext4_mkdir+0x6c3/0xb20 [ 2667.959659] ext4_mkdir+0x33a/0xb20 [ 2667.960404] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2667.961262] ? inode_permission.part.0+0xb5/0x670 [ 2667.962229] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2667.963316] vfs_mkdir+0x1d0/0x3c0 [ 2667.964027] do_mkdirat+0x17b/0x2e0 [ 2667.964746] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2667.965837] ? do_file_open_root+0x590/0x590 [ 2667.966729] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2667.967813] ? getname_flags.part.0+0x1dd/0x4f0 [ 2667.968736] __x64_sys_mkdir+0xf2/0x140 [ 2667.969531] do_syscall_64+0x3b/0x90 [ 2667.970275] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2667.971294] RIP: 0033:0x7fc14228cc27 [ 2667.972022] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2667.975610] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2667.977090] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2667.978487] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2667.979890] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2667.981278] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2667.982675] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2667.984091] [ 2668.002180] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2668.006202] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2668.006817] loop4: detected capacity change from 0 to 512 19:30:49 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:49 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1b, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2668.048811] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2668.053514] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:30:49 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 52) 19:30:49 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x4000000) 19:30:49 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2668.133880] loop3: detected capacity change from 0 to 512 [ 2668.139526] FAULT_INJECTION: forcing a failure. [ 2668.139526] name failslab, interval 1, probability 0, space 0, times 0 [ 2668.140715] CPU: 1 PID: 13896 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2668.141528] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2668.142630] Call Trace: [ 2668.142881] [ 2668.143100] dump_stack_lvl+0x8b/0xb3 [ 2668.143486] should_fail.cold+0x5/0xa [ 2668.143864] ? create_object.isra.0+0x3a/0xa20 [ 2668.144316] should_failslab+0x5/0x10 [ 2668.144695] kmem_cache_alloc+0x5b/0x480 [ 2668.145108] create_object.isra.0+0x3a/0xa20 [ 2668.145539] ? kasan_unpoison+0x23/0x50 [ 2668.145936] __kmalloc_track_caller+0x25e/0x430 [ 2668.146409] ? sidtab_sid2str_get+0x17c/0x650 [ 2668.146854] kmemdup+0x23/0x50 [ 2668.147175] sidtab_sid2str_get+0x17c/0x650 [ 2668.147604] sidtab_entry_to_string+0x33/0x110 [ 2668.148060] security_sid_to_context_core+0x337/0x560 [ 2668.148573] selinux_inode_init_security+0x4c2/0x6b0 [ 2668.149076] ? selinux_dentry_init_security+0x2c0/0x2c0 [ 2668.149598] ? posix_acl_fix_xattr_userns+0x390/0x390 [ 2668.150123] ? lock_is_held_type+0xd7/0x130 [ 2668.150567] ? find_held_lock+0x2c/0x110 [ 2668.150987] security_inode_init_security+0x151/0x350 [ 2668.151510] ? ext4_init_acl+0x310/0x310 [ 2668.151928] ? inode_free_by_rcu+0x20/0x20 [ 2668.152375] ? chksum_update+0x4c/0xb0 [ 2668.152781] __ext4_new_inode+0x39c8/0x5620 [ 2668.153247] ? ext4_mark_inode_used+0x14a0/0x14a0 [ 2668.153751] ? ext4_mkdir+0x6c3/0xb20 [ 2668.154165] ext4_mkdir+0x33a/0xb20 [ 2668.154545] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2668.154988] ? inode_permission.part.0+0xb5/0x670 [ 2668.155473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2668.156047] vfs_mkdir+0x1d0/0x3c0 [ 2668.156417] do_mkdirat+0x17b/0x2e0 [ 2668.156791] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2668.157345] ? do_file_open_root+0x590/0x590 [ 2668.157789] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2668.158350] ? getname_flags.part.0+0x1dd/0x4f0 [ 2668.158828] __x64_sys_mkdir+0xf2/0x140 [ 2668.159238] do_syscall_64+0x3b/0x90 [ 2668.159627] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2668.160155] RIP: 0033:0x7fc14228cc27 [ 2668.160521] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2668.162336] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2668.163078] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2668.163786] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2668.164506] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2668.165210] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2668.165929] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2668.166684] 19:30:49 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x27, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2668.180142] loop2: detected capacity change from 0 to 512 [ 2668.231137] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:30:49 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xf, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:30:49 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x18000000) [ 2668.364879] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2668.366909] loop2: detected capacity change from 0 to 512 [ 2668.368866] EXT4-fs (loop3): get root inode failed [ 2668.370021] EXT4-fs (loop3): mount failed [ 2668.396797] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2683.329868] loop6: detected capacity change from 0 to 512 19:31:04 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xfbffffff00000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:31:04 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xfffffffe, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:31:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:31:04 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x9f, 0x0) 19:31:04 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1b, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:31:04 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 53) 19:31:04 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xed410000) 19:31:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xfe, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2683.347421] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 2683.356253] loop5: detected capacity change from 0 to 512 [ 2683.365510] loop3: detected capacity change from 0 to 512 [ 2683.366420] FAULT_INJECTION: forcing a failure. [ 2683.366420] name failslab, interval 1, probability 0, space 0, times 0 [ 2683.367888] CPU: 1 PID: 13929 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2683.368735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2683.369915] Call Trace: [ 2683.370194] [ 2683.370449] dump_stack_lvl+0x8b/0xb3 [ 2683.370853] should_fail.cold+0x5/0xa [ 2683.371259] ? __es_insert_extent+0x3a9/0x12f0 [ 2683.371752] should_failslab+0x5/0x10 [ 2683.372153] kmem_cache_alloc+0x5b/0x480 [ 2683.372587] __es_insert_extent+0x3a9/0x12f0 [ 2683.373042] ? do_raw_write_lock+0x11a/0x280 [ 2683.373507] ? do_raw_read_unlock+0x70/0x70 [ 2683.373967] ext4_es_insert_extent+0x2dc/0xbf0 [ 2683.374453] ? ext4_es_scan_clu+0x2e0/0x2e0 [ 2683.374897] ? lock_downgrade+0x6d0/0x6d0 [ 2683.375333] ? lock_is_held_type+0xd7/0x130 [ 2683.375789] ? __ext4_handle_dirty_metadata+0x720/0x720 [ 2683.376332] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2683.376796] loop1: detected capacity change from 0 to 512 [ 2683.376935] ext4_ext_map_blocks+0x1a36/0x5cd0 [ 2683.378531] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2683.379073] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2683.379624] ? lock_is_held_type+0xd7/0x130 [ 2683.380080] ? ext4_ext_release+0x10/0x10 [ 2683.380515] ? lock_acquire+0x1b2/0x530 [ 2683.380930] ? lock_release+0x750/0x750 [ 2683.381352] ? lock_is_held_type+0xd7/0x130 [ 2683.381821] ? down_read+0x198/0x440 [ 2683.382213] ? rwsem_down_read_slowpath+0xac0/0xac0 [ 2683.382745] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2683.383331] ? ext4_es_lookup_extent+0xc4/0xc60 [ 2683.383365] loop2: detected capacity change from 0 to 512 [ 2683.383820] ext4_map_blocks+0x9c8/0x1970 [ 2683.385350] ? inode_free_by_rcu+0x20/0x20 [ 2683.385787] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2683.386275] ? lock_is_held_type+0xd7/0x130 [ 2683.386746] ext4_getblk+0x144/0x6b0 [ 2683.387135] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 2683.387663] ext4_bread+0x2a/0x1c0 [ 2683.388052] ext4_append+0x155/0x380 [ 2683.388449] ext4_init_new_dir+0x25e/0x4d0 [ 2683.388887] ? ext4_init_dot_dotdot+0x590/0x590 [ 2683.389375] ? ext4_mkdir+0x6c3/0xb20 [ 2683.389780] ext4_mkdir+0x3cf/0xb20 [ 2683.390169] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2683.390636] ? inode_permission.part.0+0xb5/0x670 [ 2683.391142] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2683.391717] vfs_mkdir+0x1d0/0x3c0 [ 2683.392094] do_mkdirat+0x17b/0x2e0 [ 2683.392475] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2683.393049] ? do_file_open_root+0x590/0x590 [ 2683.393507] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2683.394076] ? getname_flags.part.0+0x1dd/0x4f0 [ 2683.394580] __x64_sys_mkdir+0xf2/0x140 [ 2683.395001] do_syscall_64+0x3b/0x90 [ 2683.395391] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2683.395930] RIP: 0033:0x7fc14228cc27 [ 2683.396321] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2683.398234] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2683.399081] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2683.399816] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2683.400557] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2683.401281] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2683.402009] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2683.402789] 19:31:04 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x27, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2683.406993] loop4: detected capacity change from 0 to 512 19:31:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2683.447238] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2683.449286] loop6: detected capacity change from 0 to 512 [ 2683.449695] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2683.453407] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 2683.458239] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:31:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2683.485082] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:31:04 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xfe, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:31:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x300, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2683.567879] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2683.571075] EXT4-fs (loop3): get root inode failed [ 2683.571616] EXT4-fs (loop3): mount failed [ 2683.579788] Please do not flush events WQ. [ 2683.580749] CPU: 0 PID: 295 Comm: syz-executor.2 Not tainted 5.18.0-rc2-next-20220414 #1 19:31:04 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xf6ffffff) [ 2683.582380] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2683.584735] Call Trace: [ 2683.585245] [ 2683.585688] dump_stack_lvl+0x8b/0xb3 [ 2683.586482] flush_workqueue.cold+0x1d/0x22 [ 2683.587353] ? fsnotify_grab_connector+0x11a/0x230 [ 2683.588332] ? check_flush_dependency+0x400/0x400 [ 2683.589321] ? __fsnotify_vfsmount_delete+0x20/0x20 [ 2683.590332] ext4_put_super+0x9d/0x1050 [ 2683.591119] ? sync_filesystem.part.0+0x186/0x1e0 [ 2683.592087] ? ext4_quota_write+0x5d0/0x5d0 [ 2683.592948] generic_shutdown_super+0x14f/0x410 [ 2683.593868] kill_block_super+0x9d/0xf0 [ 2683.594669] deactivate_locked_super+0x99/0x160 [ 2683.595588] deactivate_super+0xad/0xd0 [ 2683.596378] cleanup_mnt+0x39a/0x510 [ 2683.597120] task_work_run+0xe2/0x1a0 [ 2683.597927] exit_to_user_mode_prepare+0x199/0x1a0 [ 2683.598931] syscall_exit_to_user_mode+0x19/0x40 [ 2683.599864] do_syscall_64+0x48/0x90 [ 2683.600610] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2683.601642] RIP: 0033:0x7f7daf953f87 [ 2683.602388] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2683.605987] RSP: 002b:00007ffc785f8328 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 2683.607512] RAX: 0000000000000000 RBX: 0000000000000353 RCX: 00007f7daf953f87 [ 2683.608919] RDX: 00007ffc785f83fb RSI: 000000000000000a RDI: 00007ffc785f83f0 [ 2683.610340] RBP: 00007ffc785f83f0 R08: 00000000ffffffff R09: 00007ffc785f81c0 [ 2683.611740] R10: 0000555555fb0c7b R11: 0000000000000246 R12: 00007f7daf9ac105 [ 2683.613146] R13: 00007ffc785f94b0 R14: 0000555555fb0c20 R15: 00007ffc785f94f0 [ 2683.614585] 19:31:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100), 0x0, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2683.660829] loop6: detected capacity change from 0 to 512 [ 2683.672017] loop2: detected capacity change from 0 to 512 19:31:04 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x300, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2683.680046] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 2683.736575] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:31:18 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xfffe, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:31:18 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 54) 19:31:18 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xfffe, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:31:18 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x9e, 0x0) 19:31:18 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100), 0x0, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:31:18 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xfeffffff00000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:31:18 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xa0, 0x0) 19:31:18 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xff000000) [ 2697.475546] loop5: detected capacity change from 0 to 512 [ 2697.510223] loop6: detected capacity change from 0 to 512 [ 2697.515588] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 2697.518520] loop4: detected capacity change from 0 to 512 [ 2697.531697] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2697.538224] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2697.554348] loop2: detected capacity change from 0 to 512 [ 2697.561090] loop1: detected capacity change from 0 to 512 [ 2697.568801] loop3: detected capacity change from 0 to 512 [ 2697.570490] FAULT_INJECTION: forcing a failure. [ 2697.570490] name failslab, interval 1, probability 0, space 0, times 0 [ 2697.572765] CPU: 1 PID: 13986 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2697.574440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2697.576719] Call Trace: [ 2697.577239] [ 2697.577704] dump_stack_lvl+0x8b/0xb3 [ 2697.578507] should_fail.cold+0x5/0xa [ 2697.579294] ? __es_tree_search.isra.0+0x1af/0x210 [ 2697.580366] ? create_object.isra.0+0x3a/0xa20 [ 2697.581386] should_failslab+0x5/0x10 [ 2697.582233] kmem_cache_alloc+0x5b/0x480 [ 2697.583147] create_object.isra.0+0x3a/0xa20 [ 2697.584115] ? kasan_unpoison+0x23/0x50 [ 2697.585000] kmem_cache_alloc+0x239/0x480 [ 2697.585942] __es_insert_extent+0x3a9/0x12f0 [ 2697.586935] ? do_raw_write_lock+0x11a/0x280 [ 2697.587917] ? do_raw_read_unlock+0x70/0x70 [ 2697.588885] ext4_es_insert_extent+0x2dc/0xbf0 [ 2697.589910] ? ext4_es_scan_clu+0x2e0/0x2e0 [ 2697.590879] ? lock_downgrade+0x6d0/0x6d0 [ 2697.591830] ? lock_is_held_type+0xd7/0x130 [ 2697.592818] ? __ext4_handle_dirty_metadata+0x720/0x720 [ 2697.594018] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2697.595306] ext4_ext_map_blocks+0x1a36/0x5cd0 [ 2697.596350] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2697.597540] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2697.598740] ? lock_is_held_type+0xd7/0x130 [ 2697.599737] ? ext4_ext_release+0x10/0x10 [ 2697.600673] ? lock_acquire+0x1b2/0x530 [ 2697.601588] ? lock_release+0x750/0x750 [ 2697.602521] ? lock_is_held_type+0xd7/0x130 [ 2697.603527] ? down_read+0x198/0x440 [ 2697.604377] ? rwsem_down_read_slowpath+0xac0/0xac0 [ 2697.605508] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2697.606770] ? ext4_es_lookup_extent+0xc4/0xc60 [ 2697.607833] ext4_map_blocks+0x9c8/0x1970 [ 2697.608791] ? inode_free_by_rcu+0x20/0x20 [ 2697.609765] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2697.610813] ? lock_is_held_type+0xd7/0x130 [ 2697.611810] ext4_getblk+0x144/0x6b0 [ 2697.612666] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 2697.613836] ext4_bread+0x2a/0x1c0 [ 2697.614664] ext4_append+0x155/0x380 [ 2697.615508] ext4_init_new_dir+0x25e/0x4d0 [ 2697.616483] ? ext4_init_dot_dotdot+0x590/0x590 [ 2697.617583] ? ext4_mkdir+0x6c3/0xb20 [ 2697.618477] ext4_mkdir+0x3cf/0xb20 [ 2697.619318] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2697.620318] ? inode_permission.part.0+0xb5/0x670 [ 2697.621396] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2697.622641] vfs_mkdir+0x1d0/0x3c0 [ 2697.623449] do_mkdirat+0x17b/0x2e0 [ 2697.624288] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2697.625526] ? do_file_open_root+0x590/0x590 [ 2697.626526] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2697.627749] ? getname_flags.part.0+0x1dd/0x4f0 [ 2697.628809] __x64_sys_mkdir+0xf2/0x140 [ 2697.629708] do_syscall_64+0x3b/0x90 [ 2697.630568] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2697.631718] RIP: 0033:0x7fc14228cc27 [ 2697.632555] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2697.636810] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2697.638500] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2697.640047] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2697.641619] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2697.643184] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2697.644765] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2697.646359] [ 2697.690598] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2697.693042] EXT4-fs (loop3): get root inode failed [ 2697.693630] EXT4-fs (loop3): mount failed 19:31:18 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xa1, 0x0) 19:31:18 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100), 0x0, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2697.755970] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2697.774988] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:31:19 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xff0f000000000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2697.787202] loop6: detected capacity change from 0 to 512 [ 2697.791902] loop5: detected capacity change from 0 to 512 [ 2697.799629] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 2697.815174] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:31:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xf6ffffff) 19:31:19 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000da", 0x2d, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2697.848309] loop1: detected capacity change from 0 to 512 [ 2697.874917] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:31:19 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xa2, 0x0) 19:31:19 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xfffff000) [ 2698.003644] loop4: detected capacity change from 0 to 512 [ 2698.048058] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:31:19 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 55) [ 2698.068903] loop5: detected capacity change from 0 to 512 [ 2698.089133] loop2: detected capacity change from 0 to 512 [ 2698.105731] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2698.144275] loop3: detected capacity change from 0 to 512 [ 2698.159249] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2698.194862] FAULT_INJECTION: forcing a failure. [ 2698.194862] name failslab, interval 1, probability 0, space 0, times 0 [ 2698.197664] CPU: 1 PID: 14018 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2698.199366] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2698.201658] Call Trace: [ 2698.202172] [ 2698.202657] dump_stack_lvl+0x8b/0xb3 [ 2698.203450] should_fail.cold+0x5/0xa [ 2698.204231] ? ext4_find_extent+0xa39/0xd20 [ 2698.205111] should_failslab+0x5/0x10 [ 2698.205891] __kmalloc+0x72/0x440 [ 2698.206649] ext4_find_extent+0xa39/0xd20 [ 2698.207516] ext4_ext_map_blocks+0x1c8/0x5cd0 [ 2698.208451] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2698.209520] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2698.210621] ? lock_is_held_type+0xd7/0x130 [ 2698.211525] ? ext4_ext_release+0x10/0x10 [ 2698.212378] ? lock_acquire+0x1b2/0x530 [ 2698.213180] ? lock_release+0x750/0x750 [ 2698.214009] ? lock_is_held_type+0xd7/0x130 [ 2698.214935] ? down_write+0xde/0x150 [ 2698.215695] ? down_write_killable+0x170/0x170 [ 2698.216647] ext4_map_blocks+0x652/0x1970 [ 2698.217508] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2698.218454] ? lock_is_held_type+0xd7/0x130 [ 2698.219371] ext4_getblk+0x144/0x6b0 [ 2698.220124] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 2698.221161] ext4_bread+0x2a/0x1c0 [ 2698.221906] ext4_append+0x155/0x380 [ 2698.222699] ext4_init_new_dir+0x25e/0x4d0 [ 2698.223565] ? ext4_init_dot_dotdot+0x590/0x590 [ 2698.224514] ? ext4_mkdir+0x6c3/0xb20 [ 2698.225313] ext4_mkdir+0x3cf/0xb20 [ 2698.226060] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2698.226978] ? inode_permission.part.0+0xb5/0x670 [ 2698.227960] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2698.229088] vfs_mkdir+0x1d0/0x3c0 [ 2698.229827] do_mkdirat+0x17b/0x2e0 [ 2698.230608] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2698.231722] ? do_file_open_root+0x590/0x590 [ 2698.232621] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2698.233732] ? getname_flags.part.0+0x1dd/0x4f0 [ 2698.234702] __x64_sys_mkdir+0xf2/0x140 [ 2698.235517] do_syscall_64+0x3b/0x90 [ 2698.236277] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2698.237318] RIP: 0033:0x7fc14228cc27 [ 2698.238050] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2698.241729] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2698.243273] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2698.244705] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2698.246124] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2698.247572] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2698.248990] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2698.250599] 19:31:34 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000da", 0x2d, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:31:34 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x66287, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2713.407146] loop6: detected capacity change from 0 to 512 [ 2713.412445] loop1: detected capacity change from 0 to 512 [ 2713.419013] loop4: detected capacity change from 0 to 512 [ 2713.425001] loop5: detected capacity change from 0 to 512 19:31:34 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xffffc90000000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:31:34 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x8cffffff00000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:31:34 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xfffffff6) 19:31:34 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 56) 19:31:34 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xa3, 0x0) 19:31:34 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x66287, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2713.445810] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2713.447530] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 2713.458282] loop3: detected capacity change from 0 to 512 [ 2713.458854] loop2: detected capacity change from 0 to 512 [ 2713.463504] FAULT_INJECTION: forcing a failure. [ 2713.463504] name failslab, interval 1, probability 0, space 0, times 0 [ 2713.465955] CPU: 0 PID: 14045 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2713.467646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2713.470067] Call Trace: [ 2713.470666] [ 2713.471261] dump_stack_lvl+0x8b/0xb3 [ 2713.472206] should_fail.cold+0x5/0xa [ 2713.473126] ? __es_tree_search.isra.0+0x1af/0x210 [ 2713.474315] ? create_object.isra.0+0x3a/0xa20 [ 2713.475344] should_failslab+0x5/0x10 [ 2713.476102] kmem_cache_alloc+0x5b/0x480 [ 2713.476929] create_object.isra.0+0x3a/0xa20 [ 2713.477797] ? kasan_unpoison+0x23/0x50 [ 2713.478592] kmem_cache_alloc+0x239/0x480 [ 2713.479442] __es_insert_extent+0x3a9/0x12f0 [ 2713.480309] ? do_raw_write_lock+0x11a/0x280 [ 2713.481186] ? do_raw_read_unlock+0x70/0x70 [ 2713.482077] ext4_es_insert_extent+0x2dc/0xbf0 [ 2713.482996] ? ext4_es_scan_clu+0x2e0/0x2e0 [ 2713.483847] ? lock_downgrade+0x6d0/0x6d0 [ 2713.484680] ? lock_is_held_type+0xd7/0x130 [ 2713.485546] ? __ext4_handle_dirty_metadata+0x720/0x720 [ 2713.486592] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2713.487714] ext4_ext_map_blocks+0x1a36/0x5cd0 [ 2713.488631] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2713.489670] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2713.490713] ? lock_is_held_type+0xd7/0x130 [ 2713.491586] ? ext4_ext_release+0x10/0x10 [ 2713.492407] ? lock_acquire+0x1b2/0x530 [ 2713.493196] ? lock_release+0x750/0x750 [ 2713.493994] ? lock_is_held_type+0xd7/0x130 [ 2713.494895] ? down_read+0x198/0x440 [ 2713.495636] ? rwsem_down_read_slowpath+0xac0/0xac0 [ 2713.496618] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2713.497706] ? ext4_es_lookup_extent+0xc4/0xc60 [ 2713.498675] ext4_map_blocks+0x9c8/0x1970 [ 2713.499522] ? inode_free_by_rcu+0x20/0x20 [ 2713.500399] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2713.501301] ? lock_is_held_type+0xd7/0x130 [ 2713.502219] ext4_getblk+0x144/0x6b0 [ 2713.502985] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 2713.504045] ext4_bread+0x2a/0x1c0 [ 2713.504764] ext4_append+0x155/0x380 [ 2713.505524] ext4_init_new_dir+0x25e/0x4d0 [ 2713.506368] ? ext4_init_dot_dotdot+0x590/0x590 [ 2713.507308] ? ext4_mkdir+0x6c3/0xb20 [ 2713.508078] ext4_mkdir+0x3cf/0xb20 [ 2713.508816] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2713.509685] ? inode_permission.part.0+0xb5/0x670 [ 2713.510644] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2713.511769] vfs_mkdir+0x1d0/0x3c0 [ 2713.512483] do_mkdirat+0x17b/0x2e0 [ 2713.513209] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2713.514299] ? do_file_open_root+0x590/0x590 [ 2713.515183] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2713.516267] ? getname_flags.part.0+0x1dd/0x4f0 [ 2713.517194] __x64_sys_mkdir+0xf2/0x140 [ 2713.517988] do_syscall_64+0x3b/0x90 [ 2713.518740] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2713.519767] RIP: 0033:0x7fc14228cc27 [ 2713.520494] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2713.524124] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2713.525657] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2713.527092] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2713.528528] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2713.529946] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2713.531393] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2713.532811] [ 2713.536344] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2713.542220] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:31:34 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xffffffff00000000, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2713.616902] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2713.638897] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2713.646493] EXT4-fs (loop3): get root inode failed [ 2713.647631] EXT4-fs (loop3): mount failed [ 2713.724613] loop1: detected capacity change from 0 to 512 [ 2713.759162] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:31:51 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x80000, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:31:51 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000da", 0x2d, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:31:51 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xfffffffe, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:31:51 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 57) 19:31:51 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000", 0x1a, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:31:51 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x1000000000000) 19:31:51 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xa4, 0x0) 19:31:51 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x2) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2730.016712] loop3: detected capacity change from 0 to 512 [ 2730.020995] loop1: detected capacity change from 0 to 512 [ 2730.026961] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2730.044819] FAULT_INJECTION: forcing a failure. [ 2730.044819] name failslab, interval 1, probability 0, space 0, times 0 [ 2730.047561] CPU: 0 PID: 14069 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2730.049309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2730.051717] Call Trace: [ 2730.052259] [ 2730.052739] dump_stack_lvl+0x8b/0xb3 [ 2730.053567] should_fail.cold+0x5/0xa [ 2730.054389] ? __es_insert_extent+0x3a9/0x12f0 [ 2730.055391] should_failslab+0x5/0x10 [ 2730.056223] kmem_cache_alloc+0x5b/0x480 [ 2730.057122] __es_insert_extent+0x3a9/0x12f0 [ 2730.058068] ? do_raw_write_lock+0x11a/0x280 [ 2730.059040] ? do_raw_read_unlock+0x70/0x70 [ 2730.059998] ext4_es_insert_extent+0x2dc/0xbf0 [ 2730.060999] ? ext4_es_scan_clu+0x2e0/0x2e0 [ 2730.061933] ? lock_downgrade+0x6d0/0x6d0 [ 2730.062847] ? lock_is_held_type+0xd7/0x130 [ 2730.063793] ? __ext4_handle_dirty_metadata+0x720/0x720 [ 2730.064937] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2730.066109] ext4_ext_map_blocks+0x1a36/0x5cd0 [ 2730.067138] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2730.068251] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2730.069387] ? lock_is_held_type+0xd7/0x130 [ 2730.070310] ? ext4_ext_release+0x10/0x10 [ 2730.071210] ? lock_acquire+0x1b2/0x530 [ 2730.072063] ? lock_release+0x750/0x750 [ 2730.072934] ? lock_is_held_type+0xd7/0x130 [ 2730.073880] ? down_read+0x198/0x440 [ 2730.074689] ? rwsem_down_read_slowpath+0xac0/0xac0 [ 2730.075771] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2730.076969] ? ext4_es_lookup_extent+0xc4/0xc60 [ 2730.077979] ext4_map_blocks+0x9c8/0x1970 [ 2730.078888] ? inode_free_by_rcu+0x20/0x20 [ 2730.079818] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2730.080790] ? lock_is_held_type+0xd7/0x130 [ 2730.081749] ext4_getblk+0x144/0x6b0 [ 2730.082546] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 2730.083674] ext4_bread+0x2a/0x1c0 [ 2730.084436] ext4_append+0x155/0x380 [ 2730.085257] ext4_init_new_dir+0x25e/0x4d0 [ 2730.086151] ? ext4_init_dot_dotdot+0x590/0x590 [ 2730.087187] ? ext4_mkdir+0x6c3/0xb20 [ 2730.088013] ext4_mkdir+0x3cf/0xb20 [ 2730.088816] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2730.089737] ? inode_permission.part.0+0xb5/0x670 [ 2730.090784] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2730.091960] vfs_mkdir+0x1d0/0x3c0 [ 2730.092741] do_mkdirat+0x17b/0x2e0 [ 2730.093512] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2730.094711] ? do_file_open_root+0x590/0x590 [ 2730.095666] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2730.096858] ? getname_flags.part.0+0x1dd/0x4f0 [ 2730.097878] __x64_sys_mkdir+0xf2/0x140 [ 2730.098750] do_syscall_64+0x3b/0x90 [ 2730.099576] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2730.100702] RIP: 0033:0x7fc14228cc27 [ 2730.101497] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2730.105442] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2730.107084] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2730.108616] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2730.110159] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2730.111707] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2730.113238] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2730.114797] [ 2730.145573] loop5: detected capacity change from 0 to 512 [ 2730.150967] loop4: detected capacity change from 0 to 512 [ 2730.156642] loop2: detected capacity change from 0 to 512 [ 2730.158525] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2730.159126] loop6: detected capacity change from 0 to 512 [ 2730.161218] EXT4-fs (loop3): get root inode failed [ 2730.161977] EXT4-fs (loop3): mount failed [ 2730.166408] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2730.167764] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2730.175828] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 2730.181045] EXT4-fs error (device loop4): __ext4_fill_super:5311: inode #2: comm syz-executor.4: iget: root inode unallocated [ 2730.182713] EXT4-fs (loop4): get root inode failed [ 2730.183254] EXT4-fs (loop4): mount failed [ 2730.203582] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:32:03 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xfffffffe, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:03 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xfffffffffffffffe, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:03 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x4) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:32:03 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x89, 0x0) 19:32:03 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f", 0x44, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:03 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x8000000000000) 19:32:03 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 58) 19:32:03 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xa5, 0x0) [ 2742.595843] loop1: detected capacity change from 0 to 512 [ 2742.596798] loop3: detected capacity change from 0 to 512 [ 2742.599413] FAULT_INJECTION: forcing a failure. [ 2742.599413] name failslab, interval 1, probability 0, space 0, times 0 [ 2742.600541] CPU: 1 PID: 14110 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2742.601349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2742.602449] Call Trace: [ 2742.602702] [ 2742.602921] dump_stack_lvl+0x8b/0xb3 [ 2742.603321] should_fail.cold+0x5/0xa [ 2742.603699] ? create_object.isra.0+0x3a/0xa20 [ 2742.604155] should_failslab+0x5/0x10 [ 2742.604537] kmem_cache_alloc+0x5b/0x480 [ 2742.604948] create_object.isra.0+0x3a/0xa20 [ 2742.605381] ? kasan_unpoison+0x23/0x50 [ 2742.605778] kmem_cache_alloc+0x239/0x480 [ 2742.606220] ext4_mb_new_blocks+0x64b/0x4b60 [ 2742.606694] ? lock_is_held_type+0xd7/0x130 [ 2742.607169] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2742.607683] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2742.608270] ? ext4_cache_extents+0x68/0x2d0 [ 2742.608737] ? ext4_discard_preallocations+0xe60/0xe60 [ 2742.609293] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2742.609875] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2742.610455] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2742.611036] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2742.611634] ? ext4_inode_to_goal_block+0x320/0x430 [ 2742.612168] ext4_ext_map_blocks+0x1fb0/0x5cd0 [ 2742.612166] loop4: detected capacity change from 0 to 512 [ 2742.612654] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2742.614484] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2742.614999] ? lock_is_held_type+0xd7/0x130 [ 2742.615492] ? ext4_ext_release+0x10/0x10 [ 2742.615934] ? lock_release+0x750/0x750 [ 2742.616366] ? lock_is_held_type+0xd7/0x130 [ 2742.616840] ? down_write_killable+0x170/0x170 [ 2742.617331] ext4_map_blocks+0x652/0x1970 [ 2742.617793] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2742.618289] ? lock_is_held_type+0xd7/0x130 [ 2742.618758] ext4_getblk+0x144/0x6b0 [ 2742.619169] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 2742.619711] ext4_bread+0x2a/0x1c0 [ 2742.620104] ext4_append+0x155/0x380 [ 2742.620507] ext4_init_new_dir+0x25e/0x4d0 [ 2742.620957] ? ext4_init_dot_dotdot+0x590/0x590 [ 2742.621448] ? ext4_mkdir+0x6c3/0xb20 [ 2742.621859] ext4_mkdir+0x3cf/0xb20 [ 2742.622247] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2742.622709] ? inode_permission.part.0+0xb5/0x670 [ 2742.623237] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2742.623827] vfs_mkdir+0x1d0/0x3c0 [ 2742.624205] do_mkdirat+0x17b/0x2e0 [ 2742.624593] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2742.625177] ? do_file_open_root+0x590/0x590 [ 2742.625645] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2742.626220] ? getname_flags.part.0+0x1dd/0x4f0 [ 2742.626714] __x64_sys_mkdir+0xf2/0x140 [ 2742.627144] do_syscall_64+0x3b/0x90 [ 2742.627536] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2742.628080] RIP: 0033:0x7fc14228cc27 [ 2742.628446] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2742.630399] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2742.631211] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2742.631494] loop5: detected capacity change from 0 to 512 [ 2742.631955] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2742.633782] loop2: detected capacity change from 0 to 512 [ 2742.633904] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2742.635827] loop6: detected capacity change from 0 to 512 [ 2742.635852] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2742.637775] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2742.638478] [ 2742.653125] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2742.676667] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2742.677955] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2742.682655] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2742.687371] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2742.691700] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2742.696739] EXT4-fs (loop6): get root inode failed [ 2742.697916] EXT4-fs (loop6): mount failed [ 2742.753601] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2742.756661] EXT4-fs (loop3): get root inode failed [ 2742.757780] EXT4-fs (loop3): mount failed 19:32:04 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x8) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2742.815247] loop1: detected capacity change from 0 to 512 [ 2742.826415] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2742.912423] loop6: detected capacity change from 0 to 512 [ 2742.914720] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem 19:32:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f", 0x44, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2742.945881] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2742.947727] EXT4-fs (loop6): get root inode failed [ 2742.948232] EXT4-fs (loop6): mount failed 19:32:04 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 59) 19:32:04 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x40000000000000) [ 2742.992964] loop6: detected capacity change from 0 to 512 [ 2742.995200] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem 19:32:04 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x4) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:32:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f", 0x44, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2743.002005] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2743.003706] EXT4-fs (loop6): get root inode failed [ 2743.004191] EXT4-fs (loop6): mount failed [ 2743.012129] loop3: detected capacity change from 0 to 512 [ 2743.014066] FAULT_INJECTION: forcing a failure. [ 2743.014066] name failslab, interval 1, probability 0, space 0, times 0 [ 2743.015240] CPU: 1 PID: 14143 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2743.016049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2743.017143] Call Trace: [ 2743.017395] [ 2743.017616] dump_stack_lvl+0x8b/0xb3 [ 2743.018008] should_fail.cold+0x5/0xa [ 2743.018390] ? ext4_mb_new_blocks+0x222c/0x4b60 [ 2743.018852] should_failslab+0x5/0x10 [ 2743.019246] kmem_cache_alloc+0x5b/0x480 [ 2743.019657] ext4_mb_new_blocks+0x222c/0x4b60 [ 2743.020106] ? lock_is_held_type+0xd7/0x130 [ 2743.020540] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2743.021014] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2743.021550] ? ext4_cache_extents+0x68/0x2d0 [ 2743.021985] ? ext4_discard_preallocations+0xe60/0xe60 [ 2743.022499] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2743.023038] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2743.023583] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2743.024122] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2743.024666] ? ext4_inode_to_goal_block+0x320/0x430 [ 2743.025168] ext4_ext_map_blocks+0x1fb0/0x5cd0 [ 2743.025627] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2743.026142] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2743.026656] ? lock_is_held_type+0xd7/0x130 [ 2743.027097] ? ext4_ext_release+0x10/0x10 [ 2743.027530] ? lock_release+0x750/0x750 [ 2743.027931] ? lock_is_held_type+0xd7/0x130 [ 2743.028377] ? down_write_killable+0x170/0x170 [ 2743.028837] ext4_map_blocks+0x652/0x1970 [ 2743.029257] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2743.029715] ? lock_is_held_type+0xd7/0x130 [ 2743.030152] ext4_getblk+0x144/0x6b0 [ 2743.030528] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 2743.031034] ext4_bread+0x2a/0x1c0 [ 2743.031401] ext4_append+0x155/0x380 [ 2743.031782] ext4_init_new_dir+0x25e/0x4d0 [ 2743.032204] ? ext4_init_dot_dotdot+0x590/0x590 [ 2743.032665] ? ext4_mkdir+0x6c3/0xb20 [ 2743.033046] ext4_mkdir+0x3cf/0xb20 [ 2743.033422] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2743.033860] ? inode_permission.part.0+0xb5/0x670 [ 2743.034347] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2743.034897] vfs_mkdir+0x1d0/0x3c0 [ 2743.035259] do_mkdirat+0x17b/0x2e0 [ 2743.035625] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2743.036168] ? do_file_open_root+0x590/0x590 [ 2743.036605] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2743.037154] ? getname_flags.part.0+0x1dd/0x4f0 [ 2743.037618] __x64_sys_mkdir+0xf2/0x140 [ 2743.038015] do_syscall_64+0x3b/0x90 [ 2743.038388] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2743.038897] RIP: 0033:0x7fc14228cc27 [ 2743.039270] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2743.041053] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2743.041789] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2743.042482] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2743.043185] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2743.043873] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2743.044564] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2743.045269] [ 2743.046024] loop4: detected capacity change from 0 to 512 [ 2743.059654] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2743.077020] loop2: detected capacity change from 0 to 512 19:32:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f0000000000000000010000", 0x4f, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2743.091732] loop6: detected capacity change from 0 to 512 [ 2743.093374] EXT4-fs (loop6): invalid first ino: 0 19:32:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f0000000000000000010000", 0x4f, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2743.173848] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2743.179526] loop6: detected capacity change from 0 to 512 [ 2743.181217] EXT4-fs (loop6): invalid first ino: 0 [ 2756.432772] loop6: detected capacity change from 0 to 512 [ 2756.434701] loop4: detected capacity change from 0 to 512 [ 2756.439210] loop3: detected capacity change from 0 to 512 19:32:17 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 60) 19:32:17 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f0000000000000000010000", 0x4f, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:17 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xf0ffffffffffff) 19:32:17 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xa6, 0x0) 19:32:17 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xfffffffffffffffe, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:17 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f", 0x44, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:17 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x2000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2756.441226] loop2: detected capacity change from 0 to 512 [ 2756.441722] loop1: detected capacity change from 0 to 512 [ 2756.443127] FAULT_INJECTION: forcing a failure. [ 2756.443127] name failslab, interval 1, probability 0, space 0, times 0 [ 2756.444431] CPU: 0 PID: 14177 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2756.445310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2756.446511] Call Trace: [ 2756.446785] [ 2756.447021] dump_stack_lvl+0x8b/0xb3 [ 2756.447448] should_fail.cold+0x5/0xa [ 2756.447856] ? create_object.isra.0+0x3a/0xa20 [ 2756.448360] should_failslab+0x5/0x10 [ 2756.448781] kmem_cache_alloc+0x5b/0x480 [ 2756.449253] create_object.isra.0+0x3a/0xa20 [ 2756.449729] ? kasan_unpoison+0x23/0x50 [ 2756.450156] kmem_cache_alloc+0x239/0x480 [ 2756.450604] ext4_mb_new_blocks+0x222c/0x4b60 [ 2756.451104] ? lock_is_held_type+0xd7/0x130 [ 2756.451578] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2756.452097] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2756.452688] ? ext4_cache_extents+0x68/0x2d0 [ 2756.453160] ? ext4_discard_preallocations+0xe60/0xe60 [ 2756.453713] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2756.454323] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2756.454909] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2756.455508] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2756.456107] ? ext4_inode_to_goal_block+0x320/0x430 [ 2756.456661] ext4_ext_map_blocks+0x1fb0/0x5cd0 [ 2756.457167] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2756.457742] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2756.458308] ? lock_is_held_type+0xd7/0x130 [ 2756.458785] ? ext4_ext_release+0x10/0x10 [ 2756.459241] ? lock_release+0x750/0x750 [ 2756.459692] ? lock_is_held_type+0xd7/0x130 [ 2756.460178] ? down_write_killable+0x170/0x170 [ 2756.460673] ext4_map_blocks+0x652/0x1970 [ 2756.461140] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2756.461636] ? lock_is_held_type+0xd7/0x130 [ 2756.462115] ext4_getblk+0x144/0x6b0 [ 2756.462525] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 2756.463083] ext4_bread+0x2a/0x1c0 [ 2756.463484] ext4_append+0x155/0x380 [ 2756.463894] ext4_init_new_dir+0x25e/0x4d0 [ 2756.464358] ? ext4_init_dot_dotdot+0x590/0x590 [ 2756.464863] ? ext4_mkdir+0x6c3/0xb20 [ 2756.465284] ext4_mkdir+0x3cf/0xb20 [ 2756.465687] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2756.466162] ? inode_permission.part.0+0xb5/0x670 [ 2756.466685] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2756.467285] vfs_mkdir+0x1d0/0x3c0 [ 2756.467694] do_mkdirat+0x17b/0x2e0 [ 2756.468090] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2756.468690] ? do_file_open_root+0x590/0x590 [ 2756.469172] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2756.469775] ? getname_flags.part.0+0x1dd/0x4f0 [ 2756.470285] __x64_sys_mkdir+0xf2/0x140 [ 2756.470720] do_syscall_64+0x3b/0x90 [ 2756.471127] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2756.471705] RIP: 0033:0x7fc14228cc27 [ 2756.472104] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2756.474071] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2756.474885] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2756.475667] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2756.476479] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2756.477281] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2756.478091] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2756.478915] [ 2756.480518] EXT4-fs (loop6): invalid first ino: 0 [ 2756.485042] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2756.489133] loop5: detected capacity change from 0 to 512 [ 2756.506555] EXT4-fs error (device loop4): __ext4_fill_super:5311: inode #2: comm syz-executor.4: iget: root inode unallocated [ 2756.507742] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2756.511348] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2756.512348] EXT4-fs (loop4): get root inode failed [ 2756.512871] EXT4-fs (loop4): mount failed 19:32:17 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b", 0x55, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2756.558499] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2756.564940] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2756.575650] EXT4-fs (loop3): get root inode failed [ 2756.576796] EXT4-fs (loop3): mount failed [ 2756.591677] loop6: detected capacity change from 0 to 512 19:32:17 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x100000000000000) [ 2756.613210] EXT4-fs (loop6): unsupported inode size: 0 [ 2756.613831] EXT4-fs (loop6): blocksize: 2048 19:32:17 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x8cffffff, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2756.652828] loop4: detected capacity change from 0 to 512 19:32:17 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x3f00) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2756.667863] loop2: detected capacity change from 0 to 512 [ 2756.710358] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2756.712948] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:32:17 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b", 0x55, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:17 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 61) [ 2756.762067] loop1: detected capacity change from 0 to 512 [ 2756.787901] loop6: detected capacity change from 0 to 512 [ 2756.803553] EXT4-fs (loop6): unsupported inode size: 0 [ 2756.804461] EXT4-fs (loop6): blocksize: 2048 [ 2756.813107] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2756.839858] loop3: detected capacity change from 0 to 512 [ 2756.849637] FAULT_INJECTION: forcing a failure. [ 2756.849637] name failslab, interval 1, probability 0, space 0, times 0 [ 2756.850881] CPU: 0 PID: 14207 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2756.851815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2756.853008] Call Trace: [ 2756.853279] [ 2756.853518] dump_stack_lvl+0x8b/0xb3 [ 2756.853943] should_fail.cold+0x5/0xa [ 2756.854365] ? create_object.isra.0+0x3a/0xa20 [ 2756.854868] should_failslab+0x5/0x10 [ 2756.855285] kmem_cache_alloc+0x5b/0x480 [ 2756.855759] create_object.isra.0+0x3a/0xa20 [ 2756.856242] ? kasan_unpoison+0x23/0x50 [ 2756.856674] kmem_cache_alloc+0x239/0x480 [ 2756.857121] ext4_mb_new_blocks+0x222c/0x4b60 [ 2756.857617] ? lock_is_held_type+0xd7/0x130 [ 2756.858083] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2756.858608] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2756.859199] ? ext4_cache_extents+0x68/0x2d0 [ 2756.859677] ? ext4_discard_preallocations+0xe60/0xe60 [ 2756.860235] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2756.860839] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2756.861435] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2756.862024] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2756.862615] ? ext4_inode_to_goal_block+0x320/0x430 [ 2756.863167] ext4_ext_map_blocks+0x1fb0/0x5cd0 [ 2756.863682] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2756.864244] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2756.864809] ? lock_is_held_type+0xd7/0x130 [ 2756.865286] ? ext4_ext_release+0x10/0x10 [ 2756.865740] ? lock_release+0x750/0x750 [ 2756.866176] ? lock_is_held_type+0xd7/0x130 [ 2756.866649] ? down_write_killable+0x170/0x170 [ 2756.867158] ext4_map_blocks+0x652/0x1970 [ 2756.867631] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2756.868119] ? lock_is_held_type+0xd7/0x130 [ 2756.868599] ext4_getblk+0x144/0x6b0 [ 2756.869007] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 2756.869565] ext4_bread+0x2a/0x1c0 [ 2756.869954] ext4_append+0x155/0x380 [ 2756.870361] ext4_init_new_dir+0x25e/0x4d0 [ 2756.870819] ? ext4_init_dot_dotdot+0x590/0x590 [ 2756.871327] ? ext4_mkdir+0x6c3/0xb20 [ 2756.871751] ext4_mkdir+0x3cf/0xb20 [ 2756.872154] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2756.872638] ? inode_permission.part.0+0xb5/0x670 [ 2756.873159] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2756.873759] vfs_mkdir+0x1d0/0x3c0 [ 2756.874146] do_mkdirat+0x17b/0x2e0 [ 2756.874545] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2756.875138] ? do_file_open_root+0x590/0x590 [ 2756.875642] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2756.876244] ? getname_flags.part.0+0x1dd/0x4f0 [ 2756.876750] __x64_sys_mkdir+0xf2/0x140 [ 2756.877181] do_syscall_64+0x3b/0x90 [ 2756.877584] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2756.878140] RIP: 0033:0x7fc14228cc27 [ 2756.878540] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2756.880523] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2756.881332] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2756.882086] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2756.882852] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2756.883629] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2756.884385] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2756.885158] 19:32:18 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x200000000000000) 19:32:18 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xa7, 0x0) 19:32:18 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b", 0x55, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2756.950181] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2756.953162] EXT4-fs (loop3): get root inode failed [ 2756.954227] EXT4-fs (loop3): mount failed [ 2756.993147] loop2: detected capacity change from 0 to 512 [ 2757.000379] loop5: detected capacity change from 0 to 512 [ 2757.024019] loop6: detected capacity change from 0 to 512 [ 2757.032689] EXT4-fs (loop6): unsupported inode size: 0 [ 2757.034107] EXT4-fs (loop6): blocksize: 2048 [ 2757.061162] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2757.101339] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:32:18 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 62) 19:32:18 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b000000", 0x58, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:18 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x300000000000000) [ 2757.311005] loop3: detected capacity change from 0 to 512 [ 2757.322463] loop2: detected capacity change from 0 to 512 [ 2757.328120] FAULT_INJECTION: forcing a failure. [ 2757.328120] name failslab, interval 1, probability 0, space 0, times 0 [ 2757.330490] CPU: 1 PID: 14226 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2757.332242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2757.334494] Call Trace: [ 2757.335012] [ 2757.335474] dump_stack_lvl+0x8b/0xb3 [ 2757.336250] should_fail.cold+0x5/0xa [ 2757.337023] ? create_object.isra.0+0x3a/0xa20 [ 2757.337953] should_failslab+0x5/0x10 [ 2757.338050] loop6: detected capacity change from 0 to 512 [ 2757.338729] kmem_cache_alloc+0x5b/0x480 [ 2757.340686] create_object.isra.0+0x3a/0xa20 [ 2757.341586] ? kasan_unpoison+0x23/0x50 [ 2757.342394] kmem_cache_alloc+0x239/0x480 [ 2757.343249] ext4_mb_new_blocks+0x222c/0x4b60 [ 2757.344191] ? lock_is_held_type+0xd7/0x130 [ 2757.345094] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2757.346072] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2757.347185] ? ext4_cache_extents+0x68/0x2d0 [ 2757.348080] ? ext4_discard_preallocations+0xe60/0xe60 [ 2757.349135] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2757.350245] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2757.350971] EXT4-fs (loop6): unsupported inode size: 0 [ 2757.351378] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2757.351420] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2757.352496] EXT4-fs (loop6): blocksize: 2048 [ 2757.353535] ? ext4_inode_to_goal_block+0x320/0x430 [ 2757.353596] ext4_ext_map_blocks+0x1fb0/0x5cd0 [ 2757.357398] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2757.358455] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2757.359527] ? lock_is_held_type+0xd7/0x130 [ 2757.360428] ? ext4_ext_release+0x10/0x10 [ 2757.361271] ? lock_release+0x750/0x750 [ 2757.362087] ? lock_is_held_type+0xd7/0x130 [ 2757.362984] ? down_write_killable+0x170/0x170 [ 2757.363952] ext4_map_blocks+0x652/0x1970 [ 2757.364798] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2757.365718] ? lock_is_held_type+0xd7/0x130 [ 2757.366600] ext4_getblk+0x144/0x6b0 [ 2757.367382] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 2757.368416] ext4_bread+0x2a/0x1c0 [ 2757.369148] ext4_append+0x155/0x380 [ 2757.369907] ext4_init_new_dir+0x25e/0x4d0 [ 2757.370768] ? ext4_init_dot_dotdot+0x590/0x590 [ 2757.371736] ? ext4_mkdir+0x6c3/0xb20 [ 2757.372521] ext4_mkdir+0x3cf/0xb20 [ 2757.373272] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2757.374157] ? inode_permission.part.0+0xb5/0x670 [ 2757.375143] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2757.376280] vfs_mkdir+0x1d0/0x3c0 [ 2757.377016] do_mkdirat+0x17b/0x2e0 [ 2757.377763] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2757.378878] ? do_file_open_root+0x590/0x590 [ 2757.379801] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2757.380920] ? getname_flags.part.0+0x1dd/0x4f0 [ 2757.381872] __x64_sys_mkdir+0xf2/0x140 [ 2757.382685] do_syscall_64+0x3b/0x90 [ 2757.383459] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2757.384512] RIP: 0033:0x7fc14228cc27 [ 2757.385256] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2757.388894] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2757.390399] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2757.391819] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2757.393227] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2757.394628] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2757.396057] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2757.397494] [ 2757.429717] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2757.493770] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2757.506632] EXT4-fs (loop3): get root inode failed [ 2757.507710] EXT4-fs (loop3): mount failed 19:32:32 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 63) 19:32:32 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xa8, 0x0) [ 2771.176860] loop3: detected capacity change from 0 to 512 [ 2771.177820] FAULT_INJECTION: forcing a failure. [ 2771.177820] name failslab, interval 1, probability 0, space 0, times 0 [ 2771.179074] CPU: 1 PID: 14242 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2771.179936] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2771.181128] Call Trace: [ 2771.181396] [ 2771.181629] dump_stack_lvl+0x8b/0xb3 [ 2771.182045] should_fail.cold+0x5/0xa [ 2771.182455] ? ext4_mb_new_blocks+0x222c/0x4b60 [ 2771.182954] should_failslab+0x5/0x10 [ 2771.183376] kmem_cache_alloc+0x5b/0x480 [ 2771.183834] ext4_mb_new_blocks+0x222c/0x4b60 [ 2771.184321] ? lock_is_held_type+0xd7/0x130 [ 2771.184809] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2771.185326] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2771.185910] ? ext4_cache_extents+0x68/0x2d0 [ 2771.186372] ? ext4_discard_preallocations+0xe60/0xe60 [ 2771.186917] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2771.187494] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2771.188082] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2771.188659] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2771.189233] ? ext4_inode_to_goal_block+0x320/0x430 [ 2771.189771] ext4_ext_map_blocks+0x1fb0/0x5cd0 [ 2771.190268] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2771.190818] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2771.191378] ? lock_is_held_type+0xd7/0x130 [ 2771.191843] ? ext4_ext_release+0x10/0x10 [ 2771.192285] ? lock_release+0x750/0x750 [ 2771.192703] ? lock_is_held_type+0xd7/0x130 [ 2771.193172] ? down_write_killable+0x170/0x170 [ 2771.193658] ext4_map_blocks+0x652/0x1970 [ 2771.194099] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2771.194581] ? lock_is_held_type+0xd7/0x130 [ 2771.195043] ext4_getblk+0x144/0x6b0 [ 2771.195437] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 2771.195990] ext4_bread+0x2a/0x1c0 [ 2771.196378] ext4_append+0x155/0x380 [ 2771.196777] ext4_init_new_dir+0x25e/0x4d0 [ 2771.197221] ? ext4_init_dot_dotdot+0x590/0x590 [ 2771.197714] ? ext4_mkdir+0x6c3/0xb20 [ 2771.198122] ext4_mkdir+0x3cf/0xb20 [ 2771.198514] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2771.198973] ? inode_permission.part.0+0xb5/0x670 [ 2771.199476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2771.200064] vfs_mkdir+0x1d0/0x3c0 [ 2771.200458] do_mkdirat+0x17b/0x2e0 [ 2771.200841] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2771.201424] ? do_file_open_root+0x590/0x590 [ 2771.201891] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2771.202471] ? getname_flags.part.0+0x1dd/0x4f0 [ 2771.202956] __x64_sys_mkdir+0xf2/0x140 [ 2771.203378] do_syscall_64+0x3b/0x90 [ 2771.203781] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2771.204327] RIP: 0033:0x7fc14228cc27 [ 2771.204710] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2771.206594] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2771.207379] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2771.208130] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2771.208861] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2771.209593] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2771.210329] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2771.211080] [ 2771.215897] loop1: detected capacity change from 0 to 512 19:32:32 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x400000000000000) 19:32:32 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:32 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b000000", 0x58, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:32 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xff0f) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:32:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="070000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2771.227665] loop2: detected capacity change from 0 to 512 [ 2771.231685] loop5: detected capacity change from 0 to 512 [ 2771.233138] loop6: detected capacity change from 0 to 512 [ 2771.240656] loop4: detected capacity change from 0 to 512 19:32:32 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0xf6ffffff, 0x0) [ 2771.249881] EXT4-fs (loop6): unsupported inode size: 0 [ 2771.250991] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2771.252283] EXT4-fs (loop6): blocksize: 2048 [ 2771.277240] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2771.281095] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2771.285590] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:32:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="080000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:32 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x80000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:32:32 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x3f00) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:32:32 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 64) [ 2771.385564] loop3: detected capacity change from 0 to 512 [ 2771.388942] FAULT_INJECTION: forcing a failure. [ 2771.388942] name failslab, interval 1, probability 0, space 0, times 0 [ 2771.390320] CPU: 1 PID: 14267 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2771.391253] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2771.392530] Call Trace: [ 2771.392814] [ 2771.393066] dump_stack_lvl+0x8b/0xb3 [ 2771.393511] should_fail.cold+0x5/0xa [ 2771.393947] ? create_object.isra.0+0x3a/0xa20 [ 2771.394475] should_failslab+0x5/0x10 [ 2771.394921] kmem_cache_alloc+0x5b/0x480 [ 2771.395385] create_object.isra.0+0x3a/0xa20 [ 2771.395863] ? kasan_unpoison+0x23/0x50 [ 2771.396319] kmem_cache_alloc+0x239/0x480 [ 2771.396797] jbd2_journal_add_journal_head+0x1cb/0x5c0 [ 2771.397387] jbd2_journal_get_create_access+0x40/0x560 [ 2771.397971] __ext4_journal_get_create_access+0x50/0x1f0 [ 2771.398570] ext4_getblk+0x33c/0x6b0 [ 2771.398985] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 2771.399562] ext4_bread+0x2a/0x1c0 [ 2771.399968] ext4_append+0x155/0x380 [ 2771.400398] ext4_init_new_dir+0x25e/0x4d0 [ 2771.400852] ? ext4_init_dot_dotdot+0x590/0x590 [ 2771.401378] ? ext4_mkdir+0x6c3/0xb20 [ 2771.401818] ext4_mkdir+0x3cf/0xb20 [ 2771.402236] ? ext4_init_new_dir+0x4d0/0x4d0 [ 2771.402739] ? inode_permission.part.0+0xb5/0x670 [ 2771.403257] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2771.403900] vfs_mkdir+0x1d0/0x3c0 [ 2771.404299] do_mkdirat+0x17b/0x2e0 [ 2771.404708] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2771.405315] ? do_file_open_root+0x590/0x590 [ 2771.405814] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2771.406442] ? getname_flags.part.0+0x1dd/0x4f0 [ 2771.406970] __x64_sys_mkdir+0xf2/0x140 [ 2771.407422] do_syscall_64+0x3b/0x90 [ 2771.407832] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2771.408414] RIP: 0033:0x7fc14228cc27 [ 2771.408819] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2771.410849] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 2771.411712] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228cc27 [ 2771.412498] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 2771.413273] RBP: 00007fc13f803040 R08: 0000000000000000 R09: ffffffffffffffff [ 2771.414071] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 2771.414866] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2771.415685] 19:32:32 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b000000", 0x58, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2771.424330] loop1: detected capacity change from 0 to 512 [ 2771.430118] loop4: detected capacity change from 0 to 512 19:32:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="090000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:32 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x1800000000000000) [ 2771.451661] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2771.460444] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2771.465929] loop6: detected capacity change from 0 to 512 [ 2771.497395] loop2: detected capacity change from 0 to 512 [ 2771.498515] EXT4-fs (loop6): unsupported inode size: 0 [ 2771.499435] EXT4-fs (loop6): blocksize: 2048 [ 2771.536890] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2771.538512] EXT4-fs (loop3): get root inode failed [ 2771.539087] EXT4-fs (loop3): mount failed [ 2771.546775] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:32:45 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 65) 19:32:45 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x200000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:32:45 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xed41000000000000) 19:32:45 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b00000000", 0x59, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="300000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:45 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xa9, 0x0) 19:32:45 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x7e, 0x0) 19:32:45 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="060080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2783.967196] loop4: detected capacity change from 0 to 512 [ 2783.982022] loop6: detected capacity change from 0 to 512 [ 2783.990515] loop5: detected capacity change from 0 to 512 [ 2783.990615] loop1: detected capacity change from 0 to 512 [ 2783.993673] loop3: detected capacity change from 0 to 512 [ 2783.994784] FAULT_INJECTION: forcing a failure. [ 2783.994784] name failslab, interval 1, probability 0, space 0, times 0 [ 2783.996090] CPU: 1 PID: 14308 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2783.996984] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2783.998184] Call Trace: [ 2783.998458] [ 2783.998692] dump_stack_lvl+0x8b/0xb3 [ 2783.999112] should_fail.cold+0x5/0xa [ 2783.999528] should_failslab+0x5/0x10 [ 2783.999953] __kmalloc_track_caller+0x79/0x430 [ 2784.000448] ? strndup_user+0x70/0xe0 [ 2784.000870] memdup_user+0x22/0xd0 [ 2784.001261] strndup_user+0x70/0xe0 [ 2784.001654] __x64_sys_mount+0x133/0x300 [ 2784.002105] ? path_mount+0x1f80/0x1f80 [ 2784.002540] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2784.003107] do_syscall_64+0x3b/0x90 [ 2784.003521] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2784.004115] RIP: 0033:0x7fc14228f04a [ 2784.004518] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2784.006510] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2784.007339] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2784.008119] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2784.008887] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2784.009656] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2784.010425] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2784.011211] [ 2784.012398] loop2: detected capacity change from 0 to 512 [ 2784.017659] EXT4-fs (loop6): unsupported inode size: 0 [ 2784.018767] EXT4-fs (loop6): blocksize: 2048 [ 2784.024134] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2784.026035] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:32:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000007f00000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2784.034371] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:32:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200200008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2784.078396] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:32:45 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b00000000", 0x59, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2784.116862] loop6: detected capacity change from 0 to 512 19:32:45 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 66) [ 2784.149512] EXT4-fs (loop6): unsupported inode size: 0 [ 2784.150651] EXT4-fs (loop6): blocksize: 2048 19:32:45 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xf6ffffff00000000) 19:32:45 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="070080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:45 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xc9ffff) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2784.236643] loop1: detected capacity change from 0 to 512 [ 2784.251566] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:32:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200300008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:45 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="080080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2784.298462] loop3: detected capacity change from 0 to 512 [ 2784.300026] FAULT_INJECTION: forcing a failure. [ 2784.300026] name failslab, interval 1, probability 0, space 0, times 0 [ 2784.301231] CPU: 1 PID: 14335 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2784.302109] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2784.303285] Call Trace: [ 2784.303554] [ 2784.303807] dump_stack_lvl+0x8b/0xb3 [ 2784.304226] should_fail.cold+0x5/0xa [ 2784.304635] should_failslab+0x5/0x10 [ 2784.305060] __kmalloc_track_caller+0x79/0x430 [ 2784.305551] ? strndup_user+0x70/0xe0 [ 2784.305964] memdup_user+0x22/0xd0 [ 2784.306341] strndup_user+0x70/0xe0 [ 2784.306733] __x64_sys_mount+0x133/0x300 [ 2784.307169] ? path_mount+0x1f80/0x1f80 [ 2784.307592] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2784.308151] do_syscall_64+0x3b/0x90 [ 2784.308572] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2784.309135] RIP: 0033:0x7fc14228f04a [ 2784.309535] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2784.311533] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2784.312361] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2784.313127] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2784.313888] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2784.314654] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2784.315429] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2784.316229] [ 2784.319766] loop2: detected capacity change from 0 to 512 19:32:45 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b00000000", 0x59, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2784.350846] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:32:45 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="090080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:32:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200400008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2784.378788] loop6: detected capacity change from 0 to 512 19:32:45 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="300080008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2784.400393] EXT4-fs (loop6): unsupported inode size: 0 [ 2784.401564] EXT4-fs (loop6): blocksize: 2048 19:32:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200500008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:00 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x200000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:33:00 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xaa, 0x0) 19:33:00 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x1000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:33:00 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:00 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 67) 19:33:00 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200600008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2799.442700] loop6: detected capacity change from 0 to 512 19:33:00 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="20007f008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:00 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xff00000000000000) [ 2799.446681] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 2799.456355] loop3: detected capacity change from 0 to 512 [ 2799.457666] FAULT_INJECTION: forcing a failure. [ 2799.457666] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2799.458900] CPU: 0 PID: 14361 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2799.459780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2799.460998] Call Trace: [ 2799.461270] [ 2799.461504] dump_stack_lvl+0x8b/0xb3 [ 2799.461911] should_fail.cold+0x5/0xa [ 2799.462324] _copy_from_user+0x2a/0x170 [ 2799.462752] memdup_user+0x65/0xd0 [ 2799.463140] strndup_user+0x70/0xe0 [ 2799.463531] __x64_sys_mount+0x133/0x300 [ 2799.463970] ? path_mount+0x1f80/0x1f80 [ 2799.464395] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2799.464950] do_syscall_64+0x3b/0x90 [ 2799.465349] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2799.465924] RIP: 0033:0x7fc14228f04a [ 2799.466335] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2799.468350] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2799.469177] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2799.469960] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2799.470736] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2799.471518] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2799.472305] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2799.473093] [ 2799.476470] loop2: detected capacity change from 0 to 512 [ 2799.486724] loop1: detected capacity change from 0 to 512 [ 2799.498449] loop4: detected capacity change from 0 to 512 [ 2799.500922] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2799.505126] loop5: detected capacity change from 0 to 512 [ 2799.506471] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:33:00 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2799.546889] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2799.554058] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2799.563660] loop6: detected capacity change from 0 to 512 19:33:00 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 68) [ 2799.598954] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 19:33:00 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200700008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2799.621416] loop3: detected capacity change from 0 to 512 [ 2799.622591] FAULT_INJECTION: forcing a failure. [ 2799.622591] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2799.624207] CPU: 0 PID: 14385 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2799.625092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2799.626281] Call Trace: [ 2799.626549] [ 2799.626783] dump_stack_lvl+0x8b/0xb3 [ 2799.627194] should_fail.cold+0x5/0xa [ 2799.627598] _copy_from_user+0x2a/0x170 [ 2799.628042] memdup_user+0x65/0xd0 [ 2799.628429] strndup_user+0x70/0xe0 [ 2799.628825] __x64_sys_mount+0x133/0x300 [ 2799.629256] ? path_mount+0x1f80/0x1f80 [ 2799.629681] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2799.630237] do_syscall_64+0x3b/0x90 [ 2799.630638] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2799.631192] RIP: 0033:0x7fc14228f04a [ 2799.631585] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2799.633524] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2799.634324] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2799.635074] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2799.635812] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2799.636579] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2799.637328] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2799.638101] 19:33:12 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200280008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:12 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200800008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:12 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0xfffffffffffff000) 19:33:12 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 69) 19:33:12 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:12 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xab, 0x0) 19:33:12 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x2000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:33:12 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xff0f, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2811.409155] loop1: detected capacity change from 0 to 512 [ 2811.421814] loop4: detected capacity change from 0 to 512 [ 2811.425970] loop2: detected capacity change from 0 to 512 [ 2811.438237] loop6: detected capacity change from 0 to 512 [ 2811.439824] loop3: detected capacity change from 0 to 512 [ 2811.440862] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 2811.443079] loop5: detected capacity change from 0 to 512 [ 2811.447464] FAULT_INJECTION: forcing a failure. [ 2811.447464] name failslab, interval 1, probability 0, space 0, times 0 [ 2811.449780] CPU: 1 PID: 14410 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2811.451445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2811.453764] Call Trace: [ 2811.454309] [ 2811.454758] dump_stack_lvl+0x8b/0xb3 [ 2811.455563] should_fail.cold+0x5/0xa [ 2811.456369] should_failslab+0x5/0x10 [ 2811.457185] __kmalloc_track_caller+0x79/0x430 [ 2811.457864] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2811.458152] ? strndup_user+0x70/0xe0 [ 2811.459755] memdup_user+0x22/0xd0 [ 2811.460511] strndup_user+0x70/0xe0 [ 2811.461284] __x64_sys_mount+0x17c/0x300 [ 2811.462113] ? path_mount+0x1f80/0x1f80 [ 2811.462928] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2811.463991] do_syscall_64+0x3b/0x90 [ 2811.464788] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2811.465859] RIP: 0033:0x7fc14228f04a [ 2811.466178] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2811.466627] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2811.466655] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2811.472726] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2811.474172] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2811.475607] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2811.477044] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2811.478489] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2811.479942] [ 2811.493200] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:33:12 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200380008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2811.507815] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:33:12 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="201800008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:12 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000040)='./file0/file1\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x48002, 0x0) linkat(r2, &(0x7f0000000080)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00', 0x800) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f00000003c0)) getxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)=@random={'security.', '{\\[(\x00'}, &(0x7f0000000300)=""/130, 0x82) 19:33:12 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, 0x0) 19:33:12 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 70) [ 2811.614225] loop6: detected capacity change from 0 to 512 [ 2811.634768] loop2: detected capacity change from 0 to 512 [ 2811.662579] loop3: detected capacity change from 0 to 512 [ 2811.665798] FAULT_INJECTION: forcing a failure. [ 2811.665798] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2811.668140] CPU: 1 PID: 14427 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2811.669796] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2811.672024] Call Trace: [ 2811.672544] [ 2811.672985] dump_stack_lvl+0x8b/0xb3 [ 2811.673757] should_fail.cold+0x5/0xa [ 2811.674523] _copy_from_user+0x2a/0x170 [ 2811.675334] memdup_user+0x65/0xd0 [ 2811.676049] strndup_user+0x70/0xe0 [ 2811.676796] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2811.676807] __x64_sys_mount+0x17c/0x300 [ 2811.678493] ? path_mount+0x1f80/0x1f80 [ 2811.679291] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2811.680328] do_syscall_64+0x3b/0x90 [ 2811.681079] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2811.682112] RIP: 0033:0x7fc14228f04a [ 2811.682844] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2811.686501] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2811.688005] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2811.689429] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2811.690840] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2811.692265] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2811.693685] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2811.695117] 19:33:26 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="201c00008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:26 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, 0x0) 19:33:26 executing program 2: r0 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)) r2 = io_uring_setup(0x2c75, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1}) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000200)=[0xffffffffffffffff, r2, 0xffffffffffffffff], 0x3) syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="02edffff024e0a419a", 0x9, 0x802}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000000000)=ANY=[@ANYRES16=r1, @ANYRESDEC=0x0]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:33:26 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xac, 0x0) 19:33:26 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x4000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:33:26 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 71) 19:33:26 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0xff0f, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:33:26 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200480008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2825.488502] loop3: detected capacity change from 0 to 512 [ 2825.490140] FAULT_INJECTION: forcing a failure. [ 2825.490140] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2825.491408] CPU: 1 PID: 14440 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2825.492295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2825.493476] Call Trace: [ 2825.493750] [ 2825.493982] dump_stack_lvl+0x8b/0xb3 [ 2825.494396] should_fail.cold+0x5/0xa [ 2825.494802] _copy_from_user+0x2a/0x170 [ 2825.495235] memdup_user+0x65/0xd0 [ 2825.495615] strndup_user+0x70/0xe0 [ 2825.496001] __x64_sys_mount+0x133/0x300 [ 2825.496448] ? path_mount+0x1f80/0x1f80 [ 2825.496864] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2825.497402] do_syscall_64+0x3b/0x90 [ 2825.497796] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2825.498355] RIP: 0033:0x7fc14228f04a [ 2825.498770] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2825.500803] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2825.501642] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2825.502464] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2825.503251] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2825.504042] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2825.504853] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2825.505643] [ 2825.509186] loop2: detected capacity change from 0 to 512 [ 2825.511010] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 2825.512225] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 not in group (block 3976331264)! [ 2825.513391] EXT4-fs (loop2): group descriptors corrupted! [ 2825.518194] loop4: detected capacity change from 0 to 512 [ 2825.539903] loop5: detected capacity change from 0 to 512 [ 2825.548575] loop6: detected capacity change from 0 to 512 [ 2825.553187] loop1: detected capacity change from 0 to 512 [ 2825.556578] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2825.578872] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2825.584711] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:33:26 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 72) 19:33:26 executing program 2: perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x6, 0x45, 0xff, 0x89, 0x0, 0x7, 0x4200, 0x8, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0x3ff, 0x4}, 0x40, 0x1f, 0x6, 0x5, 0x5, 0x10001, 0x2, 0x0, 0xc3, 0x0, 0x4}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) r2 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x48002, 0x0) linkat(r3, &(0x7f0000000080)='./file0\x00', r2, &(0x7f0000000140)='./file0\x00', 0x800) getdents64(r2, 0x0, 0x0) getdents64(r2, &(0x7f00000005c0)=""/18, 0x12) setresuid(0x0, r1, 0x0) r4 = getpid() perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x0, 0xef, 0xff, 0xc9, 0x0, 0x8001, 0x41008, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x4, @perf_bp={&(0x7f00000001c0), 0x9}, 0x2010, 0x7, 0x401, 0x4, 0xffffffffffffffff, 0x1, 0x7ff, 0x0, 0x0, 0x0, 0xfffffffffffffff9}, r4, 0x8, 0xffffffffffffffff, 0x2) r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000580), 0xc0201, 0x0) perf_event_open$cgroup(&(0x7f00000004c0)={0x2, 0x80, 0x80, 0x4, 0x9, 0x1f, 0x0, 0x7, 0x7e0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1000, 0x2, @perf_bp={&(0x7f0000000480), 0x2}, 0x40040, 0x1ff, 0x5, 0x7, 0x6424, 0x4, 0x7f, 0x0, 0x2, 0x0, 0x2}, 0xffffffffffffffff, 0x10, r5, 0x8) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080), 0x30410, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',access=user,msize=0x0000000000000020,context=staff_u,fsmagic=0x0000000000000005,appraise_type=imasig,dont_hash,smackfsfloor=:,o=ext4\x00,smackfsdef=ext4\x00,dont_appraise,smackfshat=[]%^/,hash,\x00\x00\x00\x00\x00\x00\x00\x00']) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:33:26 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="203a00008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:26 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, 0x0) [ 2825.635242] loop3: detected capacity change from 0 to 512 [ 2825.636518] FAULT_INJECTION: forcing a failure. [ 2825.636518] name failslab, interval 1, probability 0, space 0, times 0 [ 2825.637750] CPU: 1 PID: 14462 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2825.638626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2825.639805] Call Trace: [ 2825.640080] [ 2825.640331] dump_stack_lvl+0x8b/0xb3 [ 2825.640750] should_fail.cold+0x5/0xa [ 2825.641160] ? copy_mount_options+0x55/0x180 [ 2825.641630] should_failslab+0x5/0x10 [ 2825.642036] kmem_cache_alloc_trace+0x55/0x3c0 [ 2825.642530] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2825.643136] copy_mount_options+0x55/0x180 [ 2825.643585] __x64_sys_mount+0x1a8/0x300 [ 2825.644023] ? path_mount+0x1f80/0x1f80 [ 2825.644450] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2825.645041] do_syscall_64+0x3b/0x90 [ 2825.645478] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2825.646069] RIP: 0033:0x7fc14228f04a [ 2825.646475] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2825.648523] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2825.649356] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2825.650133] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2825.650907] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2825.651685] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2825.652481] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2825.653282] 19:33:26 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200580008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2825.656904] loop2: detected capacity change from 0 to 512 [ 2825.690800] loop6: detected capacity change from 0 to 512 [ 2825.775041] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:33:27 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 73) 19:33:27 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200680008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2825.835913] loop3: detected capacity change from 0 to 512 [ 2825.840100] FAULT_INJECTION: forcing a failure. [ 2825.840100] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2825.841455] CPU: 1 PID: 14476 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2825.842348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2825.843566] Call Trace: [ 2825.843842] [ 2825.844091] dump_stack_lvl+0x8b/0xb3 [ 2825.844526] should_fail.cold+0x5/0xa [ 2825.844944] _copy_from_user+0x2a/0x170 [ 2825.845391] copy_mount_options+0x76/0x180 [ 2825.845852] __x64_sys_mount+0x1a8/0x300 [ 2825.846298] ? path_mount+0x1f80/0x1f80 [ 2825.846732] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2825.847293] do_syscall_64+0x3b/0x90 [ 2825.847702] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2825.848255] RIP: 0033:0x7fc14228f04a [ 2825.848681] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2825.850627] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2825.851440] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2825.852198] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2825.852974] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2825.853736] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2825.854501] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2825.855282] [ 2825.877265] loop6: detected capacity change from 0 to 512 19:33:27 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:27 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="206500008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2825.882336] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2825.890698] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2825.892412] EXT4-fs (loop6): get root inode failed [ 2825.892946] EXT4-fs (loop6): mount failed [ 2825.948489] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2825.950495] EXT4-fs (loop3): get root inode failed [ 2825.951183] EXT4-fs (loop3): mount failed 19:33:41 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x80000, 0x0) 19:33:41 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200780008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:41 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xad, 0x0) 19:33:41 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x3f000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:33:41 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="20fe00008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:41 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x77, 0x0) 19:33:41 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 74) 19:33:41 executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)='\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f0000000400)={{0x1, 0x1, 0x18, r0, {0x8}}, './file0/../file0\x00'}) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r5, 0x0) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) r7 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) accept(r7, &(0x7f0000000140)=@nfc_llcp, &(0x7f00000001c0)=0x80) setresuid(0x0, r6, 0x0) rmdir(&(0x7f0000000040)='./file0\x00') umount2(&(0x7f0000000080)='./file0\x00', 0x2) write$P9_RSTATu(r4, &(0x7f0000000440)={0x5d, 0x7d, 0x2, {{0x0, 0x40, 0x8, 0x2, {0x4, 0x0, 0x8}, 0x8000000, 0x9, 0x72, 0x8000, 0x5, 'ext4\x00', 0x5, 'ext4\x00', 0x3, '\x90:!'}, 0x8, '+/$]*\x87$\\', r5, r2, r6}}, 0x5d) [ 2840.075212] loop5: detected capacity change from 0 to 512 [ 2840.085706] loop3: detected capacity change from 0 to 512 [ 2840.088099] FAULT_INJECTION: forcing a failure. [ 2840.088099] name failslab, interval 1, probability 0, space 0, times 0 [ 2840.089876] CPU: 0 PID: 14503 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2840.091161] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2840.092946] Call Trace: [ 2840.093262] [ 2840.093502] dump_stack_lvl+0x8b/0xb3 [ 2840.093923] should_fail.cold+0x5/0xa [ 2840.093960] loop2: detected capacity change from 0 to 512 [ 2840.094339] ? getname_flags.part.0+0x50/0x4f0 [ 2840.094362] should_failslab+0x5/0x10 [ 2840.096444] kmem_cache_alloc+0x5b/0x480 [ 2840.096895] ? asm_exc_page_fault+0x1e/0x30 [ 2840.097372] getname_flags.part.0+0x50/0x4f0 [ 2840.097837] getname_flags+0x9a/0xe0 [ 2840.098247] user_path_at_empty+0x2b/0x60 [ 2840.098703] __x64_sys_mount+0x1e9/0x300 [ 2840.099138] ? path_mount+0x1f80/0x1f80 [ 2840.099581] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2840.099578] loop6: detected capacity change from 0 to 512 [ 2840.100140] do_syscall_64+0x3b/0x90 [ 2840.101731] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2840.102307] RIP: 0033:0x7fc14228f04a [ 2840.102701] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2840.104684] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2840.105504] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2840.105788] loop4: detected capacity change from 0 to 512 [ 2840.106266] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2840.106277] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2840.106286] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2840.106294] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2840.106316] [ 2840.115017] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2840.116109] EXT4-fs (loop2): group descriptors corrupted! 19:33:41 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200003008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2840.130830] loop1: detected capacity change from 0 to 512 [ 2840.172879] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2840.189195] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 2840.191917] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2840.248878] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:33:41 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xae, 0x0) 19:33:41 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="208004008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:41 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200880008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:41 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 75) 19:33:41 executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[@ANYBLOB="b4"]) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x48002, 0x0) linkat(r2, &(0x7f0000000080)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00', 0x800) fsconfig$FSCONFIG_SET_PATH(r2, 0x3, &(0x7f0000000040)='/-\\\x00', &(0x7f0000000080)='./file0\x00', r0) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:33:41 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300), 0x0, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:41 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200005008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:41 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {0x0, 0x0, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2840.371461] loop4: detected capacity change from 0 to 512 [ 2840.376467] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2840.379798] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2840.380860] EXT4-fs (loop4): group descriptors corrupted! [ 2840.402624] loop3: detected capacity change from 0 to 512 [ 2840.403823] FAULT_INJECTION: forcing a failure. [ 2840.403823] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2840.405185] CPU: 0 PID: 14533 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2840.406114] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2840.407331] Call Trace: [ 2840.407630] [ 2840.407863] dump_stack_lvl+0x8b/0xb3 [ 2840.408291] should_fail.cold+0x5/0xa [ 2840.408722] _copy_from_user+0x2a/0x170 [ 2840.409164] copy_mount_options+0x76/0x180 [ 2840.409624] __x64_sys_mount+0x1a8/0x300 [ 2840.410056] ? path_mount+0x1f80/0x1f80 [ 2840.410497] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2840.411043] do_syscall_64+0x3b/0x90 [ 2840.411456] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2840.412007] RIP: 0033:0x7fc14228f04a [ 2840.412414] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2840.414398] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2840.415249] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2840.416015] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2840.416826] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2840.417641] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2840.418430] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2840.419249] 19:33:41 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200006008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2840.441063] loop5: detected capacity change from 0 to 512 19:33:41 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="201880008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2840.485025] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2840.485066] loop2: detected capacity change from 0 to 512 [ 2840.486731] EXT4-fs (loop3): get root inode failed [ 2840.488229] EXT4-fs (loop3): mount failed [ 2840.502180] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2840.509110] loop6: detected capacity change from 0 to 512 [ 2840.512443] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2840.513949] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2840.514989] EXT4-fs (loop6): group descriptors corrupted! [ 2840.544944] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:33:59 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200007008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:59 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x8cffffff) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:33:59 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="201c80008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:59 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xaf, 0x0) 19:33:59 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x1800, 0x0) 19:33:59 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 76) 19:33:59 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x75, 0x0) 19:33:59 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) 19:33:59 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="203a80008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2857.828154] loop6: detected capacity change from 0 to 512 [ 2857.831924] loop4: detected capacity change from 0 to 512 [ 2857.834990] loop2: detected capacity change from 0 to 512 [ 2857.837870] loop3: detected capacity change from 0 to 512 [ 2857.841386] loop1: detected capacity change from 0 to 512 [ 2857.844911] loop5: detected capacity change from 0 to 512 [ 2857.846821] FAULT_INJECTION: forcing a failure. [ 2857.846821] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2857.848026] CPU: 1 PID: 14564 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2857.848844] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2857.849944] Call Trace: [ 2857.850197] [ 2857.850419] dump_stack_lvl+0x8b/0xb3 [ 2857.850812] should_fail.cold+0x5/0xa [ 2857.851194] strncpy_from_user+0x34/0x3d0 [ 2857.851615] getname_flags.part.0+0x95/0x4f0 [ 2857.852058] getname_flags+0x9a/0xe0 [ 2857.852438] user_path_at_empty+0x2b/0x60 [ 2857.852860] __x64_sys_mount+0x1e9/0x300 [ 2857.853266] ? path_mount+0x1f80/0x1f80 [ 2857.853670] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2857.854178] do_syscall_64+0x3b/0x90 [ 2857.854556] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2857.855064] RIP: 0033:0x7fc14228f04a [ 2857.855434] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2857.857215] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2857.857952] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2857.858666] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2857.859380] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2857.860092] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2857.860799] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2857.861520] [ 2857.873259] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2857.879062] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 2857.884481] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2857.888678] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:33:59 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200018008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2857.963011] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:33:59 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="206580008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:59 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x8, 0x0) [ 2858.018131] loop4: detected capacity change from 0 to 512 [ 2858.022982] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:33:59 executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) r2 = open_tree(r0, &(0x7f0000000040)='./file0\x00', 0x1) r3 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000200)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x3) ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) setresuid(0x0, r1, 0x0) r5 = syz_open_dev$mouse(&(0x7f0000000180), 0x7, 0x208000) io_uring_register$IORING_REGISTER_FILES(r5, 0x2, &(0x7f00000001c0)=[r4, r3], 0x2) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:33:59 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xe4ffffff) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:33:59 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 77) [ 2858.069731] loop3: detected capacity change from 0 to 512 [ 2858.071126] FAULT_INJECTION: forcing a failure. [ 2858.071126] name failslab, interval 1, probability 0, space 0, times 0 [ 2858.072417] CPU: 1 PID: 14588 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2858.073478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2858.074919] Call Trace: [ 2858.075246] [ 2858.075531] dump_stack_lvl+0x8b/0xb3 [ 2858.076032] should_fail.cold+0x5/0xa [ 2858.076521] ? alloc_fs_context+0x58/0x9d0 [ 2858.077087] should_failslab+0x5/0x10 [ 2858.077580] kmem_cache_alloc_trace+0x55/0x3c0 [ 2858.078171] alloc_fs_context+0x58/0x9d0 [ 2858.078696] path_mount+0xa4d/0x1f80 [ 2858.079177] ? kasan_quarantine_put+0x87/0x1e0 [ 2858.079760] ? finish_automount+0xa20/0xa20 [ 2858.080310] ? kmem_cache_free+0xe0/0x420 [ 2858.080729] ? putname+0xfe/0x140 [ 2858.081196] __x64_sys_mount+0x27e/0x300 [ 2858.081718] ? path_mount+0x1f80/0x1f80 [ 2858.082227] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2858.082888] do_syscall_64+0x3b/0x90 [ 2858.083374] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2858.084040] RIP: 0033:0x7fc14228f04a [ 2858.084509] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2858.086841] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2858.087803] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2858.088700] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2858.089620] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2858.090518] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2858.091417] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2858.092328] [ 2858.145202] loop1: detected capacity change from 0 to 512 19:33:59 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2858.183132] loop6: detected capacity change from 0 to 512 [ 2858.186347] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem 19:33:59 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 1) 19:33:59 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 78) [ 2858.205042] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 2858.215429] loop2: detected capacity change from 0 to 512 [ 2858.219807] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:33:59 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="20001c008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:33:59 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 1) [ 2858.268994] FAULT_INJECTION: forcing a failure. [ 2858.268994] name failslab, interval 1, probability 0, space 0, times 0 [ 2858.271293] CPU: 0 PID: 14603 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2858.272933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2858.275149] Call Trace: [ 2858.275654] [ 2858.276095] dump_stack_lvl+0x8b/0xb3 [ 2858.276884] should_fail.cold+0x5/0xa [ 2858.277643] ? __do_sys_memfd_create+0xac/0x4e0 [ 2858.278570] should_failslab+0x5/0x10 [ 2858.279331] __kmalloc+0x72/0x440 [ 2858.280038] __do_sys_memfd_create+0xac/0x4e0 [ 2858.280947] do_syscall_64+0x3b/0x90 [ 2858.281699] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2858.282733] RIP: 0033:0x7f2939f01b19 [ 2858.283460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2858.287214] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2858.288809] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2939f01b19 [ 2858.290245] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f2939f5b0fb [ 2858.291698] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2858.293138] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2858.294542] R13: 0000000020000040 R14: 0000000000040000 R15: 0000000020012c00 [ 2858.295969] [ 2858.302688] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2858.306187] FAULT_INJECTION: forcing a failure. [ 2858.306187] name failslab, interval 1, probability 0, space 0, times 0 [ 2858.308430] CPU: 0 PID: 14606 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2858.310084] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2858.312317] Call Trace: [ 2858.312835] [ 2858.313277] dump_stack_lvl+0x8b/0xb3 [ 2858.314044] should_fail.cold+0x5/0xa [ 2858.314811] ? __do_sys_memfd_create+0xac/0x4e0 [ 2858.315749] should_failslab+0x5/0x10 [ 2858.316516] __kmalloc+0x72/0x440 [ 2858.317250] __do_sys_memfd_create+0xac/0x4e0 [ 2858.318156] do_syscall_64+0x3b/0x90 [ 2858.318905] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2858.319941] RIP: 0033:0x7f9ecc2ecb19 [ 2858.320679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2858.324318] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2858.325817] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9ecc2ecb19 [ 2858.327232] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f9ecc3460fb [ 2858.328647] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2858.330065] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2858.331476] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012c00 [ 2858.332914] [ 2858.338434] loop5: detected capacity change from 0 to 512 19:33:59 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xb0, 0x0) 19:33:59 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xf6ffffff) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2858.365208] loop3: detected capacity change from 0 to 512 [ 2858.366594] FAULT_INJECTION: forcing a failure. [ 2858.366594] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2858.367787] CPU: 1 PID: 14613 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2858.368616] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2858.369741] Call Trace: [ 2858.369999] [ 2858.370219] dump_stack_lvl+0x8b/0xb3 [ 2858.370620] should_fail.cold+0x5/0xa [ 2858.371012] strncpy_from_user+0x34/0x3d0 [ 2858.371438] getname_flags.part.0+0x95/0x4f0 [ 2858.371896] getname_flags+0x9a/0xe0 [ 2858.372281] user_path_at_empty+0x2b/0x60 [ 2858.372711] __x64_sys_mount+0x1e9/0x300 [ 2858.373140] ? path_mount+0x1f80/0x1f80 [ 2858.373545] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2858.373583] loop1: detected capacity change from 0 to 512 [ 2858.374059] do_syscall_64+0x3b/0x90 [ 2858.375536] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2858.376055] RIP: 0033:0x7fc14228f04a [ 2858.376421] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2858.378248] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2858.378985] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2858.379691] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2858.380405] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2858.381118] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2858.381812] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2858.382531] [ 2858.393091] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2858.424633] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:34:14 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 2) 19:34:14 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="20fe80008000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:34:14 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xb1, 0x0) 19:34:14 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xfbffffff) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:34:14 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 79) 19:34:14 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 2) 19:34:14 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:34:14 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200020008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2873.594331] loop5: detected capacity change from 0 to 512 19:34:14 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080007f00000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2873.604535] loop2: detected capacity change from 0 to 512 [ 2873.605197] loop3: detected capacity change from 0 to 512 [ 2873.613731] FAULT_INJECTION: forcing a failure. [ 2873.613731] name failslab, interval 1, probability 0, space 0, times 0 [ 2873.614954] CPU: 0 PID: 14634 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2873.615844] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2873.616342] FAULT_INJECTION: forcing a failure. [ 2873.616342] name failslab, interval 1, probability 0, space 0, times 0 [ 2873.617060] Call Trace: [ 2873.617067] [ 2873.617072] dump_stack_lvl+0x8b/0xb3 [ 2873.619948] should_fail.cold+0x5/0xa [ 2873.620360] ? ext4_init_fs_context+0x3d/0xd0 [ 2873.620840] should_failslab+0x5/0x10 [ 2873.621255] kmem_cache_alloc_trace+0x55/0x3c0 [ 2873.621745] ext4_init_fs_context+0x3d/0xd0 [ 2873.622205] ? ext4_apply_options+0xec0/0xec0 [ 2873.622678] alloc_fs_context+0x563/0x9d0 [ 2873.623125] path_mount+0xa4d/0x1f80 [ 2873.623525] ? kasan_quarantine_put+0x87/0x1e0 [ 2873.624009] ? finish_automount+0xa20/0xa20 [ 2873.624472] ? kmem_cache_free+0xe0/0x420 [ 2873.624910] ? putname+0xfe/0x140 [ 2873.625294] __x64_sys_mount+0x27e/0x300 [ 2873.625720] ? path_mount+0x1f80/0x1f80 [ 2873.626134] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2873.626669] do_syscall_64+0x3b/0x90 [ 2873.627070] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2873.627610] RIP: 0033:0x7fc14228f04a [ 2873.628001] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2873.629904] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2873.630689] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2873.631448] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2873.632203] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2873.632942] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2873.633679] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2873.634428] [ 2873.634670] CPU: 1 PID: 14638 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2873.635859] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2873.637485] Call Trace: [ 2873.637845] [ 2873.638152] dump_stack_lvl+0x8b/0xb3 [ 2873.638718] should_fail.cold+0x5/0xa [ 2873.639272] ? create_object.isra.0+0x3a/0xa20 [ 2873.639914] should_failslab+0x5/0x10 [ 2873.640486] kmem_cache_alloc+0x5b/0x480 [ 2873.641087] create_object.isra.0+0x3a/0xa20 [ 2873.641740] ? kasan_unpoison+0x23/0x50 [ 2873.642310] __kmalloc+0x25b/0x440 [ 2873.642817] __do_sys_memfd_create+0xac/0x4e0 [ 2873.643464] do_syscall_64+0x3b/0x90 [ 2873.643993] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2873.644739] RIP: 0033:0x7f2939f01b19 [ 2873.645300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2873.647881] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2873.648954] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2939f01b19 [ 2873.649980] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f2939f5b0fb [ 2873.650968] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2873.651969] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2873.652953] R13: 0000000020000040 R14: 0000000000040000 R15: 0000000020012c00 [ 2873.653971] [ 2873.656882] FAULT_INJECTION: forcing a failure. [ 2873.656882] name failslab, interval 1, probability 0, space 0, times 0 [ 2873.658519] CPU: 1 PID: 14637 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2873.659614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2873.661097] Call Trace: [ 2873.661443] [ 2873.661735] dump_stack_lvl+0x8b/0xb3 [ 2873.662255] should_fail.cold+0x5/0xa [ 2873.662757] ? create_object.isra.0+0x3a/0xa20 [ 2873.663363] should_failslab+0x5/0x10 [ 2873.663865] kmem_cache_alloc+0x5b/0x480 [ 2873.664419] create_object.isra.0+0x3a/0xa20 [ 2873.665002] ? kasan_unpoison+0x23/0x50 19:34:14 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="20003a008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2873.665569] __kmalloc+0x25b/0x440 [ 2873.666263] __do_sys_memfd_create+0xac/0x4e0 [ 2873.666872] do_syscall_64+0x3b/0x90 [ 2873.667409] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2873.668113] RIP: 0033:0x7f9ecc2ecb19 [ 2873.668619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2873.671100] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2873.672165] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9ecc2ecb19 [ 2873.673141] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f9ecc3460fb [ 2873.674122] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2873.675080] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2873.676045] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012c00 [ 2873.677051] [ 2873.686593] loop4: detected capacity change from 0 to 512 [ 2873.689137] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2873.689925] loop1: detected capacity change from 0 to 512 [ 2873.700196] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2873.704342] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2873.708474] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2873.714773] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2873.742196] loop6: detected capacity change from 0 to 512 [ 2873.747763] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2873.783882] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. 19:34:27 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 80) 19:34:27 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200065008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:34:27 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xfeffffff) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:34:27 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 3) [ 2885.881744] loop3: detected capacity change from 0 to 512 19:34:27 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080028000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:34:27 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xb2, 0x0) 19:34:27 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef00d9f4655f000000000000000001000000000000000b00000000020000000000", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)) listxattr(&(0x7f0000000340)='./file0/file0\x00', &(0x7f0000000380)=""/61, 0x3d) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x1) openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x16b082, 0x20, 0xc}, 0x18) [ 2885.897924] FAULT_INJECTION: forcing a failure. [ 2885.897924] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2885.899267] CPU: 0 PID: 14666 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2885.900153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2885.901367] Call Trace: [ 2885.901642] [ 2885.901882] dump_stack_lvl+0x8b/0xb3 [ 2885.902310] should_fail.cold+0x5/0xa [ 2885.902726] _copy_from_user+0x2a/0x170 [ 2885.903163] __do_sys_memfd_create+0xff/0x4e0 [ 2885.903667] do_syscall_64+0x3b/0x90 [ 2885.904070] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2885.904646] RIP: 0033:0x7f2939f01b19 [ 2885.905048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2885.906998] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2885.907807] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2939f01b19 [ 2885.908567] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f2939f5b0fb [ 2885.909346] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2885.910104] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2885.910855] R13: 0000000020000040 R14: 0000000000040000 R15: 0000000020012c00 [ 2885.911474] FAULT_INJECTION: forcing a failure. [ 2885.911474] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2885.911631] 19:34:27 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 3) [ 2885.914195] CPU: 1 PID: 14661 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2885.916035] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2885.918301] Call Trace: [ 2885.918811] [ 2885.919261] dump_stack_lvl+0x8b/0xb3 [ 2885.920052] should_fail.cold+0x5/0xa [ 2885.920837] strncpy_from_user+0x34/0x3d0 [ 2885.921701] getname_flags.part.0+0x95/0x4f0 [ 2885.922608] getname_flags+0x9a/0xe0 [ 2885.923375] user_path_at_empty+0x2b/0x60 [ 2885.924217] __x64_sys_mount+0x1e9/0x300 [ 2885.925043] ? path_mount+0x1f80/0x1f80 [ 2885.925867] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2885.926909] do_syscall_64+0x3b/0x90 [ 2885.927671] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2885.928714] RIP: 0033:0x7fc14228f04a 19:34:27 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080038000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2885.929467] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2885.933252] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2885.934764] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2885.936184] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2885.937609] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2885.939025] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2885.940440] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2885.941894] [ 2885.953676] loop5: detected capacity change from 0 to 512 [ 2885.959793] loop2: detected capacity change from 0 to 512 [ 2885.962381] FAULT_INJECTION: forcing a failure. [ 2885.962381] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2885.964206] CPU: 0 PID: 14672 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2885.965476] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2885.967167] Call Trace: [ 2885.967548] [ 2885.967877] dump_stack_lvl+0x8b/0xb3 [ 2885.968466] should_fail.cold+0x5/0xa [ 2885.969053] _copy_from_user+0x2a/0x170 [ 2885.969693] __do_sys_memfd_create+0xff/0x4e0 [ 2885.970426] do_syscall_64+0x3b/0x90 [ 2885.970539] loop1: detected capacity change from 0 to 512 [ 2885.971007] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2885.972881] RIP: 0033:0x7f9ecc2ecb19 [ 2885.973479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2885.976404] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2885.977608] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9ecc2ecb19 [ 2885.978729] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f9ecc3460fb [ 2885.979357] EXT4-fs (loop2): invalid first ino: 2 [ 2885.979860] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2885.979874] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2885.979885] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012c00 [ 2885.979917] [ 2886.004987] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:34:27 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 4) [ 2886.005094] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:34:27 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200480008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:34:27 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080048000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2886.099396] FAULT_INJECTION: forcing a failure. [ 2886.099396] name failslab, interval 1, probability 0, space 0, times 0 [ 2886.101137] CPU: 0 PID: 14684 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2886.102397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2886.104083] Call Trace: [ 2886.104466] [ 2886.104803] dump_stack_lvl+0x8b/0xb3 [ 2886.105404] should_fail.cold+0x5/0xa [ 2886.105987] should_failslab+0x5/0x10 [ 2886.106570] kmem_cache_alloc_lru+0x60/0x7c0 [ 2886.107250] ? shmem_alloc_inode+0x23/0x50 [ 2886.107892] ? lock_release+0x3b2/0x750 [ 2886.108507] shmem_alloc_inode+0x23/0x50 [ 2886.109148] ? shmem_destroy_inode+0x70/0x70 [ 2886.109866] alloc_inode+0x63/0x240 [ 2886.110445] new_inode+0x23/0x240 [ 2886.110998] shmem_get_inode+0x18b/0xcb0 [ 2886.111653] __shmem_file_setup+0xb8/0x310 [ 2886.112344] __do_sys_memfd_create+0x1c6/0x4e0 [ 2886.113090] do_syscall_64+0x3b/0x90 [ 2886.113707] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2886.114526] RIP: 0033:0x7f2939f01b19 [ 2886.115077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2886.117990] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2886.119190] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2939f01b19 [ 2886.120309] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f2939f5b0fb [ 2886.121432] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2886.122546] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2886.123676] R13: 0000000020000040 R14: 0000000000040000 R15: 0000000020012c00 [ 2886.124802] 19:34:27 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 81) 19:34:27 executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) r3 = signalfd(r0, &(0x7f0000000040)={[0x1]}, 0x8) lchown(&(0x7f00000004c0)='./file0\x00', r1, r2) write$P9_RREADDIR(r3, &(0x7f0000000140)={0xa6, 0x29, 0x2, {0xe32, [{{0x4, 0x0, 0x6}, 0x100, 0x7f, 0x7, './file0'}, {{0x1, 0x0, 0x6}, 0x2, 0x1f, 0x7, './file0'}, {{0x2, 0x0, 0x7}, 0x1, 0x9, 0x7, './file0'}, {{0x8, 0x2, 0x8}, 0x7, 0x3, 0x7, './file0'}, {{0x8, 0x1, 0x6}, 0x6, 0x2, 0x7, './file0'}]}}, 0xa6) getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@private2, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}}}, &(0x7f0000000080)=0xe8) lsetxattr$trusted_overlay_nlink(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440), &(0x7f0000000480)={'U-', 0x8}, 0x16, 0x1) setfsuid(r4) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) [ 2886.196541] loop3: detected capacity change from 0 to 512 [ 2886.203739] FAULT_INJECTION: forcing a failure. [ 2886.203739] name failslab, interval 1, probability 0, space 0, times 0 [ 2886.205474] CPU: 0 PID: 14690 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2886.206738] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2886.208436] Call Trace: [ 2886.208823] [ 2886.209168] dump_stack_lvl+0x8b/0xb3 [ 2886.209760] should_fail.cold+0x5/0xa [ 2886.210347] ? alloc_fs_context+0x58/0x9d0 [ 2886.210988] should_failslab+0x5/0x10 [ 2886.211571] kmem_cache_alloc_trace+0x55/0x3c0 [ 2886.212274] alloc_fs_context+0x58/0x9d0 [ 2886.212899] path_mount+0xa4d/0x1f80 [ 2886.213495] ? kasan_quarantine_put+0x87/0x1e0 [ 2886.214193] ? finish_automount+0xa20/0xa20 [ 2886.214845] ? kmem_cache_free+0xe0/0x420 [ 2886.215508] ? putname+0xfe/0x140 [ 2886.216043] __x64_sys_mount+0x27e/0x300 [ 2886.216681] ? path_mount+0x1f80/0x1f80 [ 2886.217331] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2886.218152] do_syscall_64+0x3b/0x90 [ 2886.218755] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2886.219579] RIP: 0033:0x7fc14228f04a [ 2886.220173] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2886.223087] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2886.224311] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2886.225473] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2886.226605] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2886.227727] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2886.228856] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2886.230048] [ 2886.232595] loop2: detected capacity change from 0 to 512 19:34:27 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 4) [ 2886.269787] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2886.305470] FAULT_INJECTION: forcing a failure. [ 2886.305470] name failslab, interval 1, probability 0, space 0, times 0 [ 2886.307217] CPU: 0 PID: 14696 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2886.308463] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2886.310166] Call Trace: [ 2886.310554] [ 2886.310889] dump_stack_lvl+0x8b/0xb3 [ 2886.311478] should_fail.cold+0x5/0xa [ 2886.312060] should_failslab+0x5/0x10 [ 2886.312654] kmem_cache_alloc_lru+0x60/0x7c0 [ 2886.313355] ? shmem_alloc_inode+0x23/0x50 [ 2886.313990] ? lock_release+0x3b2/0x750 [ 2886.314613] shmem_alloc_inode+0x23/0x50 [ 2886.315253] ? shmem_destroy_inode+0x70/0x70 [ 2886.315972] alloc_inode+0x63/0x240 [ 2886.316572] new_inode+0x23/0x240 [ 2886.317131] shmem_get_inode+0x18b/0xcb0 [ 2886.317807] __shmem_file_setup+0xb8/0x310 [ 2886.318479] __do_sys_memfd_create+0x1c6/0x4e0 [ 2886.319207] do_syscall_64+0x3b/0x90 [ 2886.319799] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2886.320590] RIP: 0033:0x7f9ecc2ecb19 [ 2886.321190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2886.324068] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2886.325277] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9ecc2ecb19 [ 2886.326383] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f9ecc3460fb [ 2886.327472] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2886.328625] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2886.329758] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012c00 [ 2886.330884] 19:34:39 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xb3, 0x0) 19:34:39 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="20fffe008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:34:39 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080058000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:34:39 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xff0f0000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:34:39 executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) futimesat(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)={{0x77359400}, {r2, r3/1000+10000}}) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:34:39 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 5) 19:34:39 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 82) [ 2898.630288] loop1: detected capacity change from 0 to 512 [ 2898.634425] loop3: detected capacity change from 0 to 512 [ 2898.635699] FAULT_INJECTION: forcing a failure. [ 2898.635699] name failslab, interval 1, probability 0, space 0, times 0 [ 2898.636883] CPU: 1 PID: 14707 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2898.637757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2898.638935] Call Trace: [ 2898.639209] [ 2898.639445] dump_stack_lvl+0x8b/0xb3 [ 2898.639858] should_fail.cold+0x5/0xa [ 2898.640271] ? create_object.isra.0+0x3a/0xa20 [ 2898.640765] should_failslab+0x5/0x10 [ 2898.641175] kmem_cache_alloc+0x5b/0x480 [ 2898.641637] create_object.isra.0+0x3a/0xa20 [ 2898.642114] ? kasan_unpoison+0x23/0x50 [ 2898.642540] kmem_cache_alloc_trace+0x22e/0x3c0 [ 2898.643054] ext4_init_fs_context+0x3d/0xd0 [ 2898.643519] ? ext4_apply_options+0xec0/0xec0 [ 2898.644001] alloc_fs_context+0x563/0x9d0 [ 2898.644458] path_mount+0xa4d/0x1f80 [ 2898.644862] ? kasan_quarantine_put+0x87/0x1e0 [ 2898.645359] ? finish_automount+0xa20/0xa20 [ 2898.645805] ? kmem_cache_free+0xe0/0x420 [ 2898.646247] ? putname+0xfe/0x140 [ 2898.646622] __x64_sys_mount+0x27e/0x300 [ 2898.647045] ? path_mount+0x1f80/0x1f80 [ 2898.647465] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2898.648004] do_syscall_64+0x3b/0x90 [ 2898.648406] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2898.648955] RIP: 0033:0x7fc14228f04a [ 2898.649344] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2898.651258] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2898.652045] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2898.652789] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2898.653527] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2898.654269] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2898.654999] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2898.655748] [ 2898.672793] FAULT_INJECTION: forcing a failure. [ 2898.672793] name failslab, interval 1, probability 0, space 0, times 0 [ 2898.674101] CPU: 1 PID: 14715 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2898.674962] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2898.676145] Call Trace: [ 2898.676423] [ 2898.676661] dump_stack_lvl+0x8b/0xb3 [ 2898.677066] should_fail.cold+0x5/0xa [ 2898.677492] ? create_object.isra.0+0x3a/0xa20 [ 2898.677967] should_failslab+0x5/0x10 [ 2898.678364] kmem_cache_alloc+0x5b/0x480 [ 2898.678796] create_object.isra.0+0x3a/0xa20 [ 2898.679257] ? kasan_unpoison+0x23/0x50 [ 2898.679693] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2898.680180] ? shmem_alloc_inode+0x23/0x50 [ 2898.680633] shmem_alloc_inode+0x23/0x50 [ 2898.681068] ? shmem_destroy_inode+0x70/0x70 [ 2898.681548] alloc_inode+0x63/0x240 [ 2898.681932] new_inode+0x23/0x240 [ 2898.682299] shmem_get_inode+0x18b/0xcb0 [ 2898.682728] __shmem_file_setup+0xb8/0x310 [ 2898.683175] __do_sys_memfd_create+0x1c6/0x4e0 [ 2898.683665] do_syscall_64+0x3b/0x90 [ 2898.684054] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2898.684608] RIP: 0033:0x7f9ecc2ecb19 [ 2898.685003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2898.686929] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2898.687719] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9ecc2ecb19 [ 2898.688459] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f9ecc3460fb [ 2898.689224] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2898.689974] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2898.690701] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012c00 [ 2898.691442] 19:34:39 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 5) 19:34:39 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="20feff008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2898.702359] loop2: detected capacity change from 0 to 512 [ 2898.706694] loop6: detected capacity change from 0 to 512 [ 2898.706966] FAULT_INJECTION: forcing a failure. [ 2898.706966] name failslab, interval 1, probability 0, space 0, times 0 [ 2898.709797] CPU: 0 PID: 14716 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2898.711608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2898.711784] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2898.714029] Call Trace: [ 2898.714038] [ 2898.714049] dump_stack_lvl+0x8b/0xb3 [ 2898.716611] should_fail.cold+0x5/0xa [ 2898.717438] ? create_object.isra.0+0x3a/0xa20 [ 2898.718411] should_failslab+0x5/0x10 [ 2898.719227] kmem_cache_alloc+0x5b/0x480 [ 2898.720112] create_object.isra.0+0x3a/0xa20 [ 2898.721056] ? kasan_unpoison+0x23/0x50 [ 2898.721928] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2898.722890] ? shmem_alloc_inode+0x23/0x50 [ 2898.723803] shmem_alloc_inode+0x23/0x50 [ 2898.724664] ? shmem_destroy_inode+0x70/0x70 [ 2898.725610] alloc_inode+0x63/0x240 [ 2898.726394] new_inode+0x23/0x240 [ 2898.727146] shmem_get_inode+0x18b/0xcb0 [ 2898.728025] __shmem_file_setup+0xb8/0x310 [ 2898.728937] __do_sys_memfd_create+0x1c6/0x4e0 [ 2898.729927] do_syscall_64+0x3b/0x90 [ 2898.730729] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2898.731835] RIP: 0033:0x7f2939f01b19 [ 2898.732617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2898.736507] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2898.738114] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2939f01b19 [ 2898.739617] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f2939f5b0fb [ 2898.741115] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2898.742637] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2898.744133] R13: 0000000020000040 R14: 0000000000040000 R15: 0000000020012c00 [ 2898.745668] [ 2898.747943] loop5: detected capacity change from 0 to 512 [ 2898.754420] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2898.755967] EXT4-fs (loop3): get root inode failed [ 2898.756526] EXT4-fs (loop3): mount failed [ 2898.782248] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:34:40 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200002008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2898.786602] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:34:40 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 83) [ 2898.816988] loop3: detected capacity change from 0 to 512 [ 2898.818787] FAULT_INJECTION: forcing a failure. [ 2898.818787] name failslab, interval 1, probability 0, space 0, times 0 [ 2898.820016] CPU: 1 PID: 14733 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2898.820887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2898.822080] Call Trace: [ 2898.822348] [ 2898.822596] dump_stack_lvl+0x8b/0xb3 [ 2898.823024] should_fail.cold+0x5/0xa [ 2898.823433] ? create_object.isra.0+0x3a/0xa20 [ 2898.823933] should_failslab+0x5/0x10 [ 2898.824350] kmem_cache_alloc+0x5b/0x480 [ 2898.824809] create_object.isra.0+0x3a/0xa20 [ 2898.825291] ? kasan_unpoison+0x23/0x50 [ 2898.825725] __kmalloc_track_caller+0x25e/0x430 [ 2898.826216] ? vfs_parse_fs_string+0xc0/0x150 [ 2898.826717] kmemdup_nul+0x2d/0xa0 [ 2898.827097] vfs_parse_fs_string+0xc0/0x150 [ 2898.827551] ? vfs_parse_fs_param+0x3c0/0x3c0 [ 2898.828019] ? __kasan_kmalloc+0x81/0xa0 [ 2898.828461] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2898.829040] ? alloc_fs_context+0x5ac/0x9d0 [ 2898.829528] path_mount+0x612/0x1f80 [ 2898.829920] ? kasan_quarantine_put+0x87/0x1e0 [ 2898.830407] ? finish_automount+0xa20/0xa20 [ 2898.830853] ? kmem_cache_free+0xe0/0x420 [ 2898.831301] ? putname+0xfe/0x140 [ 2898.831685] __x64_sys_mount+0x27e/0x300 [ 2898.832111] ? path_mount+0x1f80/0x1f80 [ 2898.832534] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2898.833067] do_syscall_64+0x3b/0x90 [ 2898.833475] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2898.834017] RIP: 0033:0x7fc14228f04a [ 2898.834423] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2898.836306] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2898.837089] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2898.837828] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2898.838594] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2898.839341] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2898.840103] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2898.840858] [ 2898.853622] loop4: detected capacity change from 0 to 512 [ 2898.858410] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 2898.858763] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2898.861457] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem 19:34:40 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080068000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2898.884672] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:34:40 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 6) 19:34:40 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xffffff8c) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:34:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 6) 19:34:40 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200003008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2898.966986] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2898.970648] EXT4-fs (loop3): get root inode failed [ 2898.971935] EXT4-fs (loop3): mount failed [ 2898.983208] loop1: detected capacity change from 0 to 512 [ 2898.992350] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2899.091647] FAULT_INJECTION: forcing a failure. [ 2899.091647] name failslab, interval 1, probability 0, space 0, times 0 [ 2899.093913] CPU: 0 PID: 14748 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2899.095553] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2899.097795] Call Trace: [ 2899.098302] [ 2899.098742] dump_stack_lvl+0x8b/0xb3 [ 2899.099514] should_fail.cold+0x5/0xa [ 2899.100274] ? security_inode_alloc+0x34/0x160 [ 2899.101184] should_failslab+0x5/0x10 [ 2899.101949] kmem_cache_alloc+0x5b/0x480 [ 2899.102770] security_inode_alloc+0x34/0x160 [ 2899.103641] inode_init_always+0x5d8/0xd20 [ 2899.104486] alloc_inode+0x84/0x240 [ 2899.105210] new_inode+0x23/0x240 [ 2899.105927] shmem_get_inode+0x18b/0xcb0 [ 2899.106743] __shmem_file_setup+0xb8/0x310 [ 2899.107587] __do_sys_memfd_create+0x1c6/0x4e0 [ 2899.108505] do_syscall_64+0x3b/0x90 [ 2899.109255] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2899.110290] RIP: 0033:0x7f2939f01b19 [ 2899.111016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2899.114615] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2899.116095] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2939f01b19 [ 2899.117507] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f2939f5b0fb [ 2899.118898] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2899.120286] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2899.121710] R13: 0000000020000040 R14: 0000000000040000 R15: 0000000020012c00 [ 2899.123198] [ 2899.142823] FAULT_INJECTION: forcing a failure. [ 2899.142823] name failslab, interval 1, probability 0, space 0, times 0 [ 2899.144094] CPU: 1 PID: 14750 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2899.144966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2899.146196] Call Trace: [ 2899.146467] [ 2899.146702] dump_stack_lvl+0x8b/0xb3 [ 2899.147125] should_fail.cold+0x5/0xa [ 2899.147533] ? security_inode_alloc+0x34/0x160 [ 2899.148034] should_failslab+0x5/0x10 [ 2899.148451] kmem_cache_alloc+0x5b/0x480 [ 2899.148890] security_inode_alloc+0x34/0x160 [ 2899.149373] inode_init_always+0x5d8/0xd20 [ 2899.149828] alloc_inode+0x84/0x240 [ 2899.150219] new_inode+0x23/0x240 [ 2899.150608] shmem_get_inode+0x18b/0xcb0 [ 2899.151056] __shmem_file_setup+0xb8/0x310 [ 2899.151517] __do_sys_memfd_create+0x1c6/0x4e0 [ 2899.152015] do_syscall_64+0x3b/0x90 [ 2899.152424] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2899.152976] RIP: 0033:0x7f9ecc2ecb19 [ 2899.153381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2899.155281] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2899.156095] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9ecc2ecb19 [ 2899.156845] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f9ecc3460fb [ 2899.157596] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2899.158348] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2899.159094] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012c00 [ 2899.159868] 19:34:52 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080078000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:34:52 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xffffffe4) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:34:52 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) mount(&(0x7f0000000040)=@sr0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='aio\x00', 0x1800, &(0x7f0000000180)='ext4\x00') stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x48002, 0x0) linkat(r2, &(0x7f0000000080)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00', 0x800) r3 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r4 = io_uring_setup(0x2c75, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1}) ioctl$MON_IOCH_MFLUSH(r2, 0x9208, 0x401) io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000200)=[0xffffffffffffffff, r4, 0xffffffffffffffff], 0x3) r5 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x48002, 0x0) linkat(r6, &(0x7f0000000080)='./file0\x00', r5, &(0x7f0000000140)='./file0\x00', 0x800) ioctl$MON_IOCG_STATS(r6, 0x80089203, &(0x7f0000001c80)) mount$9p_fd(0x0, &(0x7f0000001980)='./file0\x00', &(0x7f00000019c0), 0x40008, &(0x7f0000001a00)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_loose}, {@mmap}, {@access_any}, {@nodevmap}, {@posixacl}], [{@dont_measure}, {@permit_directio}, {@dont_appraise}, {@uid_lt={'uid<', r0}}, {@context={'context', 0x3d, 'user_u'}}, {@permit_directio}, {@obj_role={'obj_role', 0x3d, 'fsuuid'}}]}}) setresuid(0x0, r0, 0x0) mount$cgroup2(0x0, &(0x7f0000001900)='./file0\x00', &(0x7f0000001940), 0x18, &(0x7f0000001c00)={[{@subsystem='memory'}, {@subsystem='devices'}, {@memory_localevents}], [{@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@smackfstransmute}, {@audit}]}) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) syz_mount_image$nfs(&(0x7f0000000380), &(0x7f00000003c0)='./file0/file0\x00', 0x2f9d, 0x7, &(0x7f0000001840)=[{&(0x7f0000000400)="bca5b2a5457812521dff68aefdd85ac3d043aafbe04a931b8a08a63a9bb1316f8f06f88300691bba42656af4c75e68f7994922b3d2c3a942491296857feb83ba79c3c40916fdc351f5f6d272225e62f76526f1897c430643757ed5", 0x5b}, {&(0x7f0000000580)="b17b5db64bb5a1de806297c3d7905bb7ffdbbf9af6170cde89902b01de930f3e55617018359579b1760413ee729120a9fe24f8f09e5e78d590d87a3186e57232c260a42b9b758a220002da3de20d3da6b80aa14e478367e4611759769e8d9564b3268b197046f5da7ad714b3f87d53d56820042d00788a2aa97f4ac9bb326c2efa94f1e0b1b4e6e1bda6462f05be92434c655c823c32b4a7621f54ae9db646cc6ce4783d8a30a157706fc7077d3d8dc3b445f207a377aecd05f5b9e19034e63a2e80001f58f997cb0ec94e8d84f7e210bb96bbeae135954a5258e8caabacc38e3da724279a97b5", 0xe7, 0x4}, {&(0x7f0000000680)="68bb91240c5ad46c1f9faefda789af47cb956e099f8e18b8504a49225e713c5ca9fb8030e30fdf8cd365294f72f916fc6f1a28fccc1242b339bc42f74ab8239622a8951b0ac71e2f22e160947dc490ddee3229f32c6616aaac9378b2733668d32a6adef5bf953c07d59994e53e6aad5c32d8023e8b174a8af0b94df51f38ddd1055b4ae867ba62ad285ee10be8a0f15b7ba49abbb2e2e9902d295188beb6dde9c2295e14b42a0368d49f3d9dd9177985c0df2c17be852a10cf0b2f243f81e6516ccd21bda9fb80e8339f15cb9574b51f1cbacf115d7a0cbdfd40cdbad72dce0bd0", 0xe1, 0x6}, {&(0x7f0000000780)="8b82d837693630fbc3a6adfb932b474218f0cb744110adcc03a4608144d87277055e74e760b695f1871b61d69c1fadf16b884dabd5024c7f8a76904f5433aaa2c0f785e4d490e1cb63a17f809afeca21f23d5af0addaf1b04592cefac075548cc6cf42c2e3ce739c5ae6b2ac19ce191426f55483f3e0bcf604e0bba63633aa8c28814e7ac0391a39badce63cab0b4adde655fb2ca915fb091431b4c2d8812f57697a4a78f6fecced0f5bbdba019d4fdc5f9e63f4f95a32120479c992ac51406265be01cbba459c4f1c8589033f4fa08e8bd5a218dabb24b62c78e9cd66060992f53022889bde0f7bb51ff3acd6194176c3ad762a7f8df209f584dad43e5ef296e8a7bf178392603a39ca7e1831881e924248291e676ff4c33e0f0c0a7ed05dfbea7b0f2022dfc7f3986f88d8bfce0813cf75ce3befddf423b43b6053dd40965cbe717e078c663632bab9f7916ead2d416ecfc1d3725987c3dc1e373a6b7c33606b449542bb5987b43e833af3225b0c0a069e1f4efc18b0dc58ec0bbf07ed3a39b3d4f2fc0ca227888b72ea5b344eebfad672a4adecfc95c3353a0dc94c8a971d420fa56e25c0116b243c2e80d41b356814ac7295311994ee96a576c78120cd72bdbf33e1b98a3720442d6cf6f9c2fbedf6de7175012318c7bafb7a49997b5775271fbbe0828818568f2eb775e5b191f94b422542c178af15d7ff085b6738c669d5a4b95ecb71e86dae8f408db628ee20bf3a2f7ece607c226498df334334f0f33280e50235e0f4b4a26b27cb8fa8e02d07199f4ea2093033c0ba2c32d440b73cb2e54164b0a5fc10dd844dbeceeafd949c8c2b55355b72061de10acefb1b0db8c446062a0aa3554a6a891aca65b2bf4c5037b8d75368268a589e047ecc94d312697a867f04920937f8b9c3a8deb4dfa6c20180c8fe5822b2fe1cc23e8edef1acf25c57793dcdc8f965b4bba8c716ac895b9c005349167057fdf337eff629a8fb38566e5563a4b6efd548528f969b34f367124226c175813b0000d4a329a44f236e455831ae1c5cd3a3a0372654e3593dcb234c64f57e912c8844f18ff61409fb7396bb1b408d66bf7094ba09f9b61425083999b3b9fd83ede67722ecdef78b54dfc105eac46ab098a7ee9c1e83e3c27cc8d498c0be5a97212d8c388dd1983ad55d29a23b2cb185e653b466024b16b67aea2810c1f1a2aef195b8598b1cc180e63b5ca4afe89595acd19cfa3b561aae4f01ee656e9afe66945a7693989ac3aea9c75f58dbb61a5cbefae177c34cd5a7a38838b6765cf9b5be73580da1e875109e1740080d2f358bdc6cf6ae31ebbc205f7bb32fcad3c491a4179cef2624fa7717cef0dfbbacd0cbafda37e6594a0333ae9a57a46b6d13810edbe108597dd0d4e8c85a0e4ec9e9fd0daeea5b09f2149f259613f2452e44df910db16984b1ec019b4d7091722507e9b669b6c4c5ab2b7c1da7e62bec35d57cfc64e75b3c2ac629d2e43c1a523df01ec81b536e1bafdae481325036070ddc316a932237369ada59ea9c84b41a48d7b12750e4011d3e63928618826c64b3dcc65ce55b0fce3b12808c1fa387db32da0f5c81d64510b40be140206bdb721064b8fa45b0cf3d70470de0cfe7f09b4f8eb309ff814223417bf0b5c367aefae4e74e1c7826134c0304125a89c99c661b59099342c017db8be60aad2a43953e68a13ca8be76c4aa4cf975e4a682de3a6d280ffb2e316755d9e447c74f87c83324d35a234ddfb5b3ed1e159d2920d6a9fd764b79c79e89e60e5c7796e948220da7ec9cfc2a7029eae8e3c09181ee8d2f12f63d4446c959319b5d765c384dc4db89965fe6a9a0a6bbee5327b574153b8e91ebc45244b677f2d75eba90e42763dcc8be2c1fc8eff697c0fefd53c68b81e4236aafd50bcb488c1af317250de8e9a998da04396b4174f731475e061cd39eadf11a9b37f0a0650884503888c5b85740d8b6c7f5d4a3c224073f5fc10126569fddc1fd5fe8e1cf522133c3d6b467a8aff5e6b0e195370e14bb7c514edf65a2dbac6acda1d0df295f62ba7ffc83998a8e09ca4b9f4b9c4c349c0bcc4509cef27ed3fe4d0d44b8b11bc4fa4876d20bf07838d4bc6972c2ca0118888d0e27a7627e4d80915505c5a2028995c19dd5df9733a2b335bed2d53f725c1ffa8ed6f255524232c808f2d8a114a608433c44b1b860f4a49b55e135f07e2c1274454d180970ab5445391e90f9f0be2202c10c1981a8a212fa9f334d10f4c2ab4682ebf3762cc6c5ccdb0a23f8e9ab5f249467b9d0af2903fcbd86754ff9791b8f65969f5a0eb082916df030072023ae6505ec48bfd4826e16001e4cdc8fcfae231dc5df0b9430f77ee34942bf72feebc19211372d637b0f2b908220176a2d7a1d5f5a6882f186a70e00c596554d774e0369d14cc956b772c6b2fde0ad6571e2469ea00a74bd681826cc7590ac003f7e4cecb1e44003e28bf892be14f52263d1db185ec3a63f07ecddbbebb5e50b7c093e5175d6a247659b9d0a7c1811a5069bef4a677146b28cac46777ee9b1ca5866cc24d16c30bdf37fdb877fb782ee0e1bedeabe22eb258803a0ca87488ac96273dac4cc154b2e4306789318d444e70fd4bf2be1e3c37e1fed8cc13ebd341e513a4230ca0e011d1862c2f64c330ee1cd6cf0a682f4e8e3a666484287e0a6ea57ef78c8b25a7ae4a40f693a0e96ecf6744a63d91b27d751bf46c15bb6963eb4ee8a3e074428bcd3535d1647d23fd97f71fc3e881d931b51cd2be4375ccaac315e44a02b4843111bcc8ae07a423a8e8694d554203d70f9bb7053aab65363e932b6a96b0b57f74a4c73300efb6f38b5b3409f3f4d1307831ec4e0ebe0748e67165526a78f8006739c26b7cd73f3fac9a188ce581eb617b24eb1323d6eeaa6787460859872e4f2ff4f7cd74c9114cb1d4dd625acd5f3c4ea03bc418d1f3f30d346e95792c0f6af9b24fa446d138c514aa352f081026c2f9499afd55b7d58bbd6cd7cd171940b7916663254ac5e977d2f903e4cc818222060444fe16bb5ceee48b4e910a835573a54dd8742bb2977775ed3fdcc35c6e0bccb2638e94987cb0887aa18760b70f29cd07963b9e6f4a8c78a015f350c2afbba5582991f38206bcb2885de9590a541ed434555c9e96aacacc4264deeaa36caa352c29d5df8d1ab495ab235f9db4068fd447b2a8653c80330f2b9e0d9c631ea628c7b44f213573e2eabb39e01315184406bff2df0706d008cf89491728602f703f7f94335b89309484740ef8b37296a806d69c178e53a4f970be957a624387d58af6867a3a3c122c0cc5dcc22125db933c7cd8fb4d34b3435523618c46ff0849deea210d80058c8725dc7ac9141f7d90e77fa344ce0d7966a61dd686c1cd906522ba31278cc2b48484888f70a709a8552de53c32a69ea6d51dc56cfd7fb67584360dce0270c42720141c146d79001dc2cea0f2cb17d625b0fef967ed7a2ed53b61bef67f07b25b2dce6dc3ba265d738fcd76de55c16845479acf5f1ce3b13992ad0eaab9d0b714b53971c15c5b65d904587f6d206970668973fcffc98d3f6683f4e04c2ebe10a5f41e4e1431fe10b59a736dfd85a39e69617ad1cafdd8a4ee4a092382b1127cd38adbe57d9319dcf45091ec38424affbce98cedc1643ab7599633bddbc6b2e399d38cac193c3b17b30c7a52299769e13fad7730cfc0b6f25653d528bad7a9548da9b4ca85dc053f0f7f739155ade4bf3539113e59505aff80e8b5c292d71bbca7d0edfc16300df00cb05a1a87b5e09e0f666961fada3e0635f6f569a94504aa81b4098c5ad6198f116f3685b204e3a9994bca594b2c8dafc3170c59ae4882fd61d32dc6c67f06cae66691c4d44134f13a2e16d242804ba87f89840274f5111e5729c2d96069a03934eee07582c67c783e8a92694e84b8c97195b6bc0e01c8e630ef04158460808c69338b9b2bda9df8ad1ea4244165049dcc5ae29d0ff117ba4b2bf9d8cb14083cc3c28e5e702147cd479fdd30b458368687297ccbc217cf65a44294a03d5f1841372dedf66641033326990f2aa9b59f49cdebc42e914adcddd42a58a120e2e5df466d03c7f7b1ee796d4d22fde1ae4c24bf4eff17d4a1371553b9ad20270cd2e19797cf51da113ac0a6189f8366787395c587a6e094b1f202ca1c2c36241c0019997273de54f689b7fde6e77b18a1d521c8e0596783321a7030bf1845225f4bfb30ba86bfae6c460c6407f1045d984c97200920d2fc5103e975beb6a642f999e3fdad6ec0452b83b7f364ff3fd6d02015bd7afcae87f39a93a852a6b6d6c784c68c3046a98715d7ee972fe86c030e8f65b7cae2820a239ce9167b8c67ee67c2782d99d1c0f2c1696cf1e5fb58f5bed541df60d1291850e86c7281019e9d1fbe0f8aef98e9fc2b9825ef284f8469ca8e8ec53c0e2a251451a92734d7235ca7c644d43149c1b434e9464f4f0c13af0997d4295f8096790a3eb20439229080fb8b3085512b375a2fa0e3fed0a76e9461c42c87db559b288d04c49432b4b8bf918036924fd9d087fea321a0315cfc06eb1e567d7eab3ea60e4b0761a2a16d471de0e4a14c81af0577e14fa951ed71957d4edcd3e67d1986ca28eded520407346b9849578a23a888ecff135fef10a17080ffdfeaf317180549d6157c0ce15a05f06f3184f3f0aeb36bad33ef62abe1d3546757ed9889e4f21a0339c1c4f6beeb19c975dc598fc6c34f14c7173d4dcee82a1041f1a1ac46c603efb096c4bf5bc2a5f81a20bfd653ff84d916e714ea401345d92f9541ab96fbb501c914f34dd3e4fa56f7c250c729f4b30d0eb7cb692888513592afc6de59c2dbef24623927c737b7465b96a7ae00b7c0d77641d179d6f8b772025a021ced4f198555368370e4cdacb30b5a65c1bbec2bc02b6da35d6e6e5eeb5e12567e6b1b54cc774bf8e28deeecba64c3713692e08487b8448490831b83429023a05466503c8d35094672148e786ee664a338573ac18acf067cd56a7fb7f15dc10e7ab86a7aefb93f7c2544cd80aa99525ec16c0e9f01c3fc537809fbeb122821de5b83d0cdebede2f7b7ce312f4fa8026448385148166741b2d9444727b0e97efd3c7c27d7389a85cdd390c8821e1def6061e17249cbe31595f4963be2bbb5951d6e6e578a1871799dcbc117a81c556febeb22bcc3a3a8e8fd6f40d274500eb2a4d2d15d919c237a343347805ac9533c7187d11b2c38e11a5d921d761cf925bc67d0b651902d59f7537006f6a6b70ce1f2fc0918e74f747d8617eaaf5c3b8837588ff6c04dc4f76044c6aa0624a3cf9f5c2822a004ab0bc6481c919776b0d3b45407bfad2f468be16725218e96b3d7e14ed7be8601208c15a0b516864294e6b1ba4e50d43f861ef1cb25950c0ffe939d9adef2b71dac9ffa8c782c2febe71807fd8d776a59966366adc0cf17dccfc364b38d50fbc20d853fd0794d4b8ffc238e8f8ddef27a35f3b945ca1dafdf71087392a5b56916fa8879a67f5411b851f900f678773b486f47e006e00a869b2430a985bc11d9f4cdf7d4257faf157f0ff9edf9c0ed3cc00d757defbc5a5a9bea2c68427ba6206268a360b8032b61909ccb04d8c84dd50adcdfa5c9b954b36e2719d592cbc03b2ab7146ee1a3835ccfd65c4e8d99e7ce1aa06467bb59fce4f643fdd90e8284a9dd4c7cc2c96d5efb4bc743866da5eb0e9f290d44fe1f4448ddc2578b6254cf807495986d5b4e1de900a91dda0e3c26c81b56571f868572b3394dff5c83662a8ca46ae3c25f2993e3e76e00f", 0x1000, 0xfffffffffffffffa}, {&(0x7f0000000480)="8ed0a5718da40aa994e807e0bf201eaf80730dc526a7ce363c919dd9d78f716dbb1f4f7b5aa6650c6c6d6b8907d493c609eb039c5a13d3206ee5b003048d029f49eeb3cd4cc41a457d26277063d1c6b9b6800ebe5a8c3461ef5198cdfb5d2a0ff8bf3b0ce6527026e3622223543275f284723f3821b85592994ce938d590cfe714448cbad8fbe8c2b7", 0x89, 0x3}, {&(0x7f0000001780)="59a5fe5477f13cc2733f1135a539c20a22aa2bb3b6925363839b046bb61c39961c70c2c61450", 0x26, 0x7}, {&(0x7f00000017c0)="600b6b10610fda9c4aef3c51e3ec1073770336ae71b855131f37ecf5c28b66fbdce9cebdd6234c4a01d8b10d617450e178fc3dd277134cefeb17547dc7a266841abcb2888f93fc887b6fd6d123ea5fef28f6b30a57e91cdd9be04fea0fe2d9d527df3422", 0x64, 0x5}], 0x204000, &(0x7f0000001b00)=ANY=[@ANYBLOB="61696f002c66736d616769633d3078303030303030303034303763306665652c6673757569643d6634362d003135332d306231342d36363338653238382c736d61636b66737472616e4330ed56677cd2856f002c6f626a5f747970653d2a7d2d2c001c973a644b95e75bbbe0a52498a45ce9d66c482dd8a083a54c54ed2382b6c9c025372c6088d262e1095b397c5e7417299fc77915e481b4a218e3cd6e5bc649669adba915267cd2e9d201adf4937897b2366c8bb4fc9e32fbc723f6a7d577e0754584a68e4ef48cc987314da82994325f2faaf8243309ef66eb588d6d1897a9c3af0069c6de7a781f8e"]) 19:34:52 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 7) 19:34:52 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 84) 19:34:52 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200004008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:34:52 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 7) 19:34:52 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xb4, 0x0) [ 2911.048208] loop2: detected capacity change from 0 to 512 [ 2911.060936] FAULT_INJECTION: forcing a failure. [ 2911.060936] name failslab, interval 1, probability 0, space 0, times 0 [ 2911.063302] CPU: 0 PID: 14761 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2911.064991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2911.067297] Call Trace: [ 2911.067819] [ 2911.068106] loop1: detected capacity change from 0 to 512 [ 2911.068270] dump_stack_lvl+0x8b/0xb3 [ 2911.069655] should_fail.cold+0x5/0xa [ 2911.070442] ? create_object.isra.0+0x3a/0xa20 [ 2911.071389] should_failslab+0x5/0x10 [ 2911.072179] kmem_cache_alloc+0x5b/0x480 [ 2911.073029] create_object.isra.0+0x3a/0xa20 [ 2911.073954] ? kasan_unpoison+0x23/0x50 [ 2911.074777] kmem_cache_alloc+0x239/0x480 [ 2911.075643] security_inode_alloc+0x34/0x160 [ 2911.076551] inode_init_always+0x5d8/0xd20 [ 2911.077426] alloc_inode+0x84/0x240 [ 2911.077653] loop3: detected capacity change from 0 to 512 [ 2911.078188] new_inode+0x23/0x240 [ 2911.079457] shmem_get_inode+0x18b/0xcb0 [ 2911.080302] __shmem_file_setup+0xb8/0x310 [ 2911.081169] __do_sys_memfd_create+0x1c6/0x4e0 [ 2911.082115] do_syscall_64+0x3b/0x90 [ 2911.082879] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2911.083934] RIP: 0033:0x7f2939f01b19 [ 2911.084678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2911.088382] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2911.089910] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2939f01b19 [ 2911.091341] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f2939f5b0fb [ 2911.092766] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2911.094216] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2911.095641] R13: 0000000020000040 R14: 0000000000040000 R15: 0000000020012c00 [ 2911.097096] [ 2911.097835] loop5: detected capacity change from 0 to 512 [ 2911.100421] FAULT_INJECTION: forcing a failure. [ 2911.100421] name failslab, interval 1, probability 0, space 0, times 0 [ 2911.101629] CPU: 1 PID: 14770 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2911.102493] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2911.103668] Call Trace: [ 2911.103933] [ 2911.104165] dump_stack_lvl+0x8b/0xb3 [ 2911.104583] should_fail.cold+0x5/0xa [ 2911.104983] ? create_object.isra.0+0x3a/0xa20 [ 2911.105481] should_failslab+0x5/0x10 [ 2911.105896] kmem_cache_alloc+0x5b/0x480 [ 2911.106335] create_object.isra.0+0x3a/0xa20 [ 2911.106794] ? kasan_unpoison+0x23/0x50 [ 2911.107221] __kmalloc_track_caller+0x25e/0x430 [ 2911.107720] ? vfs_parse_fs_string+0xc0/0x150 [ 2911.108204] kmemdup_nul+0x2d/0xa0 [ 2911.108586] vfs_parse_fs_string+0xc0/0x150 [ 2911.109040] ? vfs_parse_fs_param+0x3c0/0x3c0 [ 2911.109527] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2911.110115] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2911.110702] generic_parse_monolithic+0x16f/0x1f0 [ 2911.111212] ? vfs_parse_fs_string+0x150/0x150 [ 2911.111690] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2911.112266] ? alloc_fs_context+0x5ac/0x9d0 [ 2911.112725] path_mount+0x12d3/0x1f80 [ 2911.113133] ? kasan_quarantine_put+0x87/0x1e0 [ 2911.113625] ? finish_automount+0xa20/0xa20 [ 2911.114071] ? kmem_cache_free+0xe0/0x420 [ 2911.114520] ? putname+0xfe/0x140 [ 2911.114892] __x64_sys_mount+0x27e/0x300 [ 2911.115324] ? path_mount+0x1f80/0x1f80 [ 2911.115742] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2911.116292] do_syscall_64+0x3b/0x90 [ 2911.116700] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2911.117247] RIP: 0033:0x7fc14228f04a [ 2911.117655] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2911.119537] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2911.120320] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2911.121052] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2911.121803] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2911.122540] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2911.123275] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2911.124026] [ 2911.128068] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2911.141140] FAULT_INJECTION: forcing a failure. [ 2911.141140] name failslab, interval 1, probability 0, space 0, times 0 [ 2911.143827] CPU: 0 PID: 14775 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2911.145756] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2911.148336] Call Trace: [ 2911.148921] [ 2911.149433] dump_stack_lvl+0x8b/0xb3 [ 2911.150352] should_fail.cold+0x5/0xa [ 2911.151234] ? create_object.isra.0+0x3a/0xa20 [ 2911.152296] should_failslab+0x5/0x10 [ 2911.152512] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2911.153180] kmem_cache_alloc+0x5b/0x480 [ 2911.154931] create_object.isra.0+0x3a/0xa20 [ 2911.155949] ? kasan_unpoison+0x23/0x50 [ 2911.156875] kmem_cache_alloc+0x239/0x480 [ 2911.157897] security_inode_alloc+0x34/0x160 [ 2911.158921] inode_init_always+0x5d8/0xd20 [ 2911.159904] alloc_inode+0x84/0x240 [ 2911.160747] new_inode+0x23/0x240 [ 2911.161568] shmem_get_inode+0x18b/0xcb0 [ 2911.162505] __shmem_file_setup+0xb8/0x310 [ 2911.163484] __do_sys_memfd_create+0x1c6/0x4e0 [ 2911.164529] do_syscall_64+0x3b/0x90 [ 2911.165391] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2911.166576] RIP: 0033:0x7f9ecc2ecb19 [ 2911.167420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2911.171547] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2911.173274] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9ecc2ecb19 [ 2911.174884] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f9ecc3460fb [ 2911.176503] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2911.178089] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2911.179662] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012c00 [ 2911.181263] [ 2911.219654] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:34:52 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080088000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2911.222133] loop4: detected capacity change from 0 to 512 19:34:52 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200005008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2911.233374] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2911.267830] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2911.269779] EXT4-fs (loop3): get root inode failed [ 2911.270565] EXT4-fs (loop3): mount failed [ 2911.276681] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2911.294574] loop6: detected capacity change from 0 to 512 19:34:52 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 85) 19:34:52 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200006008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2911.330357] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2911.345076] loop3: detected capacity change from 0 to 512 [ 2911.348341] FAULT_INJECTION: forcing a failure. [ 2911.348341] name failslab, interval 1, probability 0, space 0, times 0 [ 2911.349561] CPU: 1 PID: 14789 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2911.350453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2911.351659] Call Trace: [ 2911.351935] [ 2911.352183] dump_stack_lvl+0x8b/0xb3 [ 2911.352598] should_fail.cold+0x5/0xa [ 2911.353010] ? getname_kernel+0x4e/0x370 [ 2911.353458] should_failslab+0x5/0x10 [ 2911.353883] kmem_cache_alloc+0x5b/0x480 [ 2911.354327] ? kasan_quarantine_put+0x87/0x1e0 [ 2911.354838] getname_kernel+0x4e/0x370 [ 2911.355262] kern_path+0x1b/0x50 [ 2911.355632] lookup_bdev+0xc3/0x260 [ 2911.356026] ? bd_abort_claiming+0x90/0x90 [ 2911.356490] ? check_nnp_nosuid.isra.0+0x2a0/0x2a0 [ 2911.357022] ? vfs_parse_fs_param+0x3c0/0x3c0 [ 2911.357526] blkdev_get_by_path+0x71/0x2e0 [ 2911.358013] ? blkdev_get_by_dev+0x80/0x80 [ 2911.358488] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2911.359073] ? cap_capable+0x1eb/0x250 [ 2911.359498] get_tree_bdev+0xd5/0x740 [ 2911.359925] ? ext4_reconfigure+0x27f0/0x27f0 [ 2911.360422] vfs_get_tree+0x8e/0x2f0 [ 2911.360832] path_mount+0x131b/0x1f80 [ 2911.361256] ? kasan_quarantine_put+0x87/0x1e0 [ 2911.361778] ? finish_automount+0xa20/0xa20 [ 2911.362248] ? kmem_cache_free+0xe0/0x420 [ 2911.362712] ? putname+0xfe/0x140 [ 2911.363096] __x64_sys_mount+0x27e/0x300 [ 2911.363530] ? path_mount+0x1f80/0x1f80 [ 2911.363975] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2911.364546] do_syscall_64+0x3b/0x90 [ 2911.364962] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2911.365542] RIP: 0033:0x7fc14228f04a [ 2911.365926] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2911.367931] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2911.368760] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2911.369540] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2911.370312] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2911.371081] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2911.371860] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2911.372647] [ 2911.372962] /dev/loop3: Can't open blockdev [ 2911.417850] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. 19:34:52 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080188000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:34:52 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 8) 19:34:52 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) accept(0xffffffffffffffff, 0x0, &(0x7f0000000040)) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:34:52 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 86) [ 2911.520154] loop3: detected capacity change from 0 to 512 [ 2911.525886] FAULT_INJECTION: forcing a failure. [ 2911.525886] name failslab, interval 1, probability 0, space 0, times 0 [ 2911.527170] CPU: 1 PID: 14797 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2911.528063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2911.529248] Call Trace: [ 2911.529524] [ 2911.529765] dump_stack_lvl+0x8b/0xb3 [ 2911.530184] should_fail.cold+0x5/0xa [ 2911.530611] ? getname_kernel+0x4e/0x370 [ 2911.531042] should_failslab+0x5/0x10 [ 2911.531462] kmem_cache_alloc+0x5b/0x480 [ 2911.531924] ? kasan_quarantine_put+0x87/0x1e0 [ 2911.532419] getname_kernel+0x4e/0x370 [ 2911.532842] kern_path+0x1b/0x50 [ 2911.533226] lookup_bdev+0xc3/0x260 [ 2911.533641] ? bd_abort_claiming+0x90/0x90 [ 2911.534099] ? check_nnp_nosuid.isra.0+0x2a0/0x2a0 [ 2911.534615] ? vfs_parse_fs_param+0x3c0/0x3c0 [ 2911.535115] blkdev_get_by_path+0x71/0x2e0 [ 2911.535562] ? blkdev_get_by_dev+0x80/0x80 [ 2911.536011] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2911.536602] ? cap_capable+0x1eb/0x250 [ 2911.537044] get_tree_bdev+0xd5/0x740 [ 2911.537454] ? ext4_reconfigure+0x27f0/0x27f0 [ 2911.537944] vfs_get_tree+0x8e/0x2f0 [ 2911.538385] path_mount+0x131b/0x1f80 [ 2911.538839] ? kasan_quarantine_put+0x87/0x1e0 [ 2911.539374] ? finish_automount+0xa20/0xa20 [ 2911.539885] ? kmem_cache_free+0xe0/0x420 [ 2911.540387] ? putname+0xfe/0x140 [ 2911.540795] __x64_sys_mount+0x27e/0x300 [ 2911.541275] ? path_mount+0x1f80/0x1f80 [ 2911.541759] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2911.542375] do_syscall_64+0x3b/0x90 [ 2911.542818] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2911.543425] RIP: 0033:0x7fc14228f04a [ 2911.543823] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2911.545946] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2911.546769] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2911.547513] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2911.548285] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2911.549031] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2911.549821] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2911.550577] [ 2911.550877] /dev/loop3: Can't open blockdev [ 2911.552913] FAULT_INJECTION: forcing a failure. [ 2911.552913] name failslab, interval 1, probability 0, space 0, times 0 [ 2911.555306] CPU: 0 PID: 14800 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2911.556963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2911.559224] Call Trace: [ 2911.559735] [ 2911.560180] dump_stack_lvl+0x8b/0xb3 [ 2911.560961] should_fail.cold+0x5/0xa [ 2911.561744] should_failslab+0x5/0x10 [ 2911.562529] kmem_cache_alloc_lru+0x60/0x7c0 [ 2911.563417] ? __d_alloc+0x31/0x990 [ 2911.564140] ? lockdep_hardirqs_on+0x79/0x100 [ 2911.565053] __d_alloc+0x31/0x990 [ 2911.565772] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2911.566880] d_alloc_pseudo+0x19/0x70 [ 2911.567640] alloc_file_pseudo+0xce/0x250 [ 2911.568471] ? alloc_file+0x580/0x580 [ 2911.569229] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2911.570356] ? shmem_get_inode+0x619/0xcb0 [ 2911.571226] __shmem_file_setup+0x144/0x310 [ 2911.572106] __do_sys_memfd_create+0x1c6/0x4e0 [ 2911.573043] do_syscall_64+0x3b/0x90 [ 2911.573826] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2911.574861] RIP: 0033:0x7f2939f01b19 [ 2911.575598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2911.579259] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2911.580771] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2939f01b19 [ 2911.582205] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f2939f5b0fb [ 2911.583623] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2911.585200] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2911.586794] R13: 0000000020000040 R14: 0000000000040000 R15: 0000000020012c00 [ 2911.588402] [ 2911.591162] loop2: detected capacity change from 0 to 512 [ 2911.635967] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:35:05 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xfffffff6) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:35:05 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) mount(&(0x7f0000000140)=@sg0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='vxfs\x00', 0x0, &(0x7f0000000300)='-\xe6^:%\'.\x00') stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) link(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:35:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200007008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:05 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xb5, 0x0) [ 2924.097268] loop2: detected capacity change from 0 to 512 19:35:05 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 8) 19:35:05 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="2000801c8000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:05 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 87) 19:35:05 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 9) [ 2924.106671] loop3: detected capacity change from 0 to 512 [ 2924.115246] FAULT_INJECTION: forcing a failure. [ 2924.115246] name failslab, interval 1, probability 0, space 0, times 0 [ 2924.116692] CPU: 0 PID: 14814 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2924.117607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2924.118103] loop1: detected capacity change from 0 to 512 [ 2924.118880] Call Trace: [ 2924.118898] [ 2924.118904] dump_stack_lvl+0x8b/0xb3 [ 2924.121018] should_fail.cold+0x5/0xa [ 2924.121418] ? alloc_super+0x54/0x9d0 [ 2924.121860] should_failslab+0x5/0x10 [ 2924.122275] kmem_cache_alloc_trace+0x55/0x3c0 [ 2924.122776] ? do_raw_spin_lock+0x121/0x260 [ 2924.123258] ? test_single_super+0x10/0x10 [ 2924.123719] alloc_super+0x54/0x9d0 [ 2924.124124] ? test_single_super+0x10/0x10 [ 2924.124591] sget_fc+0x13e/0x7a0 [ 2924.124962] ? set_bdev_super+0x310/0x310 [ 2924.125421] get_tree_bdev+0x1bb/0x740 [ 2924.125856] ? ext4_reconfigure+0x27f0/0x27f0 [ 2924.126367] vfs_get_tree+0x8e/0x2f0 [ 2924.126771] path_mount+0x131b/0x1f80 [ 2924.127187] ? kasan_quarantine_put+0x87/0x1e0 [ 2924.127698] ? finish_automount+0xa20/0xa20 [ 2924.128172] ? kmem_cache_free+0xe0/0x420 [ 2924.128640] ? putname+0xfe/0x140 [ 2924.129028] __x64_sys_mount+0x27e/0x300 [ 2924.129483] ? path_mount+0x1f80/0x1f80 [ 2924.129937] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2924.130507] do_syscall_64+0x3b/0x90 [ 2924.130924] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2924.131492] RIP: 0033:0x7fc14228f04a [ 2924.131901] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2924.133941] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2924.134782] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2924.135553] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2924.136333] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2924.137123] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2924.137928] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2924.138729] [ 2924.140651] loop5: detected capacity change from 0 to 512 [ 2924.157847] FAULT_INJECTION: forcing a failure. [ 2924.157847] name failslab, interval 1, probability 0, space 0, times 0 [ 2924.159036] CPU: 0 PID: 14829 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2924.159911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2924.161071] Call Trace: [ 2924.161347] [ 2924.161578] dump_stack_lvl+0x8b/0xb3 [ 2924.161998] should_fail.cold+0x5/0xa [ 2924.162414] ? create_object.isra.0+0x3a/0xa20 [ 2924.162895] should_failslab+0x5/0x10 [ 2924.163298] kmem_cache_alloc+0x5b/0x480 [ 2924.163743] create_object.isra.0+0x3a/0xa20 [ 2924.164208] ? kasan_unpoison+0x23/0x50 [ 2924.164631] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2924.165103] ? __d_alloc+0x31/0x990 [ 2924.165492] __d_alloc+0x31/0x990 [ 2924.165873] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2924.166453] d_alloc_pseudo+0x19/0x70 [ 2924.166851] alloc_file_pseudo+0xce/0x250 [ 2924.167287] ? alloc_file+0x580/0x580 [ 2924.167692] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2924.168270] ? shmem_get_inode+0x619/0xcb0 [ 2924.168726] __shmem_file_setup+0x144/0x310 [ 2924.169181] __do_sys_memfd_create+0x1c6/0x4e0 [ 2924.169666] do_syscall_64+0x3b/0x90 [ 2924.170075] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2924.170615] RIP: 0033:0x7f2939f01b19 [ 2924.171001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2924.172908] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2924.173696] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2939f01b19 [ 2924.174444] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f2939f5b0fb [ 2924.175170] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2924.175904] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2924.176637] R13: 0000000020000040 R14: 0000000000040000 R15: 0000000020012c00 [ 2924.177385] [ 2924.180657] FAULT_INJECTION: forcing a failure. [ 2924.180657] name failslab, interval 1, probability 0, space 0, times 0 [ 2924.181928] loop4: detected capacity change from 0 to 512 [ 2924.182551] CPU: 0 PID: 14828 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2924.183408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2924.184208] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2924.184573] Call Trace: [ 2924.184579] [ 2924.184584] dump_stack_lvl+0x8b/0xb3 [ 2924.184603] should_fail.cold+0x5/0xa [ 2924.187458] should_failslab+0x5/0x10 [ 2924.187858] kmem_cache_alloc_lru+0x60/0x7c0 [ 2924.188324] ? __d_alloc+0x31/0x990 [ 2924.188701] ? lockdep_hardirqs_on+0x79/0x100 [ 2924.189169] __d_alloc+0x31/0x990 [ 2924.189533] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2924.190121] d_alloc_pseudo+0x19/0x70 [ 2924.190522] alloc_file_pseudo+0xce/0x250 [ 2924.190954] ? alloc_file+0x580/0x580 [ 2924.191353] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2924.191938] ? shmem_get_inode+0x619/0xcb0 [ 2924.192389] __shmem_file_setup+0x144/0x310 [ 2924.192841] __do_sys_memfd_create+0x1c6/0x4e0 [ 2924.193327] do_syscall_64+0x3b/0x90 [ 2924.193732] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2924.194271] RIP: 0033:0x7f9ecc2ecb19 [ 2924.194725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2924.196928] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2924.197728] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9ecc2ecb19 [ 2924.198462] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f9ecc3460fb [ 2924.199192] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2924.199935] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2924.200673] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012c00 [ 2924.201414] [ 2924.205391] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2924.208878] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:35:05 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="2000803a8000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200008008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2924.232046] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2924.248653] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:35:05 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xfffffffb) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:35:05 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 88) 19:35:05 executing program 2: ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, &(0x7f0000000140)={'sit0\x00', &(0x7f0000000040)={'ip6tnl0\x00', 0x0, 0x29, 0x9, 0x7f, 0x0, 0x12, @ipv4={'\x00', '\xff\xff', @empty}, @remote, 0x8000, 0x7, 0x8, 0x8}}) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000180)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x1}, {&(0x7f0000010300)="0200e8ff0300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) setresuid(0x0, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x1c, 0x1a, 0x1, 0x0, 0x0, "", [@typed={0xa, 0x0, 0x0, 0x0, @binary="d8c9310200"}]}, 0x1c}], 0x1}, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) r2 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote, r3}, 0x14) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000380)={{0x1, 0x1, 0x18, r2, {0x3}}, './file0\x00'}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'syz_tun\x00'}) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000580)={0x248, 0x13, 0x100, 0x70bd29, 0x25dfdbfd, {0x23, 0x3f, 0xff, 0x3f, {0x4e22, 0x4e22, [0xba95, 0x4, 0x652d72ab, 0x6], [0x2, 0x100, 0x10001, 0x7fffffff], r3, [0x3f]}, 0x4, 0x2}, [@INET_DIAG_REQ_BYTECODE={0xd2, 0x1, "72f42999e087f312b5e527e61b6eaae3fb6bfa444fdd39a278bb9fae423a15d4d77e9e10de5b6b21b4e0918b0fd39640f0b2dbfc68e5672230c828a301ceea3ebf94ea6e6ba11f64abfb9b6d2899bbb02c32677587390fff3d7b36c3e5db1f28995d8dba9dce6e0139ae5b2c5236bbc05716ce00d578d85879a734e9e63a62500e12370a3423650282f90fa02e1ca10dc9f3cbe3a7284d1dffcef1e0471ffb8ff10952eca6ae08298d495f95b942ef7e41d307ad16acaab04fb74e938374a78ac9cafe719ed83c02f1c3fe83110e"}, @INET_DIAG_REQ_BYTECODE={0xbe, 0x1, "144c9418860072f88ff049719ad05705224e77001cff8e2458ef95a9b14a2ac7a1bf3e8d81b7d91742a79dc45d99198d87ddc1e4fe391a6cef1b951d691403bb97390f96a8e01174b930d63703cc42ee2253ae08f3c69828085ad7339d2b5fa570bcce3a402a33f89b3094df190f99865fda0daad46d8b82ec17a35bf030f224c87c7eefa02bd1e5cbdb052b104d921f9374664bbd4be91f48ecaadbad2638ff340034d761dcb4939136e590699e71b328970e444138d91c8d4c"}, @INET_DIAG_REQ_BYTECODE={0x68, 0x1, "0dcc3045b2c023cffc452fa8f526c05c39ab2b8f24b743b64a84f0646881826542a86d83041e8d1339b19c3390b656120cccaa0c8f277047eba412829d33f8c2d964466c193879b9eb79f9d666e3546efd67c358a03f6bf812d31237d09ea283c2b88657"}]}, 0x248}, 0x1, 0x0, 0x0, 0x20000840}, 0x4000040) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) [ 2924.372019] loop1: detected capacity change from 0 to 512 [ 2924.376620] loop2: detected capacity change from 0 to 512 [ 2924.380339] loop3: detected capacity change from 0 to 512 19:35:05 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080658000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2924.386668] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 2924.390131] FAULT_INJECTION: forcing a failure. [ 2924.390131] name failslab, interval 1, probability 0, space 0, times 0 [ 2924.392635] CPU: 1 PID: 14843 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2924.394507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2924.396936] Call Trace: [ 2924.397507] [ 2924.398019] dump_stack_lvl+0x8b/0xb3 [ 2924.398878] should_fail.cold+0x5/0xa [ 2924.399726] ? alloc_super+0x54/0x9d0 [ 2924.400575] should_failslab+0x5/0x10 [ 2924.401427] kmem_cache_alloc_trace+0x55/0x3c0 [ 2924.402470] ? do_raw_spin_lock+0x121/0x260 [ 2924.403433] ? test_single_super+0x10/0x10 [ 2924.404366] alloc_super+0x54/0x9d0 [ 2924.405180] ? test_single_super+0x10/0x10 [ 2924.406131] sget_fc+0x13e/0x7a0 [ 2924.406885] ? set_bdev_super+0x310/0x310 [ 2924.407805] get_tree_bdev+0x1bb/0x740 [ 2924.408667] ? ext4_reconfigure+0x27f0/0x27f0 [ 2924.409669] vfs_get_tree+0x8e/0x2f0 [ 2924.410523] path_mount+0x131b/0x1f80 [ 2924.411380] ? kasan_quarantine_put+0x87/0x1e0 [ 2924.412389] ? finish_automount+0xa20/0xa20 [ 2924.413351] ? kmem_cache_free+0xe0/0x420 [ 2924.414297] ? putname+0xfe/0x140 [ 2924.415095] __x64_sys_mount+0x27e/0x300 [ 2924.415997] ? path_mount+0x1f80/0x1f80 [ 2924.416889] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2924.418057] do_syscall_64+0x3b/0x90 [ 2924.418889] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2924.420033] RIP: 0033:0x7fc14228f04a [ 2924.420851] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2924.424842] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2924.426507] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2924.428061] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2924.429614] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2924.431183] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2924.432733] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2924.434332] 19:35:05 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 9) [ 2924.445915] loop2: detected capacity change from 0 to 512 [ 2924.448191] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 19:35:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200018008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2924.475598] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:35:05 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080fe8000000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:05 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 10) 19:35:05 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) [ 2924.594173] FAULT_INJECTION: forcing a failure. [ 2924.594173] name failslab, interval 1, probability 0, space 0, times 0 [ 2924.595467] CPU: 0 PID: 14858 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2924.596337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2924.597505] Call Trace: [ 2924.597802] [ 2924.598033] dump_stack_lvl+0x8b/0xb3 [ 2924.598457] should_fail.cold+0x5/0xa [ 2924.598866] ? create_object.isra.0+0x3a/0xa20 [ 2924.599359] should_failslab+0x5/0x10 [ 2924.599762] kmem_cache_alloc+0x5b/0x480 [ 2924.600202] create_object.isra.0+0x3a/0xa20 [ 2924.600671] ? kasan_unpoison+0x23/0x50 [ 2924.601086] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2924.601566] ? __d_alloc+0x31/0x990 [ 2924.602026] __d_alloc+0x31/0x990 [ 2924.602393] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2924.603011] d_alloc_pseudo+0x19/0x70 [ 2924.603412] alloc_file_pseudo+0xce/0x250 [ 2924.603868] ? alloc_file+0x580/0x580 [ 2924.604279] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2924.604890] ? shmem_get_inode+0x619/0xcb0 [ 2924.605334] __shmem_file_setup+0x144/0x310 [ 2924.605818] __do_sys_memfd_create+0x1c6/0x4e0 [ 2924.606320] do_syscall_64+0x3b/0x90 [ 2924.606735] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2924.607299] RIP: 0033:0x7f9ecc2ecb19 [ 2924.607683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2924.609696] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2924.610539] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9ecc2ecb19 [ 2924.611307] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f9ecc3460fb [ 2924.612095] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2924.612879] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2924.613654] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012c00 [ 2924.614451] [ 2924.625999] loop2: detected capacity change from 0 to 512 [ 2924.657303] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2924.680073] FAULT_INJECTION: forcing a failure. [ 2924.680073] name failslab, interval 1, probability 0, space 0, times 0 [ 2924.682575] CPU: 1 PID: 14863 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2924.684384] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2924.686765] Call Trace: [ 2924.687329] [ 2924.687817] dump_stack_lvl+0x8b/0xb3 [ 2924.688640] should_fail.cold+0x5/0xa [ 2924.689426] ? __alloc_file+0x21/0x230 [ 2924.690310] should_failslab+0x5/0x10 [ 2924.691158] kmem_cache_alloc+0x5b/0x480 [ 2924.692065] __alloc_file+0x21/0x230 [ 2924.692835] alloc_empty_file+0x6d/0x170 [ 2924.693684] alloc_file+0x59/0x580 [ 2924.694483] alloc_file_pseudo+0x16a/0x250 [ 2924.695407] ? alloc_file+0x580/0x580 [ 2924.696160] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 19:35:05 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xb6, 0x0) 19:35:05 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000002000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="20001c008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:05 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xfffffffe) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2924.697356] ? shmem_get_inode+0x619/0xcb0 [ 2924.698529] __shmem_file_setup+0x144/0x310 [ 2924.699481] __do_sys_memfd_create+0x1c6/0x4e0 [ 2924.700477] do_syscall_64+0x3b/0x90 [ 2924.701215] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2924.702364] RIP: 0033:0x7f2939f01b19 [ 2924.703168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2924.707035] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2924.708578] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2939f01b19 [ 2924.710126] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f2939f5b0fb [ 2924.711644] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2924.713124] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2924.714703] R13: 0000000020000040 R14: 0000000000040000 R15: 0000000020012c00 [ 2924.716203] [ 2924.739413] loop5: detected capacity change from 0 to 512 [ 2924.769048] loop1: detected capacity change from 0 to 512 [ 2924.771405] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2924.796206] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2924.829962] loop6: detected capacity change from 0 to 512 [ 2924.838301] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2924.855901] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. 19:35:19 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x8000000000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:35:19 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 89) 19:35:19 executing program 2: futex(&(0x7f0000000040)=0x1, 0x1, 0x2, &(0x7f0000000080), &(0x7f0000000140)=0x1, 0x1) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x200, 0x8813e3db53eaa00c) pselect6(0x40, &(0x7f00000003c0)={0x1, 0x40, 0x3d5, 0x4, 0x8, 0x1, 0x81, 0x6}, &(0x7f0000000400)={0x2, 0x6, 0x1, 0xffffffffffff2629, 0x8, 0x1dc, 0x6, 0x10001}, &(0x7f0000000440)={0x8cc, 0x5, 0x1000, 0x2d0000000000000, 0x3, 0x4, 0xfffffffffffffff8}, &(0x7f0000000480)={0x77359400}, &(0x7f0000000500)={&(0x7f00000004c0)={[0x101]}, 0x8}) setxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000300), 0x2, 0x1) r3 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000340)='./binderfs/binder-control\x00', 0x800, 0x0) ioctl$FITRIM(r3, 0xc0185879, &(0x7f0000000380)={0x9, 0x6, 0x7fff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000580)={{0x1, 0x1, 0x18, r2, {r0, r1}}, './file0\x00'}) r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000005c0), 0x4842, 0x0) ioctl$FICLONERANGE(r4, 0x4020940d, &(0x7f0000000600)={{r5}, 0x6, 0x100000000, 0x4}) mlockall(0x0) 19:35:19 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xb7, 0x0) [ 2938.731929] loop5: detected capacity change from 0 to 512 [ 2938.733973] loop2: detected capacity change from 0 to 512 [ 2938.756899] FAULT_INJECTION: forcing a failure. [ 2938.756899] name failslab, interval 1, probability 0, space 0, times 0 [ 2938.758190] CPU: 0 PID: 14898 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2938.759055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2938.760242] Call Trace: [ 2938.760516] [ 2938.760760] dump_stack_lvl+0x8b/0xb3 [ 2938.761176] should_fail.cold+0x5/0xa [ 2938.761582] ? __alloc_file+0x21/0x230 [ 2938.762005] should_failslab+0x5/0x10 [ 2938.762408] kmem_cache_alloc+0x5b/0x480 [ 2938.762844] __alloc_file+0x21/0x230 [ 2938.763245] alloc_empty_file+0x6d/0x170 [ 2938.763684] alloc_file+0x59/0x580 [ 2938.764070] alloc_file_pseudo+0x16a/0x250 [ 2938.764517] ? alloc_file+0x580/0x580 [ 2938.764915] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2938.765505] ? shmem_get_inode+0x619/0xcb0 [ 2938.765971] __shmem_file_setup+0x144/0x310 [ 2938.766386] loop3: detected capacity change from 0 to 512 [ 2938.766426] __do_sys_memfd_create+0x1c6/0x4e0 [ 2938.768040] do_syscall_64+0x3b/0x90 [ 2938.768438] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2938.768986] RIP: 0033:0x7f9ecc2ecb19 [ 2938.769373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2938.771287] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2938.772088] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9ecc2ecb19 [ 2938.772525] FAULT_INJECTION: forcing a failure. [ 2938.772525] name failslab, interval 1, probability 0, space 0, times 0 [ 2938.772831] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f9ecc3460fb [ 2938.772840] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2938.772848] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2938.772856] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012c00 [ 2938.778331] [ 2938.778576] CPU: 1 PID: 14893 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2938.779020] loop1: detected capacity change from 0 to 512 [ 2938.780322] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2938.780340] Call Trace: [ 2938.782955] FAULT_INJECTION: forcing a failure. [ 2938.782955] name failslab, interval 1, probability 0, space 0, times 0 [ 2938.783271] [ 2938.783282] dump_stack_lvl+0x8b/0xb3 [ 2938.787085] should_fail.cold+0x5/0xa [ 2938.787905] ? security_sb_alloc+0x107/0x250 [ 2938.788848] should_failslab+0x5/0x10 [ 2938.789661] __kmalloc+0x72/0x440 [ 2938.790437] ? _down_write_nest_lock+0x150/0x150 [ 2938.791455] security_sb_alloc+0x107/0x250 [ 2938.792364] ? test_single_super+0x10/0x10 [ 2938.793256] alloc_super+0x1dd/0x9d0 [ 2938.794075] ? test_single_super+0x10/0x10 [ 2938.794967] sget_fc+0x13e/0x7a0 [ 2938.795697] ? set_bdev_super+0x310/0x310 [ 2938.796580] get_tree_bdev+0x1bb/0x740 [ 2938.797416] ? ext4_reconfigure+0x27f0/0x27f0 [ 2938.798395] vfs_get_tree+0x8e/0x2f0 [ 2938.799199] path_mount+0x131b/0x1f80 [ 2938.800012] ? kasan_quarantine_put+0x87/0x1e0 [ 2938.800987] ? finish_automount+0xa20/0xa20 [ 2938.801898] ? kmem_cache_free+0xe0/0x420 [ 2938.802808] ? putname+0xfe/0x140 [ 2938.803557] __x64_sys_mount+0x27e/0x300 [ 2938.804430] ? path_mount+0x1f80/0x1f80 [ 2938.805283] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2938.806406] do_syscall_64+0x3b/0x90 [ 2938.807210] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2938.808315] RIP: 0033:0x7fc14228f04a [ 2938.809102] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2938.813006] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2938.814621] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2938.816117] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2938.817611] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2938.819109] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2938.820595] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2938.822115] [ 2938.822598] CPU: 0 PID: 14901 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2938.823474] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2938.824628] Call Trace: [ 2938.824902] [ 2938.825144] dump_stack_lvl+0x8b/0xb3 [ 2938.825543] should_fail.cold+0x5/0xa [ 2938.825947] ? create_object.isra.0+0x3a/0xa20 [ 2938.826435] should_failslab+0x5/0x10 [ 2938.826840] kmem_cache_alloc+0x5b/0x480 [ 2938.827278] create_object.isra.0+0x3a/0xa20 [ 2938.827735] ? kasan_unpoison+0x23/0x50 [ 2938.828157] kmem_cache_alloc+0x239/0x480 [ 2938.828601] __alloc_file+0x21/0x230 [ 2938.828999] alloc_empty_file+0x6d/0x170 [ 2938.829424] alloc_file+0x59/0x580 [ 2938.829798] alloc_file_pseudo+0x16a/0x250 [ 2938.830274] ? alloc_file+0x580/0x580 [ 2938.830681] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2938.831264] ? shmem_get_inode+0x619/0xcb0 [ 2938.831711] __shmem_file_setup+0x144/0x310 [ 2938.832170] __do_sys_memfd_create+0x1c6/0x4e0 [ 2938.832654] do_syscall_64+0x3b/0x90 [ 2938.833054] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2938.833594] RIP: 0033:0x7f2939f01b19 [ 2938.833989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2938.835873] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2938.836674] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2939f01b19 [ 2938.837422] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f2939f5b0fb [ 2938.838189] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2938.838919] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2938.839648] R13: 0000000020000040 R14: 0000000000040000 R15: 0000000020012c00 [ 2938.840395] 19:35:19 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008002000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:19 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="20003a008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:19 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 10) 19:35:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 11) [ 2938.850064] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2938.853683] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2938.859291] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2938.861992] loop4: detected capacity change from 0 to 512 19:35:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200065008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2938.919080] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2938.930380] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:35:34 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xb8, 0x0) 19:35:34 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:35:34 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 11) 19:35:34 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 90) 19:35:34 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 12) 19:35:34 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008003000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:34 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="2000fe008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:34 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x20000000000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2953.260160] loop2: detected capacity change from 0 to 512 [ 2953.265742] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2953.268956] FAULT_INJECTION: forcing a failure. [ 2953.268956] name failslab, interval 1, probability 0, space 0, times 0 [ 2953.271318] CPU: 0 PID: 14931 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2953.272989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2953.275298] Call Trace: [ 2953.275815] [ 2953.276267] dump_stack_lvl+0x8b/0xb3 [ 2953.277050] should_fail.cold+0x5/0xa [ 2953.277837] ? security_file_alloc+0x34/0x170 [ 2953.278762] should_failslab+0x5/0x10 [ 2953.279521] kmem_cache_alloc+0x5b/0x480 [ 2953.280338] security_file_alloc+0x34/0x170 [ 2953.281205] __alloc_file+0xb6/0x230 [ 2953.281957] alloc_empty_file+0x6d/0x170 [ 2953.282779] alloc_file+0x59/0x580 [ 2953.283493] alloc_file_pseudo+0x16a/0x250 [ 2953.284338] ? alloc_file+0x580/0x580 [ 2953.285098] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2953.286231] ? shmem_get_inode+0x619/0xcb0 [ 2953.287213] __shmem_file_setup+0x144/0x310 [ 2953.288202] __do_sys_memfd_create+0x1c6/0x4e0 [ 2953.289259] do_syscall_64+0x3b/0x90 [ 2953.290114] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2953.291308] RIP: 0033:0x7f2939f01b19 [ 2953.292144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2953.296305] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2953.298022] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2939f01b19 [ 2953.299626] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f2939f5b0fb [ 2953.301216] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2953.302838] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2953.304428] R13: 0000000020000040 R14: 0000000000040000 R15: 0000000020012c00 [ 2953.306049] [ 2953.320496] loop5: detected capacity change from 0 to 512 [ 2953.326407] loop1: detected capacity change from 0 to 512 [ 2953.330882] FAULT_INJECTION: forcing a failure. [ 2953.330882] name failslab, interval 1, probability 0, space 0, times 0 [ 2953.333384] CPU: 0 PID: 14938 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2953.335217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2953.337683] Call Trace: [ 2953.338250] [ 2953.338735] dump_stack_lvl+0x8b/0xb3 [ 2953.339587] should_fail.cold+0x5/0xa [ 2953.340424] ? create_object.isra.0+0x3a/0xa20 [ 2953.341431] should_failslab+0x5/0x10 19:35:34 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000038000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2953.342302] kmem_cache_alloc+0x5b/0x480 [ 2953.343378] create_object.isra.0+0x3a/0xa20 [ 2953.344352] ? kasan_unpoison+0x23/0x50 [ 2953.345234] kmem_cache_alloc+0x239/0x480 [ 2953.346178] __alloc_file+0x21/0x230 [ 2953.347022] alloc_empty_file+0x6d/0x170 [ 2953.347921] alloc_file+0x59/0x580 [ 2953.348705] alloc_file_pseudo+0x16a/0x250 [ 2953.349627] ? alloc_file+0x580/0x580 [ 2953.350481] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2953.351695] ? shmem_get_inode+0x619/0xcb0 [ 2953.352633] __shmem_file_setup+0x144/0x310 [ 2953.353580] __do_sys_memfd_create+0x1c6/0x4e0 [ 2953.354591] do_syscall_64+0x3b/0x90 [ 2953.355418] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2953.356542] RIP: 0033:0x7f9ecc2ecb19 [ 2953.357340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2953.361274] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2953.362908] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9ecc2ecb19 [ 2953.364419] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f9ecc3460fb [ 2953.365923] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2953.367430] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2953.368946] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012c00 [ 2953.370497] 19:35:34 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200080048000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:34 executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000300)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) setresuid(0x0, r1, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='exofs\x00', 0x80010, &(0x7f0000000180)='ext4\x00') [ 2953.377087] loop3: detected capacity change from 0 to 512 [ 2953.381159] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2953.397722] FAULT_INJECTION: forcing a failure. [ 2953.397722] name failslab, interval 1, probability 0, space 0, times 0 [ 2953.400284] CPU: 0 PID: 14937 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2953.402042] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2953.404411] Call Trace: [ 2953.404949] [ 2953.405423] dump_stack_lvl+0x8b/0xb3 [ 2953.406242] should_fail.cold+0x5/0xa [ 2953.407047] ? create_object.isra.0+0x3a/0xa20 [ 2953.408015] should_failslab+0x5/0x10 [ 2953.408823] kmem_cache_alloc+0x5b/0x480 [ 2953.409697] create_object.isra.0+0x3a/0xa20 [ 2953.410639] ? kasan_unpoison+0x23/0x50 [ 2953.411484] __kmalloc+0x25b/0x440 [ 2953.412259] security_sb_alloc+0x107/0x250 [ 2953.413153] ? test_single_super+0x10/0x10 [ 2953.414040] alloc_super+0x1dd/0x9d0 [ 2953.414838] ? test_single_super+0x10/0x10 [ 2953.415724] sget_fc+0x13e/0x7a0 [ 2953.416439] ? set_bdev_super+0x310/0x310 [ 2953.417311] get_tree_bdev+0x1bb/0x740 [ 2953.418115] ? ext4_reconfigure+0x27f0/0x27f0 [ 2953.419067] vfs_get_tree+0x8e/0x2f0 [ 2953.419842] path_mount+0x131b/0x1f80 [ 2953.420656] ? kasan_quarantine_put+0x87/0x1e0 [ 2953.421610] ? finish_automount+0xa20/0xa20 [ 2953.422509] ? kmem_cache_free+0xe0/0x420 [ 2953.423386] ? putname+0xfe/0x140 [ 2953.424124] __x64_sys_mount+0x27e/0x300 [ 2953.424973] ? path_mount+0x1f80/0x1f80 [ 2953.425806] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2953.426905] do_syscall_64+0x3b/0x90 [ 2953.427683] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2953.428753] RIP: 0033:0x7fc14228f04a [ 2953.429519] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2953.433251] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2953.434819] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2953.436266] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2953.437726] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2953.439200] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2953.440653] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2953.442127] [ 2953.450177] loop2: detected capacity change from 0 to 512 [ 2953.468636] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2953.502245] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:35:34 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008004000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:34 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 13) [ 2953.580960] loop6: detected capacity change from 0 to 512 19:35:34 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x100000000000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2953.583494] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem 19:35:34 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000058000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:34 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xb9, 0x0) [ 2953.588552] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. 19:35:34 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) [ 2953.605598] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2953.607166] EXT4-fs (loop3): get root inode failed [ 2953.608283] EXT4-fs (loop3): mount failed 19:35:34 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 12) [ 2953.612515] FAULT_INJECTION: forcing a failure. [ 2953.612515] name failslab, interval 1, probability 0, space 0, times 0 [ 2953.613744] CPU: 0 PID: 14960 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2953.614644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2953.615850] Call Trace: [ 2953.616126] [ 2953.616375] dump_stack_lvl+0x8b/0xb3 [ 2953.616797] should_fail.cold+0x5/0xa [ 2953.617228] ? create_object.isra.0+0x3a/0xa20 [ 2953.617742] should_failslab+0x5/0x10 [ 2953.618177] kmem_cache_alloc+0x5b/0x480 [ 2953.618643] create_object.isra.0+0x3a/0xa20 [ 2953.619139] ? kasan_unpoison+0x23/0x50 [ 2953.619592] kmem_cache_alloc+0x239/0x480 [ 2953.620065] security_file_alloc+0x34/0x170 [ 2953.620551] __alloc_file+0xb6/0x230 [ 2953.620970] alloc_empty_file+0x6d/0x170 [ 2953.621432] alloc_file+0x59/0x580 [ 2953.621835] alloc_file_pseudo+0x16a/0x250 [ 2953.622325] ? alloc_file+0x580/0x580 [ 2953.622754] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2953.623383] ? shmem_get_inode+0x619/0xcb0 [ 2953.623867] __shmem_file_setup+0x144/0x310 [ 2953.624351] __do_sys_memfd_create+0x1c6/0x4e0 [ 2953.624867] do_syscall_64+0x3b/0x90 [ 2953.625287] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2953.625884] RIP: 0033:0x7f2939f01b19 [ 2953.626315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2953.628321] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2953.629134] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f2939f01b19 [ 2953.629906] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f2939f5b0fb [ 2953.630686] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2953.631442] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2953.632197] R13: 0000000020000040 R14: 0000000000040000 R15: 0000000020012c00 [ 2953.633004] [ 2953.645971] loop5: detected capacity change from 0 to 512 [ 2953.652007] loop4: detected capacity change from 0 to 512 [ 2953.660854] loop1: detected capacity change from 0 to 512 [ 2953.664034] loop2: detected capacity change from 0 to 512 [ 2953.666463] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2953.670247] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2953.685047] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2953.692840] FAULT_INJECTION: forcing a failure. [ 2953.692840] name failslab, interval 1, probability 0, space 0, times 0 [ 2953.693156] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2953.694074] CPU: 0 PID: 14972 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2953.694091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2953.694100] Call Trace: [ 2953.694105] [ 2953.694110] dump_stack_lvl+0x8b/0xb3 [ 2953.695159] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2953.695803] should_fail.cold+0x5/0xa [ 2953.695826] ? security_file_alloc+0x34/0x170 [ 2953.699596] should_failslab+0x5/0x10 [ 2953.700016] kmem_cache_alloc+0x5b/0x480 [ 2953.700472] security_file_alloc+0x34/0x170 [ 2953.700957] __alloc_file+0xb6/0x230 [ 2953.701370] alloc_empty_file+0x6d/0x170 [ 2953.701818] alloc_file+0x59/0x580 [ 2953.702223] alloc_file_pseudo+0x16a/0x250 [ 2953.702685] ? alloc_file+0x580/0x580 [ 2953.703103] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2953.703709] ? shmem_get_inode+0x619/0xcb0 [ 2953.704175] __shmem_file_setup+0x144/0x310 [ 2953.704647] __do_sys_memfd_create+0x1c6/0x4e0 [ 2953.705151] do_syscall_64+0x3b/0x90 [ 2953.705560] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2953.706136] RIP: 0033:0x7f9ecc2ecb19 [ 2953.706527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2953.708505] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2953.709327] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9ecc2ecb19 [ 2953.710094] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f9ecc3460fb [ 2953.710863] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2953.711638] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2953.712407] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012c00 [ 2953.713187] 19:35:50 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xba, 0x0) 19:35:50 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008005000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:50 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x200000000000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:35:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 14) 19:35:50 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000068000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:50 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 91) 19:35:50 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 13) 19:35:50 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x9, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x56, 0x100}, {&(0x7f0000000140)="d9096a2a1cd1e802001e754d3a0a7b11885a21b918dde90eeeeff88637c4ac2926a805322279a2156c93dd067fcb326c90fd0c0ab1870fafa013886875489c5255d194c93741b5", 0x47, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) lstat(&(0x7f0000000740)='./file0\x00', &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000040)='./file0\x00', r0, r1) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) lchown(&(0x7f0000000080)='./file0\x00', r2, r1) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) [ 2969.246013] FAULT_INJECTION: forcing a failure. [ 2969.246013] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2969.248436] loop2: detected capacity change from 0 to 34 [ 2969.248441] CPU: 0 PID: 14990 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2969.251261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2969.253483] Call Trace: [ 2969.253987] [ 2969.254438] dump_stack_lvl+0x8b/0xb3 [ 2969.255207] should_fail.cold+0x5/0xa [ 2969.255973] prepare_alloc_pages+0x17b/0x500 [ 2969.256867] __alloc_pages+0x131/0x4e0 [ 2969.257641] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 2969.258844] ? lock_release+0x3b2/0x750 [ 2969.259637] ? avc_has_perm_noaudit+0x1c8/0x390 [ 2969.260594] ? find_held_lock+0x2c/0x110 [ 2969.261410] ? lock_release+0x3b2/0x750 [ 2969.262207] ? __filemap_get_folio+0x2d4/0xfe0 [ 2969.263142] ? __sanitizer_cov_trace_cmp2+0x22/0x80 [ 2969.264151] alloc_pages_vma+0xde/0x500 [ 2969.264952] shmem_alloc_page+0x107/0x1d0 [ 2969.265785] ? shmem_add_to_page_cache+0x1650/0x1650 [ 2969.266828] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2969.267919] ? percpu_counter_add_batch+0xb4/0x170 [ 2969.268903] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2969.269897] ? __vm_enough_memory+0x184/0x360 [ 2969.270812] shmem_getpage_gfp.constprop.0+0x651/0x2190 [ 2969.271894] ? shmem_unuse_inode+0xde0/0xde0 [ 2969.272544] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 2969.272771] ? ktime_get_coarse_real_ts64+0x159/0x190 [ 2969.275193] ? fault_in_readable+0x18a/0x250 [ 2969.275505] loop5: detected capacity change from 0 to 512 [ 2969.276065] ? fault_in_writeable+0x1d0/0x1d0 [ 2969.278244] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 2969.279252] shmem_write_begin+0xfd/0x1d0 [ 2969.280094] generic_perform_write+0x24c/0x570 [ 2969.281018] ? folio_unlock+0xb0/0xb0 [ 2969.281783] ? discard_new_inode+0x190/0x190 [ 2969.282688] ? generic_write_checks+0x25f/0x390 [ 2969.283629] __generic_file_write_iter+0x2d6/0x480 [ 2969.284629] generic_file_write_iter+0xd7/0x220 [ 2969.284853] loop1: detected capacity change from 0 to 512 [ 2969.285555] ? iov_iter_init+0x45/0x1b0 [ 2969.285592] new_sync_write+0x390/0x560 [ 2969.288451] ? new_sync_read+0x5f0/0x5f0 [ 2969.289257] ? x86_pmu_enable+0xbf0/0xd90 [ 2969.290090] ? lock_release+0x750/0x750 [ 2969.290908] ? lock_is_held_type+0xd7/0x130 [ 2969.291786] vfs_write+0x7b9/0xac0 [ 2969.292501] __x64_sys_pwrite64+0x1f7/0x250 [ 2969.293357] ? vfs_write+0xac0/0xac0 [ 2969.294106] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2969.295153] do_syscall_64+0x3b/0x90 [ 2969.295330] loop3: detected capacity change from 0 to 512 [ 2969.295901] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2969.298016] RIP: 0033:0x7f2939eb4ab7 [ 2969.298649] FAULT_INJECTION: forcing a failure. [ 2969.298649] name failslab, interval 1, probability 0, space 0, times 0 [ 2969.298763] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 2969.304603] RSP: 002b:00007f2937476f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 2969.306105] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4ab7 [ 2969.307526] RDX: 000000000000005a RSI: 0000000020000100 RDI: 0000000000000004 [ 2969.308933] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 2969.310354] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 2969.311765] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 2969.313204] [ 2969.313665] CPU: 1 PID: 14997 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2969.315358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2969.317031] loop4: detected capacity change from 0 to 512 [ 2969.317644] Call Trace: [ 2969.317655] [ 2969.317665] dump_stack_lvl+0x8b/0xb3 [ 2969.320445] should_fail.cold+0x5/0xa [ 2969.321238] ? create_object.isra.0+0x3a/0xa20 [ 2969.322166] should_failslab+0x5/0x10 [ 2969.322956] kmem_cache_alloc+0x5b/0x480 [ 2969.323801] create_object.isra.0+0x3a/0xa20 [ 2969.324699] ? kasan_unpoison+0x23/0x50 [ 2969.325530] kmem_cache_alloc+0x239/0x480 [ 2969.326390] security_file_alloc+0x34/0x170 [ 2969.327276] __alloc_file+0xb6/0x230 [ 2969.328037] alloc_empty_file+0x6d/0x170 [ 2969.328869] alloc_file+0x59/0x580 [ 2969.329613] alloc_file_pseudo+0x16a/0x250 [ 2969.330499] ? alloc_file+0x580/0x580 [ 2969.331265] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 2969.332382] ? shmem_get_inode+0x619/0xcb0 [ 2969.333037] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 2969.333247] __shmem_file_setup+0x144/0x310 [ 2969.333288] __do_sys_memfd_create+0x1c6/0x4e0 [ 2969.336188] do_syscall_64+0x3b/0x90 [ 2969.336963] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2969.338019] RIP: 0033:0x7f9ecc2ecb19 [ 2969.338803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2969.342535] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2969.344078] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9ecc2ecb19 [ 2969.345537] RDX: 0000000000004400 RSI: 0000000000000000 RDI: 00007f9ecc3460fb [ 2969.347007] RBP: 0000000000000003 R08: 0000000000002200 R09: ffffffffffffffff [ 2969.348478] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 2969.349911] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012c00 [ 2969.351390] [ 2969.368175] FAULT_INJECTION: forcing a failure. [ 2969.368175] name failslab, interval 1, probability 0, space 0, times 0 [ 2969.370689] CPU: 1 PID: 14996 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2969.372383] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2969.374777] Call Trace: [ 2969.375454] [ 2969.376017] dump_stack_lvl+0x8b/0xb3 [ 2969.376869] loop6: detected capacity change from 0 to 512 [ 2969.376976] should_fail.cold+0x5/0xa [ 2969.379007] ? create_object.isra.0+0x3a/0xa20 [ 2969.380142] should_failslab+0x5/0x10 [ 2969.381099] kmem_cache_alloc+0x5b/0x480 [ 2969.382138] create_object.isra.0+0x3a/0xa20 [ 2969.383263] kmemleak_alloc_percpu+0xa0/0x100 [ 2969.384386] pcpu_alloc+0x7bf/0x1060 [ 2969.385398] __percpu_init_rwsem+0x22/0x150 [ 2969.386530] alloc_super+0x222/0x9d0 [ 2969.387474] ? test_single_super+0x10/0x10 [ 2969.388533] sget_fc+0x13e/0x7a0 [ 2969.389228] ? set_bdev_super+0x310/0x310 [ 2969.390088] get_tree_bdev+0x1bb/0x740 [ 2969.390906] ? ext4_reconfigure+0x27f0/0x27f0 [ 2969.391829] vfs_get_tree+0x8e/0x2f0 [ 2969.392589] path_mount+0x131b/0x1f80 [ 2969.393357] ? kasan_quarantine_put+0x87/0x1e0 [ 2969.394299] ? finish_automount+0xa20/0xa20 [ 2969.395194] ? kmem_cache_free+0xe0/0x420 [ 2969.396051] ? putname+0xfe/0x140 [ 2969.396780] __x64_sys_mount+0x27e/0x300 [ 2969.397603] ? path_mount+0x1f80/0x1f80 [ 2969.398431] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2969.399506] do_syscall_64+0x3b/0x90 [ 2969.400256] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2969.401307] RIP: 0033:0x7fc14228f04a [ 2969.402056] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2969.405770] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2969.407307] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2969.408755] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2969.410194] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2969.411736] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2969.413358] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2969.415096] [ 2969.418415] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2969.422658] loop2: detected capacity change from 0 to 34 19:35:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 15) [ 2969.436838] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2969.438829] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 2969.444502] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2969.460745] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 2969.495561] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2969.498587] EXT4-fs (loop3): get root inode failed [ 2969.499654] EXT4-fs (loop3): mount failed 19:35:50 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000078000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:50 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008006000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:35:50 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x400000000000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:35:50 executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) statx(r0, &(0x7f0000000440)='./file0\x00', 0x4000, 0x2, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r4, 0x0) r5 = getegid() semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000480)={{0x0, r1, r3, r4, r5, 0x2a, 0xa65}, 0x764d0000000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4}) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r6, 0x0) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r8 = getgid() syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@gid={'gid', 0x3d, r8}}]}) getresgid(&(0x7f0000000300), &(0x7f0000000340)=0x0, &(0x7f0000000380)) setxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f00000003c0)={{}, {0x1, 0x3}, [{0x2, 0x7, r6}, {0x2, 0x4, r1}], {0x4, 0x1}, [{0x8, 0xb, r7}, {0x8, 0x3, r2}, {0x8, 0x4, r2}, {0x8, 0x4, r2}, {0x8, 0x6, r8}, {0x8, 0x0, r2}, {0x8, 0x7, r9}], {0x10, 0x1}, {0x20, 0x5}}, 0x6c, 0x1) [ 2969.600775] FAULT_INJECTION: forcing a failure. [ 2969.600775] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2969.603221] CPU: 1 PID: 15009 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2969.604927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2969.607221] Call Trace: [ 2969.607759] [ 2969.608206] dump_stack_lvl+0x8b/0xb3 [ 2969.608992] should_fail.cold+0x5/0xa [ 2969.609775] copy_page_from_iter_atomic+0x4e4/0x1b10 [ 2969.610851] ? iov_iter_get_pages_alloc+0x15a0/0x15a0 [ 2969.611901] ? fault_in_readable+0x18a/0x250 [ 2969.612807] ? fault_in_writeable+0x1d0/0x1d0 [ 2969.613709] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 2969.614772] ? shmem_write_begin+0xfd/0x1d0 [ 2969.615658] ? shmem_write_begin+0x106/0x1d0 [ 2969.616573] generic_perform_write+0x2c2/0x570 [ 2969.617546] ? folio_unlock+0xb0/0xb0 [ 2969.618327] ? discard_new_inode+0x190/0x190 [ 2969.619476] ? generic_write_checks+0x25f/0x390 [ 2969.620471] __generic_file_write_iter+0x2d6/0x480 [ 2969.621507] generic_file_write_iter+0xd7/0x220 [ 2969.622484] ? iov_iter_init+0x45/0x1b0 [ 2969.623292] new_sync_write+0x390/0x560 [ 2969.624098] ? new_sync_read+0x5f0/0x5f0 [ 2969.624934] ? x86_pmu_enable+0xbf0/0xd90 [ 2969.625787] ? lock_release+0x750/0x750 [ 2969.626636] ? lock_is_held_type+0xd7/0x130 [ 2969.627536] vfs_write+0x7b9/0xac0 [ 2969.628265] __x64_sys_pwrite64+0x1f7/0x250 [ 2969.629157] ? vfs_write+0xac0/0xac0 [ 2969.629923] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2969.631008] do_syscall_64+0x3b/0x90 [ 2969.631772] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2969.632821] RIP: 0033:0x7f2939eb4ab7 [ 2969.633570] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 2969.637272] RSP: 002b:00007f2937476f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 2969.638827] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4ab7 [ 2969.640261] RDX: 000000000000005a RSI: 0000000020000100 RDI: 0000000000000004 [ 2969.641691] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 2969.643158] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 2969.644595] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 2969.646051] 19:35:50 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 14) 19:35:50 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 92) [ 2969.683949] loop2: detected capacity change from 0 to 512 [ 2969.700024] loop1: detected capacity change from 0 to 512 19:35:50 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xbb, 0x0) [ 2969.735924] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2969.754023] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2969.765757] loop4: detected capacity change from 0 to 512 [ 2969.774318] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2969.793803] loop3: detected capacity change from 0 to 512 [ 2969.796649] FAULT_INJECTION: forcing a failure. [ 2969.796649] name failslab, interval 1, probability 0, space 0, times 0 [ 2969.798953] CPU: 1 PID: 15023 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2969.800621] FAULT_INJECTION: forcing a failure. [ 2969.800621] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2969.800651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2969.805274] Call Trace: [ 2969.805800] [ 2969.806249] dump_stack_lvl+0x8b/0xb3 [ 2969.807059] should_fail.cold+0x5/0xa [ 2969.807874] ? create_object.isra.0+0x3a/0xa20 [ 2969.808816] should_failslab+0x5/0x10 [ 2969.809598] kmem_cache_alloc+0x5b/0x480 [ 2969.810487] create_object.isra.0+0x3a/0xa20 [ 2969.811380] kmemleak_alloc_percpu+0xa0/0x100 [ 2969.812327] pcpu_alloc+0x7bf/0x1060 [ 2969.813117] __percpu_init_rwsem+0x22/0x150 [ 2969.814009] alloc_super+0x222/0x9d0 [ 2969.814791] ? test_single_super+0x10/0x10 [ 2969.815673] sget_fc+0x13e/0x7a0 [ 2969.816364] ? set_bdev_super+0x310/0x310 [ 2969.817210] get_tree_bdev+0x1bb/0x740 [ 2969.818013] ? ext4_reconfigure+0x27f0/0x27f0 [ 2969.818952] vfs_get_tree+0x8e/0x2f0 [ 2969.819732] path_mount+0x131b/0x1f80 [ 2969.820532] ? kasan_quarantine_put+0x87/0x1e0 [ 2969.821476] ? finish_automount+0xa20/0xa20 [ 2969.822350] ? kmem_cache_free+0xe0/0x420 [ 2969.823227] ? putname+0xfe/0x140 [ 2969.823966] __x64_sys_mount+0x27e/0x300 [ 2969.824811] ? path_mount+0x1f80/0x1f80 [ 2969.825634] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2969.826711] do_syscall_64+0x3b/0x90 [ 2969.827488] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2969.828569] RIP: 0033:0x7fc14228f04a [ 2969.829304] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2969.833030] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2969.834586] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2969.836045] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2969.837525] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2969.838979] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2969.840426] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2969.841901] [ 2969.842375] CPU: 0 PID: 15024 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2969.844062] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2969.846307] Call Trace: [ 2969.846842] [ 2969.847290] dump_stack_lvl+0x8b/0xb3 [ 2969.848062] should_fail.cold+0x5/0xa [ 2969.848825] prepare_alloc_pages+0x17b/0x500 [ 2969.849723] __alloc_pages+0x131/0x4e0 [ 2969.850516] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 2969.851726] ? lock_release+0x3b2/0x750 [ 2969.852518] ? avc_has_perm_noaudit+0x1c8/0x390 [ 2969.853462] ? find_held_lock+0x2c/0x110 [ 2969.854282] ? lock_release+0x3b2/0x750 [ 2969.855091] ? __filemap_get_folio+0x2d4/0xfe0 [ 2969.856018] ? __sanitizer_cov_trace_cmp2+0x22/0x80 [ 2969.857040] alloc_pages_vma+0xde/0x500 [ 2969.857850] shmem_alloc_page+0x107/0x1d0 [ 2969.858709] ? shmem_add_to_page_cache+0x1650/0x1650 [ 2969.859761] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2969.860873] ? percpu_counter_add_batch+0xb4/0x170 [ 2969.861873] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2969.862883] ? __vm_enough_memory+0x184/0x360 [ 2969.863800] shmem_getpage_gfp.constprop.0+0x651/0x2190 [ 2969.864896] ? shmem_unuse_inode+0xde0/0xde0 [ 2969.865776] ? ktime_get_coarse_real_ts64+0x159/0x190 [ 2969.866825] ? fault_in_readable+0x18a/0x250 [ 2969.867702] ? fault_in_writeable+0x1d0/0x1d0 [ 2969.868590] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 2969.869608] shmem_write_begin+0xfd/0x1d0 [ 2969.870465] generic_perform_write+0x24c/0x570 [ 2969.871397] ? folio_unlock+0xb0/0xb0 [ 2969.872166] ? discard_new_inode+0x190/0x190 [ 2969.873051] ? generic_write_checks+0x25f/0x390 [ 2969.873994] __generic_file_write_iter+0x2d6/0x480 [ 2969.875013] generic_file_write_iter+0xd7/0x220 [ 2969.875948] ? iov_iter_init+0x45/0x1b0 [ 2969.876756] new_sync_write+0x390/0x560 [ 2969.877571] ? new_sync_read+0x5f0/0x5f0 [ 2969.878399] ? x86_pmu_enable+0xbf0/0xd90 [ 2969.879238] ? lock_release+0x750/0x750 [ 2969.880055] ? lock_is_held_type+0xd7/0x130 [ 2969.880940] vfs_write+0x7b9/0xac0 [ 2969.881669] __x64_sys_pwrite64+0x1f7/0x250 [ 2969.882538] ? vfs_write+0xac0/0xac0 [ 2969.883289] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2969.884344] do_syscall_64+0x3b/0x90 [ 2969.885096] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2969.886138] RIP: 0033:0x7f9ecc29fab7 [ 2969.886900] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 2969.890574] RSP: 002b:00007f9ec9861f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 2969.892083] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fab7 [ 2969.893502] RDX: 000000000000005a RSI: 0000000020000280 RDI: 0000000000000004 [ 2969.894935] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 2969.896357] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 2969.897775] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 2969.899249] [ 2969.924023] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2969.928371] loop5: detected capacity change from 0 to 512 [ 2969.934995] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2969.957172] EXT4-fs (loop3): get root inode failed [ 2969.958405] EXT4-fs (loop3): mount failed [ 2969.970018] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2970.020788] loop6: detected capacity change from 0 to 512 [ 2970.033617] EXT4-fs (loop6): VFS: Can't find ext4 filesystem 19:36:04 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xbc, 0x0) 19:36:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000188000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:36:04 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 93) 19:36:04 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008007000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2983.301619] loop3: detected capacity change from 0 to 512 [ 2983.308498] loop2: detected capacity change from 0 to 512 [ 2983.310187] FAULT_INJECTION: forcing a failure. [ 2983.310187] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2983.312873] CPU: 1 PID: 15051 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2983.314262] FAULT_INJECTION: forcing a failure. [ 2983.314262] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2983.314640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2983.318253] Call Trace: [ 2983.318823] [ 2983.319298] dump_stack_lvl+0x8b/0xb3 [ 2983.320126] should_fail.cold+0x5/0xa [ 2983.320953] copy_page_from_iter_atomic+0x4e4/0x1b10 [ 2983.322060] ? iov_iter_get_pages_alloc+0x15a0/0x15a0 [ 2983.323174] ? fault_in_readable+0x18a/0x250 [ 2983.324117] ? fault_in_writeable+0x1d0/0x1d0 [ 2983.325070] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 2983.326154] ? shmem_write_begin+0xfd/0x1d0 [ 2983.327101] ? shmem_write_begin+0x106/0x1d0 [ 2983.328054] generic_perform_write+0x2c2/0x570 [ 2983.329053] ? folio_unlock+0xb0/0xb0 [ 2983.329880] ? discard_new_inode+0x190/0x190 [ 2983.330837] ? generic_write_checks+0x25f/0x390 [ 2983.331845] __generic_file_write_iter+0x2d6/0x480 [ 2983.332913] generic_file_write_iter+0xd7/0x220 [ 2983.333914] ? iov_iter_init+0x45/0x1b0 [ 2983.334778] new_sync_write+0x390/0x560 [ 2983.335618] ? new_sync_read+0x5f0/0x5f0 [ 2983.336482] ? x86_pmu_enable+0xbf0/0xd90 [ 2983.337373] ? lock_release+0x750/0x750 [ 2983.338229] ? lock_is_held_type+0xd7/0x130 [ 2983.339186] vfs_write+0x7b9/0xac0 [ 2983.339953] __x64_sys_pwrite64+0x1f7/0x250 [ 2983.340878] ? vfs_write+0xac0/0xac0 [ 2983.341692] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2983.342796] do_syscall_64+0x3b/0x90 [ 2983.343593] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2983.344686] RIP: 0033:0x7f9ecc29fab7 [ 2983.345463] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 2983.349324] RSP: 002b:00007f9ec9861f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 2983.350957] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fab7 [ 2983.352463] RDX: 000000000000005a RSI: 0000000020000280 RDI: 0000000000000004 [ 2983.353971] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 2983.355480] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 2983.356985] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 2983.358523] [ 2983.359018] CPU: 0 PID: 15054 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2983.359936] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2983.361167] Call Trace: [ 2983.361449] [ 2983.361694] dump_stack_lvl+0x8b/0xb3 [ 2983.361796] loop1: detected capacity change from 0 to 512 [ 2983.362119] should_fail.cold+0x5/0xa [ 2983.363710] copy_page_from_iter_atomic+0x4e4/0x1b10 [ 2983.364283] ? iov_iter_get_pages_alloc+0x15a0/0x15a0 [ 2983.364848] ? fault_in_readable+0x18a/0x250 [ 2983.365333] ? fault_in_writeable+0x1d0/0x1d0 [ 2983.365823] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 2983.366392] ? shmem_write_begin+0xfd/0x1d0 [ 2983.366882] ? shmem_write_begin+0x106/0x1d0 [ 2983.367372] generic_perform_write+0x2c2/0x570 19:36:04 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 16) 19:36:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 15) 19:36:04 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) mount(&(0x7f00000004c0)=@sr0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000580)='afs\x00', 0x0, &(0x7f00000005c0)='seclabel') stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000080)='./file1\x00', 0x8, 0x2, &(0x7f00000003c0)=[{&(0x7f0000000140)="5ccf988ad226a69826adb6f8cf32206d788fca615bf669d1ceec867db72aa24f0b196cb7f6c8ec95553cdb33889a80d2a99d8120550efada67626d19eaa6cc536c7074a73af740fdb97aa31fe4dff6ff4cc0d6649468cb843ba3ec0405501f06f5b3b955c9eeaa92a345115ba6aa1eed392ea961bfd155902c7e77282f008b1fea8e69900ad65962c2455b5b4540d340e5a78c0f15861eebaf3455ff19566242", 0xa0, 0x3}, {&(0x7f0000000300)="8d8957be0846e91dec39ce70e3cfc8a3f225e10a1fd4ae47e321c9b8601ac0745bbf7d64e16232b6d52c231f75abf8ba3137ab2c2ae6f106f44611d79c14a8306335c47f5a85900330b858fc4888570ee32e223ddfea1e2028721af24ce5e4aa189986b6b72ea2caaf5090f70de957598d3553323da3bb28423db39abef7de4c53b266e826e13e36d1a2ca30047379b563debf200fc4b99bb3123958db5305ec49a4200edc4d3938cf27", 0xaa, 0x100000001}], 0x80, &(0x7f0000000400)={[{@dioread_nolock}, {@auto_da_alloc}, {@dioread_lock}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}], [{@fscontext={'fscontext', 0x3d, 'system_u'}}, {@fsname={'fsname', 0x3d, 'ext4\x00'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@euid_eq={'euid', 0x3d, r0}}, {@fsname={'fsname', 0x3d, ']+\\'}}, {@seclabel}, {@appraise}]}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:36:04 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x3f00000000000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 2983.367883] ? folio_unlock+0xb0/0xb0 [ 2983.368499] ? discard_new_inode+0x190/0x190 [ 2983.368986] ? generic_write_checks+0x25f/0x390 [ 2983.369512] __generic_file_write_iter+0x2d6/0x480 [ 2983.370062] generic_file_write_iter+0xd7/0x220 [ 2983.370592] ? iov_iter_init+0x45/0x1b0 [ 2983.371036] new_sync_write+0x390/0x560 [ 2983.371476] ? new_sync_read+0x5f0/0x5f0 [ 2983.371925] ? x86_pmu_enable+0xbf0/0xd90 [ 2983.372390] ? lock_release+0x750/0x750 [ 2983.372844] ? lock_is_held_type+0xd7/0x130 [ 2983.373333] vfs_write+0x7b9/0xac0 [ 2983.373733] __x64_sys_pwrite64+0x1f7/0x250 [ 2983.374204] ? vfs_write+0xac0/0xac0 [ 2983.374630] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2983.375208] do_syscall_64+0x3b/0x90 [ 2983.375621] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2983.376188] RIP: 0033:0x7f2939eb4ab7 [ 2983.376593] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 2983.378602] RSP: 002b:00007f2937476f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 2983.379430] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4ab7 [ 2983.380199] RDX: 0000000000000009 RSI: 0000000020010300 RDI: 0000000000000004 [ 2983.380947] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 2983.381720] R10: 0000000000000800 R11: 0000000000000293 R12: 0000000000000004 [ 2983.382498] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 2983.383305] [ 2983.384721] loop5: detected capacity change from 0 to 512 [ 2983.389884] loop4: detected capacity change from 0 to 512 [ 2983.394153] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2983.395771] FAULT_INJECTION: forcing a failure. [ 2983.395771] name failslab, interval 1, probability 0, space 0, times 0 [ 2983.396653] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2983.398267] CPU: 1 PID: 15045 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2983.399833] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2983.400697] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2983.400716] Call Trace: [ 2983.400726] [ 2983.404896] dump_stack_lvl+0x8b/0xb3 [ 2983.405723] should_fail.cold+0x5/0xa [ 2983.406544] ? security_sb_alloc+0x107/0x250 [ 2983.407495] should_failslab+0x5/0x10 [ 2983.408311] __kmalloc+0x72/0x440 [ 2983.409059] ? _down_write_nest_lock+0x150/0x150 [ 2983.410074] security_sb_alloc+0x107/0x250 [ 2983.410995] ? test_single_super+0x10/0x10 [ 2983.411900] alloc_super+0x1dd/0x9d0 [ 2983.412712] ? test_single_super+0x10/0x10 [ 2983.413615] sget_fc+0x13e/0x7a0 [ 2983.414347] ? set_bdev_super+0x310/0x310 [ 2983.415250] get_tree_bdev+0x1bb/0x740 [ 2983.416080] ? ext4_reconfigure+0x27f0/0x27f0 [ 2983.417046] vfs_get_tree+0x8e/0x2f0 [ 2983.417844] path_mount+0x131b/0x1f80 [ 2983.418670] ? kasan_quarantine_put+0x87/0x1e0 [ 2983.419651] ? finish_automount+0xa20/0xa20 [ 2983.420569] ? kmem_cache_free+0xe0/0x420 [ 2983.421470] ? putname+0xfe/0x140 [ 2983.422229] __x64_sys_mount+0x27e/0x300 [ 2983.423111] ? path_mount+0x1f80/0x1f80 [ 2983.423961] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2983.425061] do_syscall_64+0x3b/0x90 [ 2983.425859] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2983.426967] RIP: 0033:0x7fc14228f04a [ 2983.427748] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2983.431637] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2983.433236] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2983.434742] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2983.436244] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2983.437740] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2983.439245] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2983.440771] [ 2983.457777] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:36:04 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 17) [ 2983.518882] FAULT_INJECTION: forcing a failure. [ 2983.518882] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2983.520383] CPU: 0 PID: 15067 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2983.521261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2983.522450] Call Trace: [ 2983.522740] [ 2983.522977] dump_stack_lvl+0x8b/0xb3 [ 2983.523401] should_fail.cold+0x5/0xa [ 2983.523657] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2983.523817] prepare_alloc_pages+0x17b/0x500 [ 2983.525903] __alloc_pages+0x131/0x4e0 [ 2983.526326] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 2983.526976] ? lock_release+0x3b2/0x750 [ 2983.527403] ? avc_has_perm_noaudit+0x1c8/0x390 [ 2983.527906] ? find_held_lock+0x2c/0x110 [ 2983.528353] ? lock_release+0x3b2/0x750 [ 2983.528793] ? __filemap_get_folio+0x2d4/0xfe0 [ 2983.529305] ? __sanitizer_cov_trace_cmp2+0x22/0x80 [ 2983.529874] alloc_pages_vma+0xde/0x500 [ 2983.530327] shmem_alloc_page+0x107/0x1d0 [ 2983.530797] ? shmem_add_to_page_cache+0x1650/0x1650 [ 2983.531376] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2983.531981] ? percpu_counter_add_batch+0xb4/0x170 [ 2983.532532] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2983.533084] ? __vm_enough_memory+0x184/0x360 [ 2983.533587] shmem_getpage_gfp.constprop.0+0x651/0x2190 [ 2983.534191] ? shmem_unuse_inode+0xde0/0xde0 [ 2983.534695] ? ktime_get_coarse_real_ts64+0x159/0x190 [ 2983.535261] ? fault_in_readable+0x18a/0x250 [ 2983.535747] ? fault_in_writeable+0x1d0/0x1d0 [ 2983.536250] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 2983.536807] shmem_write_begin+0xfd/0x1d0 [ 2983.537276] generic_perform_write+0x24c/0x570 [ 2983.537789] ? folio_unlock+0xb0/0xb0 [ 2983.538218] ? discard_new_inode+0x190/0x190 [ 2983.538721] ? generic_write_checks+0x25f/0x390 [ 2983.539247] __generic_file_write_iter+0x2d6/0x480 [ 2983.539801] generic_file_write_iter+0xd7/0x220 [ 2983.540322] ? iov_iter_init+0x45/0x1b0 [ 2983.540765] new_sync_write+0x390/0x560 [ 2983.541208] ? new_sync_read+0x5f0/0x5f0 [ 2983.541659] ? x86_pmu_enable+0xbf0/0xd90 [ 2983.542125] ? lock_release+0x750/0x750 [ 2983.542592] ? lock_is_held_type+0xd7/0x130 [ 2983.543074] vfs_write+0x7b9/0xac0 [ 2983.543476] __x64_sys_pwrite64+0x1f7/0x250 [ 2983.543953] ? vfs_write+0xac0/0xac0 [ 2983.544367] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2983.544946] do_syscall_64+0x3b/0x90 [ 2983.545362] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2983.545945] RIP: 0033:0x7f2939eb4ab7 [ 2983.546354] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 2983.548371] RSP: 002b:00007f2937476f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 2983.549197] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4ab7 [ 2983.549969] RDX: 000000000000001d RSI: 00000000200000c0 RDI: 0000000000000004 [ 2983.550772] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 2983.551555] R10: 0000000000002200 R11: 0000000000000293 R12: 0000000000000004 [ 2983.552337] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2983.553129] 19:36:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="2000001c8000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:36:04 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008008000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:36:04 executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r0, 0xc0406619, &(0x7f0000000040)={@id={0x2, 0x0, @auto="32f713b07c3cc9f854f08c78563fb7cf"}}) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) [ 2983.600299] loop4: detected capacity change from 0 to 512 [ 2983.613041] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2983.628896] loop2: detected capacity change from 0 to 512 [ 2983.629715] loop6: detected capacity change from 0 to 512 [ 2983.632218] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2983.637632] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 2983.649297] EXT4-fs error (device loop4): __ext4_fill_super:5311: inode #2: comm syz-executor.4: iget: root inode unallocated [ 2983.650852] EXT4-fs (loop4): get root inode failed [ 2983.651419] EXT4-fs (loop4): mount failed 19:36:04 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x8cffffff00000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:36:04 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 94) 19:36:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 16) [ 2983.702590] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:36:04 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 18) [ 2983.734175] loop1: detected capacity change from 0 to 512 [ 2983.750684] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 2983.758882] loop3: detected capacity change from 0 to 512 [ 2983.762005] FAULT_INJECTION: forcing a failure. [ 2983.762005] name failslab, interval 1, probability 0, space 0, times 0 [ 2983.764339] CPU: 1 PID: 15086 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2983.766329] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2983.768579] Call Trace: [ 2983.769205] [ 2983.769659] dump_stack_lvl+0x8b/0xb3 [ 2983.770618] should_fail.cold+0x5/0xa [ 2983.771398] ? create_object.isra.0+0x3a/0xa20 [ 2983.772327] should_failslab+0x5/0x10 [ 2983.773096] kmem_cache_alloc+0x5b/0x480 [ 2983.773932] create_object.isra.0+0x3a/0xa20 [ 2983.774837] kmemleak_alloc_percpu+0xa0/0x100 [ 2983.775742] pcpu_alloc+0x7bf/0x1060 [ 2983.776515] __percpu_init_rwsem+0x22/0x150 [ 2983.777383] alloc_super+0x222/0x9d0 [ 2983.778143] ? test_single_super+0x10/0x10 [ 2983.779007] sget_fc+0x13e/0x7a0 [ 2983.779702] ? set_bdev_super+0x310/0x310 [ 2983.780553] get_tree_bdev+0x1bb/0x740 [ 2983.781500] ? ext4_reconfigure+0x27f0/0x27f0 [ 2983.782424] vfs_get_tree+0x8e/0x2f0 [ 2983.783341] path_mount+0x131b/0x1f80 [ 2983.784268] ? kasan_quarantine_put+0x87/0x1e0 [ 2983.785371] ? finish_automount+0xa20/0xa20 [ 2983.786414] ? kmem_cache_free+0xe0/0x420 [ 2983.787442] ? putname+0xfe/0x140 [ 2983.788301] __x64_sys_mount+0x27e/0x300 [ 2983.789214] ? path_mount+0x1f80/0x1f80 [ 2983.790004] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2983.791047] do_syscall_64+0x3b/0x90 [ 2983.791137] FAULT_INJECTION: forcing a failure. [ 2983.791137] name failslab, interval 1, probability 0, space 0, times 0 [ 2983.791782] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2983.794161] RIP: 0033:0x7fc14228f04a [ 2983.794975] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2983.798952] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2983.800589] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2983.802125] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2983.803680] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2983.805216] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2983.806758] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2983.808326] [ 2983.808827] CPU: 0 PID: 15089 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2983.809752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2983.810971] Call Trace: [ 2983.811257] [ 2983.811500] dump_stack_lvl+0x8b/0xb3 [ 2983.811928] should_fail.cold+0x5/0xa [ 2983.812359] should_failslab+0x5/0x10 [ 2983.812785] kmem_cache_alloc_lru+0x60/0x7c0 [ 2983.813275] ? xas_alloc+0x35d/0x480 [ 2983.813685] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2983.814270] xas_alloc+0x35d/0x480 [ 2983.814674] xas_create+0x607/0x1030 [ 2983.815082] ? lock_acquire+0x1b2/0x530 [ 2983.815531] xas_store+0x90/0x1c40 [ 2983.815925] ? xas_find_conflict+0x4a6/0x9e0 [ 2983.816417] shmem_add_to_page_cache+0x1145/0x1650 [ 2983.816959] ? shmem_writepage+0xed0/0xed0 [ 2983.817439] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2983.817992] shmem_getpage_gfp.constprop.0+0x796/0x2190 [ 2983.818598] ? shmem_unuse_inode+0xde0/0xde0 [ 2983.819074] ? ktime_get_coarse_real_ts64+0x159/0x190 [ 2983.819634] ? fault_in_readable+0x18a/0x250 [ 2983.820116] ? fault_in_writeable+0x1d0/0x1d0 [ 2983.820590] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 2983.821151] shmem_write_begin+0xfd/0x1d0 [ 2983.821609] generic_perform_write+0x24c/0x570 [ 2983.822138] ? folio_unlock+0xb0/0xb0 [ 2983.822567] ? discard_new_inode+0x190/0x190 [ 2983.823059] ? generic_write_checks+0x25f/0x390 [ 2983.823565] __generic_file_write_iter+0x2d6/0x480 [ 2983.824116] generic_file_write_iter+0xd7/0x220 [ 2983.824626] ? iov_iter_init+0x45/0x1b0 [ 2983.825075] new_sync_write+0x390/0x560 [ 2983.825504] ? new_sync_read+0x5f0/0x5f0 [ 2983.825953] ? x86_pmu_enable+0xbf0/0xd90 [ 2983.826416] ? lock_release+0x750/0x750 [ 2983.826898] ? lock_is_held_type+0xd7/0x130 [ 2983.827375] vfs_write+0x7b9/0xac0 [ 2983.827775] __x64_sys_pwrite64+0x1f7/0x250 [ 2983.828252] ? vfs_write+0xac0/0xac0 [ 2983.828671] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2983.829241] do_syscall_64+0x3b/0x90 [ 2983.829661] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2983.830234] RIP: 0033:0x7f2939eb4ab7 [ 2983.830654] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 2983.832683] RSP: 002b:00007f2937476f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 2983.833515] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4ab7 [ 2983.834295] RDX: 000000000000001d RSI: 00000000200000c0 RDI: 0000000000000004 [ 2983.835082] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 2983.835863] R10: 0000000000002200 R11: 0000000000000293 R12: 0000000000000004 [ 2983.836637] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2983.837426] [ 2983.850396] FAULT_INJECTION: forcing a failure. [ 2983.850396] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2983.852860] CPU: 1 PID: 15091 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2983.854475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2983.856677] Call Trace: [ 2983.857189] [ 2983.857631] dump_stack_lvl+0x8b/0xb3 [ 2983.858412] should_fail.cold+0x5/0xa [ 2983.859197] copy_page_from_iter_atomic+0x4e4/0x1b10 [ 2983.860279] ? iov_iter_get_pages_alloc+0x15a0/0x15a0 [ 2983.861426] ? fault_in_readable+0x18a/0x250 [ 2983.862389] ? fault_in_writeable+0x1d0/0x1d0 [ 2983.863396] ? shmem_write_begin+0xfd/0x1d0 [ 2983.864349] ? shmem_write_begin+0x106/0x1d0 [ 2983.865333] generic_perform_write+0x2c2/0x570 [ 2983.866362] ? folio_unlock+0xb0/0xb0 [ 2983.867229] ? discard_new_inode+0x190/0x190 [ 2983.868204] ? generic_write_checks+0x25f/0x390 [ 2983.869263] __generic_file_write_iter+0x2d6/0x480 [ 2983.870385] generic_file_write_iter+0xd7/0x220 [ 2983.871396] ? iov_iter_init+0x45/0x1b0 [ 2983.872194] new_sync_write+0x390/0x560 [ 2983.872982] ? new_sync_read+0x5f0/0x5f0 [ 2983.873788] ? x86_pmu_enable+0xbf0/0xd90 [ 2983.874633] ? lock_release+0x750/0x750 [ 2983.875446] ? lock_is_held_type+0xd7/0x130 [ 2983.876330] vfs_write+0x7b9/0xac0 [ 2983.877062] __x64_sys_pwrite64+0x1f7/0x250 [ 2983.877927] ? vfs_write+0xac0/0xac0 [ 2983.878679] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2983.879711] do_syscall_64+0x3b/0x90 [ 2983.880451] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2983.881489] RIP: 0033:0x7f9ecc29fab7 [ 2983.882209] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 2983.885836] RSP: 002b:00007f9ec9861f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 2983.887350] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fab7 [ 2983.888760] RDX: 0000000000000009 RSI: 0000000020010300 RDI: 0000000000000004 [ 2983.890164] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 2983.891577] R10: 0000000000000800 R11: 0000000000000293 R12: 0000000000000004 [ 2983.892987] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 2983.894422] [ 2983.897899] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2983.900548] loop6: detected capacity change from 0 to 512 [ 2983.900572] EXT4-fs (loop3): get root inode failed [ 2983.902296] EXT4-fs (loop3): mount failed [ 2983.906547] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2983.919501] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 2983.963695] loop4: detected capacity change from 0 to 512 [ 2983.979093] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2983.992492] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:36:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 19) 19:36:20 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xe4ffffff00000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:36:20 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f0000000040)={'ip6gre0\x00', 0x0, 0x4, 0x5, 0xb, 0x3, 0x1, @loopback, @remote, 0x10, 0x8, 0x1, 0x7}}) setsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000300)={{{@in6=@local, @in6=@private2, 0x4e20, 0x401, 0x4e20, 0x1, 0xa, 0x20, 0x10, 0x1d, r2, 0xee00}, {0x9, 0x100000001, 0x9, 0x8, 0x2, 0x2, 0x7, 0x9}, {0x8001, 0x5, 0x84d5, 0x81}, 0x31, 0x6e6bb6, 0x0, 0x1, 0x2, 0x3}, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x4d4, 0x6c}, 0xa, @in6=@empty, 0x3501, 0x1, 0x0, 0x6, 0xffffffff, 0xffff, 0x2c}}, 0xe8) 19:36:20 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xbd, 0x0) 19:36:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008018000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:36:20 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 95) 19:36:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 17) 19:36:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000208000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2998.972814] FAULT_INJECTION: forcing a failure. [ 2998.972814] name failslab, interval 1, probability 0, space 0, times 0 [ 2998.975434] CPU: 1 PID: 15104 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2998.977179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2998.979562] Call Trace: [ 2998.980108] [ 2998.980583] dump_stack_lvl+0x8b/0xb3 [ 2998.981409] should_fail.cold+0x5/0xa [ 2998.982225] ? lock_downgrade+0x6d0/0x6d0 [ 2998.983128] ? create_object.isra.0+0x3a/0xa20 [ 2998.984110] should_failslab+0x5/0x10 [ 2998.985084] kmem_cache_alloc+0x5b/0x480 [ 2998.986157] create_object.isra.0+0x3a/0xa20 [ 2998.987297] ? kasan_unpoison+0x23/0x50 [ 2998.988335] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2998.989494] ? xas_alloc+0x35d/0x480 [ 2998.990425] xas_alloc+0x35d/0x480 [ 2998.991202] xas_create+0x607/0x1030 [ 2998.991989] ? lock_acquire+0x1b2/0x530 [ 2998.992293] loop5: detected capacity change from 0 to 512 [ 2998.992837] xas_store+0x90/0x1c40 [ 2998.994159] ? xas_find_conflict+0x4a6/0x9e0 [ 2998.995102] shmem_add_to_page_cache+0x1145/0x1650 [ 2998.995488] loop2: detected capacity change from 0 to 512 [ 2998.996142] ? shmem_writepage+0xed0/0xed0 [ 2998.997580] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2998.998647] shmem_getpage_gfp.constprop.0+0x796/0x2190 [ 2998.999822] ? shmem_unuse_inode+0xde0/0xde0 [ 2999.000748] ? ktime_get_coarse_real_ts64+0x159/0x190 [ 2999.001817] ? fault_in_readable+0x18a/0x250 [ 2999.002734] ? fault_in_writeable+0x1d0/0x1d0 [ 2999.003680] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 2999.004731] shmem_write_begin+0xfd/0x1d0 [ 2999.005604] generic_perform_write+0x24c/0x570 [ 2999.006573] ? folio_unlock+0xb0/0xb0 [ 2999.007388] ? discard_new_inode+0x190/0x190 [ 2999.008308] ? generic_write_checks+0x25f/0x390 [ 2999.009291] __generic_file_write_iter+0x2d6/0x480 [ 2999.010329] generic_file_write_iter+0xd7/0x220 [ 2999.011311] ? iov_iter_init+0x45/0x1b0 [ 2999.012145] new_sync_write+0x390/0x560 [ 2999.012970] ? new_sync_read+0x5f0/0x5f0 [ 2999.013815] ? x86_pmu_enable+0xbf0/0xd90 [ 2999.014687] ? lock_release+0x750/0x750 [ 2999.015575] ? lock_is_held_type+0xd7/0x130 [ 2999.016503] vfs_write+0x7b9/0xac0 [ 2999.017253] __x64_sys_pwrite64+0x1f7/0x250 [ 2999.018152] ? vfs_write+0xac0/0xac0 [ 2999.018939] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2999.020012] do_syscall_64+0x3b/0x90 [ 2999.020791] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2999.021870] RIP: 0033:0x7f2939eb4ab7 [ 2999.022636] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 2999.026428] RSP: 002b:00007f2937476f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 2999.028015] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4ab7 [ 2999.029488] RDX: 000000000000001d RSI: 00000000200000c0 RDI: 0000000000000004 [ 2999.030965] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 2999.032436] R10: 0000000000002200 R11: 0000000000000293 R12: 0000000000000004 [ 2999.033904] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2999.034800] FAULT_INJECTION: forcing a failure. [ 2999.034800] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2999.035425] [ 2999.036892] CPU: 0 PID: 15115 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2999.037743] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2999.038925] Call Trace: [ 2999.039094] loop3: detected capacity change from 0 to 512 [ 2999.039188] [ 2999.039195] dump_stack_lvl+0x8b/0xb3 [ 2999.039220] should_fail.cold+0x5/0xa [ 2999.041248] loop1: detected capacity change from 0 to 512 [ 2999.041350] prepare_alloc_pages+0x17b/0x500 [ 2999.042933] __alloc_pages+0x131/0x4e0 [ 2999.043339] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 2999.043961] ? lock_release+0x3b2/0x750 [ 2999.044374] ? avc_has_perm_noaudit+0x1c8/0x390 [ 2999.044867] ? find_held_lock+0x2c/0x110 [ 2999.045295] ? lock_release+0x3b2/0x750 [ 2999.045716] ? __filemap_get_folio+0x2d4/0xfe0 [ 2999.046196] ? __sanitizer_cov_trace_cmp2+0x22/0x80 [ 2999.046727] alloc_pages_vma+0xde/0x500 [ 2999.047169] shmem_alloc_page+0x107/0x1d0 [ 2999.047600] ? shmem_add_to_page_cache+0x1650/0x1650 [ 2999.048136] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2999.048706] ? percpu_counter_add_batch+0xb4/0x170 [ 2999.049225] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2999.049741] ? __vm_enough_memory+0x184/0x360 [ 2999.050208] shmem_getpage_gfp.constprop.0+0x651/0x2190 [ 2999.050768] ? shmem_unuse_inode+0xde0/0xde0 19:36:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="20008000801c000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:36:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="2000003a8000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2999.051242] ? ktime_get_coarse_real_ts64+0x159/0x190 [ 2999.051968] ? fault_in_readable+0x18a/0x250 [ 2999.052421] ? fault_in_writeable+0x1d0/0x1d0 [ 2999.052911] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 2999.053442] shmem_write_begin+0xfd/0x1d0 [ 2999.053910] generic_perform_write+0x24c/0x570 [ 2999.054393] ? folio_unlock+0xb0/0xb0 [ 2999.054833] ? discard_new_inode+0x190/0x190 [ 2999.055291] ? generic_write_checks+0x25f/0x390 [ 2999.055813] __generic_file_write_iter+0x2d6/0x480 [ 2999.056328] generic_file_write_iter+0xd7/0x220 [ 2999.056850] ? iov_iter_init+0x45/0x1b0 [ 2999.057268] new_sync_write+0x390/0x560 [ 2999.057718] ? new_sync_read+0x5f0/0x5f0 [ 2999.058137] ? x86_pmu_enable+0xbf0/0xd90 [ 2999.058611] ? lock_release+0x750/0x750 [ 2999.059036] ? lock_is_held_type+0xd7/0x130 [ 2999.059528] vfs_write+0x7b9/0xac0 [ 2999.059897] __x64_sys_pwrite64+0x1f7/0x250 [ 2999.060368] ? vfs_write+0xac0/0xac0 [ 2999.060753] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2999.061318] do_syscall_64+0x3b/0x90 [ 2999.061703] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2999.062278] RIP: 0033:0x7f9ecc29fab7 [ 2999.062658] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 2999.064705] RSP: 002b:00007f9ec9861f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 2999.065483] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fab7 [ 2999.066230] RDX: 000000000000001d RSI: 00000000200000c0 RDI: 0000000000000004 [ 2999.066977] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 2999.067712] R10: 0000000000002200 R11: 0000000000000293 R12: 0000000000000004 [ 2999.068445] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2999.069181] [ 2999.069900] FAULT_INJECTION: forcing a failure. [ 2999.069900] name failslab, interval 1, probability 0, space 0, times 0 [ 2999.072288] CPU: 1 PID: 15117 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2999.074001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2999.076409] Call Trace: [ 2999.076944] [ 2999.077414] dump_stack_lvl+0x8b/0xb3 [ 2999.077817] loop4: detected capacity change from 0 to 512 [ 2999.078220] should_fail.cold+0x5/0xa [ 2999.079627] ? create_object.isra.0+0x3a/0xa20 [ 2999.080593] should_failslab+0x5/0x10 [ 2999.081403] kmem_cache_alloc+0x5b/0x480 [ 2999.082270] create_object.isra.0+0x3a/0xa20 [ 2999.083219] kmemleak_alloc_percpu+0xa0/0x100 [ 2999.084161] pcpu_alloc+0x7bf/0x1060 [ 2999.084965] __percpu_init_rwsem+0x22/0x150 [ 2999.085870] alloc_super+0x222/0x9d0 [ 2999.086660] ? test_single_super+0x10/0x10 [ 2999.087559] sget_fc+0x13e/0x7a0 [ 2999.087661] loop6: detected capacity change from 0 to 512 [ 2999.088280] ? set_bdev_super+0x310/0x310 [ 2999.089751] get_tree_bdev+0x1bb/0x740 [ 2999.090569] ? ext4_reconfigure+0x27f0/0x27f0 [ 2999.091528] vfs_get_tree+0x8e/0x2f0 [ 2999.092316] path_mount+0x131b/0x1f80 [ 2999.093127] ? kasan_quarantine_put+0x87/0x1e0 [ 2999.094091] ? finish_automount+0xa20/0xa20 [ 2999.095052] ? kmem_cache_free+0xe0/0x420 [ 2999.095944] ? putname+0xfe/0x140 [ 2999.096691] __x64_sys_mount+0x27e/0x300 [ 2999.097546] ? path_mount+0x1f80/0x1f80 [ 2999.098387] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2999.099476] do_syscall_64+0x3b/0x90 [ 2999.100263] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2999.101351] RIP: 0033:0x7fc14228f04a [ 2999.102118] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2999.106538] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2999.108144] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 2999.109635] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 2999.111140] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 2999.112626] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2999.114104] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 2999.115624] [ 2999.120558] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 2999.121586] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem 19:36:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="20008000803a000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 2999.137277] EXT4-fs error (device loop6): __ext4_fill_super:5311: inode #2: comm syz-executor.6: iget: root inode unallocated [ 2999.139612] EXT4-fs (loop6): get root inode failed [ 2999.140176] EXT4-fs (loop6): mount failed [ 2999.160246] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 2999.162257] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 2999.164306] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 2999.191457] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:36:20 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 18) [ 2999.231498] FAULT_INJECTION: forcing a failure. [ 2999.231498] name failslab, interval 1, probability 0, space 0, times 0 [ 2999.232689] CPU: 0 PID: 15137 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 2999.233537] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2999.234693] Call Trace: [ 2999.234979] [ 2999.235209] dump_stack_lvl+0x8b/0xb3 [ 2999.235615] should_fail.cold+0x5/0xa [ 2999.236025] should_failslab+0x5/0x10 [ 2999.236429] kmem_cache_alloc_lru+0x60/0x7c0 [ 2999.236888] ? xas_alloc+0x35d/0x480 [ 2999.237274] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2999.237825] xas_alloc+0x35d/0x480 [ 2999.238198] xas_create+0x607/0x1030 [ 2999.238585] ? lock_acquire+0x1b2/0x530 [ 2999.239025] xas_store+0x90/0x1c40 [ 2999.239399] ? xas_find_conflict+0x4a6/0x9e0 [ 2999.239858] shmem_add_to_page_cache+0x1145/0x1650 [ 2999.240377] ? shmem_writepage+0xed0/0xed0 [ 2999.240826] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2999.241360] shmem_getpage_gfp.constprop.0+0x796/0x2190 [ 2999.241921] ? shmem_unuse_inode+0xde0/0xde0 [ 2999.242379] ? ktime_get_coarse_real_ts64+0x159/0x190 [ 2999.242923] ? fault_in_readable+0x18a/0x250 [ 2999.243376] ? fault_in_writeable+0x1d0/0x1d0 [ 2999.243833] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 2999.244360] shmem_write_begin+0xfd/0x1d0 [ 2999.244796] generic_perform_write+0x24c/0x570 [ 2999.245286] ? folio_unlock+0xb0/0xb0 [ 2999.245684] ? discard_new_inode+0x190/0x190 [ 2999.246144] ? generic_write_checks+0x25f/0x390 [ 2999.246639] __generic_file_write_iter+0x2d6/0x480 [ 2999.247169] generic_file_write_iter+0xd7/0x220 [ 2999.247651] ? iov_iter_init+0x45/0x1b0 [ 2999.248066] new_sync_write+0x390/0x560 [ 2999.248482] ? new_sync_read+0x5f0/0x5f0 [ 2999.248899] ? x86_pmu_enable+0xbf0/0xd90 [ 2999.249331] ? lock_release+0x750/0x750 [ 2999.249751] ? lock_is_held_type+0xd7/0x130 [ 2999.250210] vfs_write+0x7b9/0xac0 [ 2999.250585] __x64_sys_pwrite64+0x1f7/0x250 [ 2999.251043] ? vfs_write+0xac0/0xac0 [ 2999.251432] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2999.251966] do_syscall_64+0x3b/0x90 [ 2999.252358] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2999.252891] RIP: 0033:0x7f9ecc29fab7 [ 2999.253273] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 2999.255156] RSP: 002b:00007f9ec9861f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 2999.255934] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fab7 [ 2999.256677] RDX: 000000000000001d RSI: 00000000200000c0 RDI: 0000000000000004 [ 2999.257415] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 2999.258136] R10: 0000000000002200 R11: 0000000000000293 R12: 0000000000000004 [ 2999.258873] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 2999.259611] [ 2999.291227] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 2999.292661] EXT4-fs (loop3): get root inode failed [ 2999.293169] EXT4-fs (loop3): mount failed [ 2999.293256] loop6: detected capacity change from 0 to 512 [ 2999.300457] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 2999.320647] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. 19:36:32 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 19) 19:36:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000658000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:36:32 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 96) 19:36:32 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:36:32 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008065000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:36:32 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xbe, 0x0) 19:36:32 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xf6ffffff00000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:36:32 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 20) [ 3011.441352] loop5: detected capacity change from 0 to 512 [ 3011.449553] FAULT_INJECTION: forcing a failure. [ 3011.449553] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3011.450863] CPU: 0 PID: 15158 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3011.451800] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3011.453040] Call Trace: [ 3011.453321] [ 3011.453556] dump_stack_lvl+0x8b/0xb3 [ 3011.453992] should_fail.cold+0x5/0xa [ 3011.454421] copy_page_from_iter_atomic+0x4e4/0x1b10 [ 3011.455008] ? iov_iter_get_pages_alloc+0x15a0/0x15a0 [ 3011.455570] ? fault_in_readable+0x18a/0x250 [ 3011.456056] ? fault_in_writeable+0x1d0/0x1d0 [ 3011.456544] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 3011.457104] ? shmem_write_begin+0xfd/0x1d0 [ 3011.457588] ? shmem_write_begin+0x106/0x1d0 [ 3011.458083] generic_perform_write+0x2c2/0x570 [ 3011.458478] loop2: detected capacity change from 0 to 512 [ 3011.458598] ? folio_unlock+0xb0/0xb0 [ 3011.460172] ? discard_new_inode+0x190/0x190 [ 3011.460630] ? generic_write_checks+0x25f/0x390 [ 3011.461149] __generic_file_write_iter+0x2d6/0x480 [ 3011.461704] generic_file_write_iter+0xd7/0x220 [ 3011.462223] ? iov_iter_init+0x45/0x1b0 [ 3011.462665] new_sync_write+0x390/0x560 [ 3011.463112] ? new_sync_read+0x5f0/0x5f0 [ 3011.463562] ? x86_pmu_enable+0xbf0/0xd90 [ 3011.464025] ? lock_release+0x750/0x750 [ 3011.464477] ? lock_is_held_type+0xd7/0x130 [ 3011.464956] vfs_write+0x7b9/0xac0 [ 3011.465330] __x64_sys_pwrite64+0x1f7/0x250 [ 3011.465793] ? vfs_write+0xac0/0xac0 [ 3011.466206] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3011.466635] loop1: detected capacity change from 0 to 512 [ 3011.466769] do_syscall_64+0x3b/0x90 [ 3011.468297] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3011.468861] RIP: 0033:0x7f2939eb4ab7 [ 3011.469274] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 3011.471314] RSP: 002b:00007f2937476f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 3011.472156] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4ab7 [ 3011.472944] RDX: 000000000000001d RSI: 00000000200000c0 RDI: 0000000000000004 [ 3011.473736] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 3011.474518] R10: 0000000000002200 R11: 0000000000000293 R12: 0000000000000004 [ 3011.474803] FAULT_INJECTION: forcing a failure. [ 3011.474803] name failslab, interval 1, probability 0, space 0, times 0 [ 3011.475307] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 3011.478277] [ 3011.478534] CPU: 1 PID: 15163 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3011.480215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3011.482437] Call Trace: [ 3011.482945] [ 3011.483412] dump_stack_lvl+0x8b/0xb3 [ 3011.484179] should_fail.cold+0x5/0xa [ 3011.484935] ? create_object.isra.0+0x3a/0xa20 [ 3011.485847] should_failslab+0x5/0x10 [ 3011.486603] kmem_cache_alloc+0x5b/0x480 [ 3011.487431] create_object.isra.0+0x3a/0xa20 [ 3011.488006] loop4: detected capacity change from 0 to 512 [ 3011.488314] ? kasan_unpoison+0x23/0x50 [ 3011.489719] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 3011.490615] ? xas_alloc+0x35d/0x480 [ 3011.491370] xas_alloc+0x35d/0x480 [ 3011.492083] xas_create+0x607/0x1030 [ 3011.492828] ? lock_acquire+0x1b2/0x530 [ 3011.493632] xas_store+0x90/0x1c40 [ 3011.494345] ? xas_find_conflict+0x4a6/0x9e0 [ 3011.495260] shmem_add_to_page_cache+0x1145/0x1650 [ 3011.496249] ? shmem_writepage+0xed0/0xed0 [ 3011.497119] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3011.498127] shmem_getpage_gfp.constprop.0+0x796/0x2190 [ 3011.499232] ? shmem_unuse_inode+0xde0/0xde0 [ 3011.500105] ? ktime_get_coarse_real_ts64+0x159/0x190 [ 3011.501124] ? fault_in_readable+0x18a/0x250 [ 3011.502003] ? fault_in_writeable+0x1d0/0x1d0 [ 3011.502889] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 3011.504255] shmem_write_begin+0xfd/0x1d0 [ 3011.505342] generic_perform_write+0x24c/0x570 [ 3011.506563] ? folio_unlock+0xb0/0xb0 [ 3011.507609] ? discard_new_inode+0x190/0x190 [ 3011.508740] ? generic_write_checks+0x25f/0x390 [ 3011.509960] __generic_file_write_iter+0x2d6/0x480 [ 3011.511283] generic_file_write_iter+0xd7/0x220 [ 3011.512419] ? iov_iter_init+0x45/0x1b0 [ 3011.512530] loop3: detected capacity change from 0 to 512 [ 3011.513284] new_sync_write+0x390/0x560 [ 3011.513319] ? new_sync_read+0x5f0/0x5f0 [ 3011.515138] FAULT_INJECTION: forcing a failure. [ 3011.515138] name failslab, interval 1, probability 0, space 0, times 0 [ 3011.515652] ? x86_pmu_enable+0xbf0/0xd90 [ 3011.517878] ? lock_release+0x750/0x750 [ 3011.518987] ? lock_is_held_type+0xd7/0x130 [ 3011.520154] vfs_write+0x7b9/0xac0 [ 3011.521104] __x64_sys_pwrite64+0x1f7/0x250 [ 3011.522174] ? vfs_write+0xac0/0xac0 [ 3011.523006] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3011.524121] do_syscall_64+0x3b/0x90 [ 3011.524957] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3011.526058] RIP: 0033:0x7f9ecc29fab7 [ 3011.526872] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 3011.530761] RSP: 002b:00007f9ec9861f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 3011.532377] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fab7 [ 3011.533896] RDX: 000000000000001d RSI: 00000000200000c0 RDI: 0000000000000004 [ 3011.535420] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 3011.536915] R10: 0000000000002200 R11: 0000000000000293 R12: 0000000000000004 [ 3011.538431] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 3011.539997] [ 3011.540531] CPU: 0 PID: 15162 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3011.541389] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3011.542540] Call Trace: [ 3011.542821] [ 3011.543058] dump_stack_lvl+0x8b/0xb3 [ 3011.543456] should_fail.cold+0x5/0xa [ 3011.543857] ? create_object.isra.0+0x3a/0xa20 [ 3011.544339] should_failslab+0x5/0x10 [ 3011.544738] kmem_cache_alloc+0x5b/0x480 [ 3011.545167] ? mark_held_locks+0x9e/0xe0 [ 3011.545595] create_object.isra.0+0x3a/0xa20 [ 3011.546049] kmemleak_alloc_percpu+0xa0/0x100 [ 3011.546515] pcpu_alloc+0x7bf/0x1060 [ 3011.546907] __percpu_init_rwsem+0x22/0x150 [ 3011.547376] alloc_super+0x222/0x9d0 [ 3011.547767] ? test_single_super+0x10/0x10 [ 3011.548202] sget_fc+0x13e/0x7a0 [ 3011.548554] ? set_bdev_super+0x310/0x310 [ 3011.548982] get_tree_bdev+0x1bb/0x740 [ 3011.549385] ? ext4_reconfigure+0x27f0/0x27f0 [ 3011.549851] vfs_get_tree+0x8e/0x2f0 [ 3011.550238] path_mount+0x131b/0x1f80 [ 3011.550634] ? kasan_quarantine_put+0x87/0x1e0 [ 3011.551132] ? finish_automount+0xa20/0xa20 [ 3011.551575] ? kmem_cache_free+0xe0/0x420 [ 3011.552022] ? putname+0xfe/0x140 [ 3011.552409] __x64_sys_mount+0x27e/0x300 [ 3011.552842] ? path_mount+0x1f80/0x1f80 [ 3011.553255] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3011.553797] do_syscall_64+0x3b/0x90 [ 3011.554186] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3011.554727] RIP: 0033:0x7fc14228f04a [ 3011.555114] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 19:36:32 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="2000800080fe000006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3011.556994] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 3011.557985] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 3011.558763] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 3011.559551] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 3011.560318] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 3011.561102] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 3011.561905] [ 3011.562745] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3011.571468] loop6: detected capacity change from 0 to 512 19:36:32 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000030006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3011.578694] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem 19:36:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200004808000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3011.598657] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 3011.600849] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3011.604650] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 3011.607106] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3011.621512] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3011.623058] EXT4-fs (loop3): get root inode failed [ 3011.623683] EXT4-fs (loop3): mount failed [ 3011.631497] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. 19:36:32 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xbf, 0x0) 19:36:32 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 20) [ 3011.724581] FAULT_INJECTION: forcing a failure. [ 3011.724581] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3011.725854] CPU: 0 PID: 15182 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3011.726718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3011.727895] Call Trace: [ 3011.728171] [ 3011.728404] dump_stack_lvl+0x8b/0xb3 [ 3011.728815] should_fail.cold+0x5/0xa [ 3011.729218] copy_page_from_iter_atomic+0x4e4/0x1b10 [ 3011.729758] ? iov_iter_get_pages_alloc+0x15a0/0x15a0 [ 3011.730295] ? fault_in_readable+0x18a/0x250 [ 3011.730764] ? fault_in_writeable+0x1d0/0x1d0 [ 3011.731247] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 3011.731780] ? shmem_write_begin+0xfd/0x1d0 [ 3011.732237] ? shmem_write_begin+0x106/0x1d0 [ 3011.732707] generic_perform_write+0x2c2/0x570 [ 3011.733198] ? folio_unlock+0xb0/0xb0 [ 3011.733599] ? discard_new_inode+0x190/0x190 [ 3011.734062] ? generic_write_checks+0x25f/0x390 [ 3011.734563] __generic_file_write_iter+0x2d6/0x480 [ 3011.735093] generic_file_write_iter+0xd7/0x220 [ 3011.735588] ? iov_iter_init+0x45/0x1b0 [ 3011.736000] new_sync_write+0x390/0x560 [ 3011.736417] ? new_sync_read+0x5f0/0x5f0 [ 3011.736846] ? x86_pmu_enable+0xbf0/0xd90 [ 3011.737289] ? lock_release+0x750/0x750 [ 3011.737718] ? lock_is_held_type+0xd7/0x130 [ 3011.738185] vfs_write+0x7b9/0xac0 [ 3011.738569] __x64_sys_pwrite64+0x1f7/0x250 [ 3011.739042] ? vfs_write+0xac0/0xac0 [ 3011.739432] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3011.739978] do_syscall_64+0x3b/0x90 [ 3011.740375] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3011.740918] RIP: 0033:0x7f9ecc29fab7 [ 3011.741304] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 3011.743217] RSP: 002b:00007f9ec9861f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 3011.744009] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fab7 [ 3011.744750] RDX: 000000000000001d RSI: 00000000200000c0 RDI: 0000000000000004 [ 3011.745489] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 3011.746230] R10: 0000000000002200 R11: 0000000000000293 R12: 0000000000000004 [ 3011.746976] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 3011.747731] 19:36:32 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 21) 19:36:32 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008080040006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:36:32 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xfbffffff00000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:36:33 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 97) [ 3011.785362] loop1: detected capacity change from 0 to 512 [ 3011.794009] loop6: detected capacity change from 0 to 512 [ 3011.803618] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3011.806289] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. 19:36:33 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x1}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000380)='./file0\x00', 0x16f08d7c, 0x4, &(0x7f00000004c0)=[{&(0x7f00000003c0)="b7e04c483dfbd009b03721b6a658425c36979d51a2b338cc6fa07de8611f", 0x1e, 0x200}, {&(0x7f0000000400)="6b1b1933ad6aa44f2587ec95d542705a7b815e82bdbd461eb5a61e9d8d8f4d148c211cb47da1d8687d1acbde7990635fb928a22e559d66e852bbff66f0c63a4ea423b4dd165f563515e4021ad9ecf4b119df308d77694631eae0dadfa79e635366895ecc785cd291641fdaddac57ea9e19ae8ee6da52414266df51c2d0bf8385898c148b30f5b912b9560e4647709ae860b7318b189f9d0b973d6e76325dbf", 0x9f, 0x3ff}, {&(0x7f0000000580)="f8860978376c200aa0b60fcd8e77864d500a4d5e5ecded0a9125297364f2c416953ee138bdbb226c15bf7d55748899dde239119bfda1ce865075ca5fcc3d4fb22b9d098269214a704c765c00ba82b1b5a7ffc3d9152a91434a98fb9b8675ce3c372c909e8d89a2a6350adbab8ddf61380668a6243110f2bfe7248a89bddb884b9919c87b5a27c65b817dd34f93099b3040fa5daad916a9c1c6de35b14845db937624da96f957622e5f4fc5cc85d4ef75e2ddb1b6a81f4d3645bc758da0eaa7527082fed36e5b533ef43242f3e25d9986b3d195d2b64e8a87538421e8fa9c344ac5250d495d7a", 0xe6, 0x7}, {&(0x7f0000000680)="73bc74802ac790f6b1a7bb206e23274b45954bf0ee817803dbac496a8d241611cdac1a25a23a4db15a4905a1329fd5957a9eaecfa73130098b7692a0f2ebb0d4ca7f04fe705beef252b5fab6f73146314affe940e419821375ecb5fc4dd1a594fde3de80b09cb6aa17fe889d20e15152ab5d9e402ede2f04ab24aa467755d47a74ab53f3188708bddce00fd15ba1a8273e6be60211de04ff8973e44c266952acd745a603796510b856f7d00cb99e89f6eb4cf767d898ae4c8c4f7631675b1e12672263642404d77bc5f7cd4978827336292415fdce7386f9187ac8b8a43e324ae7095cf98f1f8c62bc70df6010e6c095bbc517a17fb00f621aad44b0f6b3768561858605c48bfd0f97c8cd9e7cd7f38216a8d1598345a17dea62c19b51fc9a909276802bcacd2817662f13d3c9599d73e45f1039007fe6a59bf963b330197928d6bd048e216901f08d11001fb47d1ba68edd395a0cb6a25e8c3a15b2e78349e5ce559626ae5b4ce0d3c0fa5747ae8a14f5e3db648928d423ca219f3eadee6fc8d8f9ada98e8c3dfdf2b6b5cf6feabac63f8a4091d55044c3df48f6ce4fb01531c11b4e2014addba5ce0fc35a1686358ffb8970440cfbcf3203c6444669ba580ca7a1f3f62ab1add9ded09a0e2d02e193e1a4598ff4c291601d6b2cd82423105398622a7ea4f2a496ebd861ed432efb0dd332a275c20a7ab32917f15c336079ca30eb0611fe2989260bdb7422e5a7fbbc61f4fbabe05b845572c5271c64495dc8728b8aaf0a39edc1cb21a87e10de9c8538e4e6022a9d3c846aa5234516bc3bfa0d6b12e2ced2363430234de8d51814165d2182299b6ac67b1908d9f9fbd83d8e62035d63229dad5306475b84d60fce8e7b1a4585a7275f278d1d2a887b5ebf58c00f097e9fd7da2e6ccfc3d2de8383ea6687c855dbbe96c8748456a7ba20bf85464488b1edc3429778daffedff95e26030ab5c323997c05192830c112bbc1a3372da0920e0c3a5e6318b646528ba0c046946e122d55ab659fe88161164017c553f35977117fc806e412d3d8779cc4b4ebf7f653c5ca8f22d09d024885695dad25379361cdbd2c2d0aaf924abfabd5665162852deaaad761575810ddb7e03ba62dec45820afb7d6494c3f0ea09fd88087ec878859239032063b94da4dbc4228838f94dd7521b600f8f44906342bd652f6c0240c9192de3550e274d4449b4c9d759be42647b5997a5e44e7a755d1ee5b5337345ce1a8c41b97b6c8e2ac8071a06005fb461052d03ec657a0f0f3e118d2a4b7d14809fe857d7628d083f3ec58ac5aa76b15eabfddaf24da74a40a25d6c64e627f9f95679022cfd18e8de670497bb0b6c7d10b8d857793118ddb54bfb6d00f174e3f9249b4e67008d0ca11539783e5fd17ef6fae1257a80fb35886fc1ec8bce080c66cc25bc060b737fb8d388ffe0d6a0d9f79e9384dc03dcd2b3b0e8c24d65cc4be4317ab05c697ef408d6553cafe060a1f7d90578655e60f903add5f979c0637544de34118f4b5791832c4b02b18e917052d4bc7271edf9d821d7bb850fcb6320a9f809c692910e5a63995a5a082e2c6360abb1b04412c5697baec9608ff69978f07a239efec246c040c9f2eb6cddfc2e4661b9685e6b95f46f28a1df6d845ebfe70ad8f54a96b7ae606b01d13df0fcab416dc35baad9975b8580c006e097b2a94b1548659c92cb36e9fe362652951c0e3c23215e429162c1363f63fd7f7cbfc4c7932edad04b13c1556b27f0e911e20ccde6a23e3533fcba2a895d682ea6cc66cca2e45dbcc2d665b13a7bca30e006931b43004f3393ab625fb221aef2eb8c63fd910a98ae04449de57f829c097b065e59e06bd913652fb54684871573344e72cf4d746b184ddfd21f43b5ab5d6d19ea96b4a63af5921f30191ff10feea984f5362d53df531ef0325d9b2558ba376ec4ee672426c14233491a0f7eb0ab6aa35a5e0b7313179c3393215bda7f9e6c3c2b73fbe79833b2c330ca3e41fb5a355681b07f74d9cc17a93ac0335b3a0866c23612027ad8748f371af12dd0214d3031b5c46f412869c226dba54a4aa760aeda171494bcee49db0d4093f8e3eb69d5eada18b864dac9bf1f9d993d496a0ddf3110c9f4a71b304a5a130f76f8524c562672acb64e79a0c23c3bf8e0141302a5582b02ca7de69b540d17180ea6e0a068ea0fe994453d4c5c7c79d96449ecba6f68ad1cd5f883d9b6d1f9d9e0dc939d7e5eff82e53ed2d99061c0da700cb56554b3457da072eefc13836831d1204179656980b6bc70ac366901d803921fd1d69f738c93c9b23fe32fe1a3f3465d72ce767342f65917809040464c1f6f4c1e911c0cab235373e861889537310745543001e170f9b80d76d39b54465d1530f379fba5b9567cf1e6c7c5efcb027bb85af56b877c3e1bc91d7972e99ab44b77d85f69a39261762f953b2f3b927a6ebada9dfa27da813833abb0909b4e0a86e450b95604314bc220b3365fa37ec63b0cb6ee6c8f182b92e9f1b1e7f8ba8e01483643390167e07001e953382dc1ccb8f6f4aac54ea3404b200a79669af7154e250975bc6716230ae287cebf1da2b93d51c9597a2430404ba0c8deed88376501e1b5a58f8b2ce635236406d65a9c5a37d83b5c31bb8fe861fe3fb1c27934a2bd9b61318ff874c3b70ba43fe1db519a354112cd62f3711dae62503437cdd71385e266edc4d4cd2362323ae5b0058cc09684cf52ef9edbf897ce9c36415ab47af6a2a2b149ec78359fe30308f2cb6d665e152f9d0ee0dbd6ba5c44f5c8084d6637d47282543065d362429a6facbbf3aa330c233302c3f19dd49947317ec25cee54ee4936ca25abc678c0676e73c1658c5c723e861fe7b4a0b0abfccaef9a73b21175151db092a11a967b6e80e902f9e85e32956684fec5d721a86bbb8a13c30c175057a384ec5347fd3969e576a73efff9299eef60967fde87e5bc36ee4ca6eff2976f988a9aee24e766d113290087ae6d542e1bdbf237e324bec4364312438c7e4aead0a46cbe4a66489983bee99133599e4bca1b8fd21918f447f0bc6ba4c5e4120b722600105706224c17062197c7f0197fd54cc457b262351bcb5780dffcdd5bfa1416250c8c6b86baafb9b98c95ab381c081ada9324a63c297c0adaceff863febbf108b74a598ea3f64e77bfb93c3aa92e9059736cefae2d2daa5e8db62e651ad3f4fadf75511bcfacfd6a6035433a91e5b184b1f53c3efa402b2ba2e7acd4ffc2a2bc93e3192a773b2baba9cff6a7c6a80953cc0ccd3b3f4e16a83c7355026820f1a27503c06c6d39af71c9e31b6e1ee51cb5f6d8b7ba8e9fa70c4b1b5d459e2f4e391d241ff4b2c1bea6d12e1fca985cc27a2b6811ee918c90be38e98e693a7672d43d2a7e51e020c5414defc8362f5a01f57ad096a70b1f02eb5fedf685314082131a2dcfba0b2f71e6f14d217ad7b75a666406c07def1299f3d96a9a9b5cf0f6069aa9cd5d64bf215f3eb07d508b82bdf961d6e7aab388d28fe5c3a310c69abf09f9e5a205a7c0b476c65044098fd5eb281a91307e91e6722be9f71762a9867cdc2ca98f125c892d022b971f7b5b48cce2b968f13bde34c1a8b110a06e66a68378080bf36d6f896ce10207c8feced0b1b07aff88de7ad3bbb0810c4d3dd0eceb0fb10231f6e13a1ad6e2e0a41736984c30bc534c54df8526d440af3100018b8776715e65be3175dcbe6410e3812eff2dca84282edec160ba66e1f245701b7466ed8bd5d0c8d6a01dbf5cbeccb8c0a3c65e32b044050d98c201710e65cdb067a8c629faa32d46638975db5f808f742749ea1103ac2b7e7a143c54f077987460610948b37c2e8e22a3a26ebf40dd7d19af1985cdf4baa0c9f0469805952cfd96c888de083a7043ef766ba21b5d87cc6852bc2b8b74e684b2876fc3249165c1b236ec2d8bf4543f02498ca768f9af5ffd52c25852cde1cf12013b02f96dde1d9cab1daa80215ce5d9cf5a710bc3222ee8532dab526eb605303619d1fa6ac7babfd969fad38d2bd5c84b7b69bd47f76c60465e7ba0b05f248c99a88d1145bfeb2b932ba50e6e1c01dcef860a84eac2e5b310396bae9d5ffe5da17ea510e5e344d1bbc1ad9e53a619ec0c6435d89a0c1824c732fa58100f16ed485933b2c135d8b1453c62f21cb23fbc0a8be48d7c83b2cd1d9f9fe0b432cdee6fd59039a51ebec261660e30f75eec3d20e56a74bb10f437da8c715aa10eba1fe1db8cfd287a54efeeed44031fd4da650a3d36603bc487ff8b435974b0469045dbd65899a18ec74f7c6ceafb458016f69978bde59f691d1b189bf3ed08e467d9f622f74203559f5504ed6b25af31a0f1723fec8049f861da960cf3912ad4e5b868b51e141c8abceef24d134d571677baa7fc691603fa9ca6e8f3fb2b521f1247f43473801ff07de83d73080bb30de8518ec43fac8da008b70d4c9497494c50c284a196abf25068692c18445f1c0ce96b3ea4866d0fb3b3f58136c0357ccd79d59c8e7182156af8043378352b4ff24a30c32a39d8caf7ce24e1028faf47fc3765904a3b168d7e0f3a438ffe059ee6a8a9acd4e574bad31dec8ce58f3d0fb8bfa7a302d7b0e4d6845a256662422278aed8df3e9a59b5e81e1b4d209d89092c6d9c677c4c9b2dec2c30c6b43dfca1f6aa19bab636d92915b611398d6f9626c4fa2a32ed69357d14ca7e24614e6f1b97060a7c64e23720806f4f6e89bb5fe050fb90370a4481ac478e2a6374152e026dc45c230bd07b9be9f30eaa1dd88734dcc9fe296a21fb7bc5add293167eef8092215cd49c9c6c307feed0aa95c5d5ec8220e98d91beac8aaa3db3d4b7cdb5f32e26201cf6ad5acd2139bc97d76bb315213c1f84109ef135ca738c5f7b094d615196c450064cb87a82ca3f63af19e68a737ee3d8513c7f97b52361508710fdcc48d827ec9bce25d973311f73ae3d9c649d43492751e5ca58ffa4d9ad3a83e2e329a4cb0bd8da72bdfdfb4c8d1fbf73523865f73213f15b8e8d9a6357af13ba3b48e877284c0ac81fe0b94ad06695f12f6fe419ee4befdbf7e7d7177847be67f413011b0f9d612445724ba50a96bbf07ed6b6e8e608610bb2746f5d3cb38dda33bab506ce6e6a80463346196dbce9c57592b29f327ca4710a63386f7b95181e084ad26277e64fc06599e0c66e860387d3e76c187fcbdea0c2cfd5f2bd15bb75078d7392297a1107a5ec84d4c0c849f789d9e68fd63b0ac9e58a0f2b09aa25c3c98cdbe31cee26a2ebd1705c805aa75c6c74998af9c3866ca9f76a08b26bbaccf473c50da818fdc9209f6d30aee41e594a1c0b5dc88246c17641dc5e38b80e59a84e0881edadbff47e0bf5250f6e6f00b05dff415a7c5befdcb6012fc4c34a0e659c6929226cebbb535db27b65e75f5bb673ad79c2646298472f1bfdd9ce6b34d7d71890edd4c0aaae15d464fd0785ce1fb4baa41de74e46fbcacd700b6dd9de682dae9626816117f4d08fbd7ed93c9606a1571c831a09986d73640cceaab98bbc1fac6d556855cd87c07471fdeb2c3fe202750450e01bccd42f170527bdf61f1fdaf2e87d6102fe21311e447c79749bc5031eab9c6efcbd4f3316e848d5f74c654d350a9ba6b6a6b2d999ba48e132599f928b044e3deaa26799a40372fe4927ee8ed06d269630b7eb97c7159d7841a74f145c539e66c588735e5342e87b991288713d285375dd14e2affe7435a46b237be56e8d928c9ff4bff29854a119bcd15146224f47a635d671a7f564dedea9d582e47f427a5eeb837177be0203", 0x1000, 0xd97}], 0x1000000, &(0x7f0000001680)={[{@map_acorn}], [{@fsmagic={'fsmagic', 0x3d, 0x97}}, {@dont_hash}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@context={'context', 0x3d, 'user_u'}}]}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140), 0x4100) [ 3011.838355] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. 19:36:33 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 21) [ 3011.874580] FAULT_INJECTION: forcing a failure. [ 3011.874580] name failslab, interval 1, probability 0, space 0, times 0 [ 3011.876878] CPU: 1 PID: 15190 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3011.878463] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3011.880634] Call Trace: [ 3011.881132] [ 3011.881565] dump_stack_lvl+0x8b/0xb3 [ 3011.882339] should_fail.cold+0x5/0xa [ 3011.883112] ? getname_flags.part.0+0x50/0x4f0 [ 3011.884047] should_failslab+0x5/0x10 [ 3011.884806] kmem_cache_alloc+0x5b/0x480 [ 3011.885629] getname_flags.part.0+0x50/0x4f0 [ 3011.886525] getname+0x8e/0xd0 [ 3011.887192] do_sys_openat2+0xf5/0x4c0 [ 3011.887983] ? build_open_flags+0x6f0/0x6f0 [ 3011.888877] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3011.890020] __x64_sys_openat+0x13f/0x1f0 [ 3011.890845] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 3011.891813] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3011.892860] do_syscall_64+0x3b/0x90 [ 3011.893601] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3011.894649] RIP: 0033:0x7f2939eb4a04 [ 3011.895396] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3011.899021] RSP: 002b:00007f2937476ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3011.900562] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4a04 [ 3011.901992] RDX: 0000000000000002 RSI: 00007f2937477000 RDI: 00000000ffffff9c [ 3011.903432] RBP: 00007f2937477000 R08: 0000000000000000 R09: ffffffffffffffff [ 3011.904863] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3011.906256] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3011.907699] [ 3011.920773] FAULT_INJECTION: forcing a failure. [ 3011.920773] name failslab, interval 1, probability 0, space 0, times 0 [ 3011.923043] CPU: 1 PID: 15195 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3011.924659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3011.927262] Call Trace: [ 3011.927934] [ 3011.928530] dump_stack_lvl+0x8b/0xb3 [ 3011.929580] should_fail.cold+0x5/0xa [ 3011.930623] ? getname_flags.part.0+0x50/0x4f0 [ 3011.931804] should_failslab+0x5/0x10 [ 3011.932608] kmem_cache_alloc+0x5b/0x480 [ 3011.933467] getname_flags.part.0+0x50/0x4f0 [ 3011.934393] getname+0x8e/0xd0 [ 3011.935097] do_sys_openat2+0xf5/0x4c0 [ 3011.935930] ? build_open_flags+0x6f0/0x6f0 [ 3011.936859] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3011.938020] __x64_sys_openat+0x13f/0x1f0 [ 3011.938879] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 3011.939883] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3011.940947] do_syscall_64+0x3b/0x90 [ 3011.941730] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3011.942793] RIP: 0033:0x7f9ecc29fa04 [ 3011.943584] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3011.947318] RSP: 002b:00007f9ec9861ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3011.948912] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fa04 [ 3011.950324] RDX: 0000000000000002 RSI: 00007f9ec9862000 RDI: 00000000ffffff9c [ 3011.951770] RBP: 00007f9ec9862000 R08: 0000000000000000 R09: ffffffffffffffff [ 3011.953188] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3011.953741] loop2: detected capacity change from 0 to 512 [ 3011.954629] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3011.954676] [ 3011.955716] loop5: detected capacity change from 0 to 512 19:36:33 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xfeffffff00000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 3011.966901] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 19:36:33 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="2000fffe8000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3012.007432] loop3: detected capacity change from 0 to 512 [ 3012.009611] loop2: detected capacity change from 0 to 264192 [ 3012.010077] FAULT_INJECTION: forcing a failure. [ 3012.010077] name failslab, interval 1, probability 0, space 0, times 0 [ 3012.012278] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 3012.012914] CPU: 1 PID: 15201 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3012.015612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3012.017853] Call Trace: [ 3012.018374] [ 3012.018816] dump_stack_lvl+0x8b/0xb3 [ 3012.019605] should_fail.cold+0x5/0xa [ 3012.020382] ? create_object.isra.0+0x3a/0xa20 [ 3012.021323] should_failslab+0x5/0x10 [ 3012.022096] kmem_cache_alloc+0x5b/0x480 [ 3012.022954] create_object.isra.0+0x3a/0xa20 [ 3012.023864] kmemleak_alloc_percpu+0xa0/0x100 [ 3012.024803] pcpu_alloc+0x7bf/0x1060 [ 3012.025575] __percpu_init_rwsem+0x22/0x150 [ 3012.026448] alloc_super+0x222/0x9d0 [ 3012.027246] ? test_single_super+0x10/0x10 [ 3012.028101] sget_fc+0x13e/0x7a0 [ 3012.028961] ? set_bdev_super+0x310/0x310 [ 3012.030066] get_tree_bdev+0x1bb/0x740 [ 3012.031103] ? ext4_reconfigure+0x27f0/0x27f0 [ 3012.032302] vfs_get_tree+0x8e/0x2f0 [ 3012.033287] path_mount+0x131b/0x1f80 [ 3012.034214] ? kasan_quarantine_put+0x87/0x1e0 [ 3012.035222] ? finish_automount+0xa20/0xa20 [ 3012.035350] loop1: detected capacity change from 0 to 512 [ 3012.036104] ? kmem_cache_free+0xe0/0x420 [ 3012.037959] ? putname+0xfe/0x140 [ 3012.038703] __x64_sys_mount+0x27e/0x300 [ 3012.039555] ? path_mount+0x1f80/0x1f80 [ 3012.040357] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3012.041414] do_syscall_64+0x3b/0x90 [ 3012.042199] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3012.043291] RIP: 0033:0x7fc14228f04a [ 3012.044056] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3012.047807] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 3012.049334] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 3012.050817] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 3012.052404] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 3012.053863] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 3012.055397] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 3012.056878] [ 3012.065711] loop2: detected capacity change from 0 to 264192 [ 3012.073947] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 3012.082124] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3012.199961] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3012.210045] EXT4-fs (loop3): get root inode failed [ 3012.211787] EXT4-fs (loop3): mount failed 19:36:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 22) 19:36:49 executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0/file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x10000000800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) statx(r0, &(0x7f00000004c0)='./file0/file0\x00', 0x4000, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x7, 0x4, &(0x7f0000000180)=[{&(0x7f0000000140)="e76d929477deee1880688de3297927bd3473639ce8faa0389bb945444cb55ed8ecb9bc522152e31e84a2b105613f20d5229ce3ad", 0x34, 0xfff}, {&(0x7f0000000300)="73918f5af70953a8557b09ec1907ef42f1964d83a4319b6cdf18ed67864018c00aea48154f60ff3aa471f402eb9dfe4f3b485f138975861d0f5aa64f390536f286c08a852a58ee4834c3a786cdb06d6a74f832130b327223eb6f0113635d3fc29ff1da071e5a6734b056c98a7bb92e8ac6304e18ae49752845ead11b13ce12dfcddcafa7d099ab9e4847f2285a77280b22dfa86ce621cf2f48afeb631c5b52007de8d78747ba71131eda9c0feea1c71e249e78fff0", 0xb5, 0x4}, {&(0x7f00000003c0)="43d9e736c14526db1edbd946c880f7464d95d3304d56099acecced4aeb8c67dbe4ca262b5894249703de9773bf1331267079eff2628ac3d5f43f8a71d50c883b6cf0f8012b0c91e08f75c116a1a56ce95a52f66085034f0d34339f5949ad978d07239f5db656a31c2d5dbd578b8c8542d0db0e9f807f5c46007b9fe23d197645e3076ad27f534d86d08095a5f7024223b13c045824a50406fe9ff4b34c526e44f5c96ebd9e8ae07be9037ed77120799cba1a04f19c38ab23e951b406c73b5b17c8655b95246b33c117f77064b71658f8b14485fe7795f14c2011", 0xda, 0x5}, {&(0x7f0000000580)="20009b6a752290e8803457a185d83ed8fa7034b07b5c0d2bb3deecf98c672f9b8d968711bcf21a18acdfd2e1e8464d8178af59ddb6aa05b9c7b05b2a48c371a5381845a70b590d10b3f891d986267c6c6d0632a4a823d0ae6eae698ee05414f90f919846510c6256dfa8823655d20533c5fb3cf8416721ab6fa1d8e4c686150137429aefbaeabc9fc8ab7e48622d", 0x8e, 0x101}], 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1580be5e6692fe6d696a69786466e40000003078303000100000303030303030303030392c2082cc43e2ef42b6c12db536626c6f6905892ec25aa41fc7a2993c9c17bd0f268a837b6793e78f43c217e3e8c9185db760d5a0638ed525bdb3045a1b93587d358c5e7a9e6465f9a21c701ee9cd443b244f", @ANYRESDEC=r2, @ANYBLOB=',defcontext=sysadm_u,appraise_type=imasig,func=MMAP_CHECK,pcr=00000000000000000062,smackfshat=.\x00,dont_appraise,\x00']) setresuid(0x0, r1, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:36:49 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xff0f000000000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:36:49 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 98) 19:36:49 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000050006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:36:49 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="2000feff8000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:36:49 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 22) 19:36:49 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xc0, 0x0) [ 3028.488474] loop1: detected capacity change from 0 to 512 [ 3028.510970] loop3: detected capacity change from 0 to 512 [ 3028.513625] loop2: detected capacity change from 0 to 262152 [ 3028.513719] loop5: detected capacity change from 0 to 512 [ 3028.515930] FAULT_INJECTION: forcing a failure. [ 3028.515930] name failslab, interval 1, probability 0, space 0, times 0 [ 3028.517225] CPU: 1 PID: 15225 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3028.518126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3028.519375] Call Trace: [ 3028.519658] [ 3028.519900] dump_stack_lvl+0x8b/0xb3 [ 3028.520329] should_fail.cold+0x5/0xa [ 3028.520748] ? create_object.isra.0+0x3a/0xa20 [ 3028.521258] should_failslab+0x5/0x10 [ 3028.521675] kmem_cache_alloc+0x5b/0x480 [ 3028.522118] create_object.isra.0+0x3a/0xa20 [ 3028.522606] ? kasan_unpoison+0x23/0x50 [ 3028.523028] kmem_cache_alloc+0x239/0x480 [ 3028.523505] getname_flags.part.0+0x50/0x4f0 [ 3028.523995] getname+0x8e/0xd0 [ 3028.524353] do_sys_openat2+0xf5/0x4c0 [ 3028.524791] ? build_open_flags+0x6f0/0x6f0 [ 3028.525282] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3028.525903] __x64_sys_openat+0x13f/0x1f0 [ 3028.526353] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 3028.526883] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3028.527477] do_syscall_64+0x3b/0x90 [ 3028.527893] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3028.528465] RIP: 0033:0x7f2939eb4a04 [ 3028.528871] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3028.530613] FAULT_INJECTION: forcing a failure. [ 3028.530613] name failslab, interval 1, probability 0, space 0, times 0 [ 3028.530881] RSP: 002b:00007f2937476ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3028.533946] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4a04 [ 3028.534726] RDX: 0000000000000002 RSI: 00007f2937477000 RDI: 00000000ffffff9c [ 3028.535484] RBP: 00007f2937477000 R08: 0000000000000000 R09: ffffffffffffffff [ 3028.536265] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3028.537024] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3028.537818] [ 3028.538076] CPU: 0 PID: 15235 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3028.539835] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3028.540328] FAULT_INJECTION: forcing a failure. [ 3028.540328] name failslab, interval 1, probability 0, space 0, times 0 [ 3028.542197] Call Trace: [ 3028.542205] [ 3028.542215] dump_stack_lvl+0x8b/0xb3 [ 3028.545163] should_fail.cold+0x5/0xa [ 3028.545972] ? create_object.isra.0+0x3a/0xa20 [ 3028.546936] should_failslab+0x5/0x10 [ 3028.547750] kmem_cache_alloc+0x5b/0x480 [ 3028.548625] create_object.isra.0+0x3a/0xa20 [ 3028.549551] ? kasan_unpoison+0x23/0x50 [ 3028.550394] kmem_cache_alloc+0x239/0x480 [ 3028.551300] getname_flags.part.0+0x50/0x4f0 [ 3028.552236] getname+0x8e/0xd0 [ 3028.552920] do_sys_openat2+0xf5/0x4c0 [ 3028.553770] ? build_open_flags+0x6f0/0x6f0 [ 3028.554715] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3028.555910] __x64_sys_openat+0x13f/0x1f0 [ 3028.556798] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 3028.557834] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3028.558939] do_syscall_64+0x3b/0x90 [ 3028.559746] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3028.560850] RIP: 0033:0x7f9ecc29fa04 [ 3028.561637] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3028.565503] RSP: 002b:00007f9ec9861ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3028.567098] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fa04 [ 3028.568866] RDX: 0000000000000002 RSI: 00007f9ec9862000 RDI: 00000000ffffff9c [ 3028.570529] RBP: 00007f9ec9862000 R08: 0000000000000000 R09: ffffffffffffffff [ 3028.572203] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3028.573603] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3028.575027] [ 3028.575496] CPU: 1 PID: 15232 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3028.576425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3028.577603] Call Trace: [ 3028.577879] [ 3028.578123] dump_stack_lvl+0x8b/0xb3 [ 3028.578552] should_fail.cold+0x5/0xa [ 3028.578985] ? create_object.isra.0+0x3a/0xa20 [ 3028.579479] should_failslab+0x5/0x10 [ 3028.579904] kmem_cache_alloc+0x5b/0x480 [ 3028.580353] ? mark_held_locks+0x9e/0xe0 [ 3028.580815] create_object.isra.0+0x3a/0xa20 [ 3028.581293] kmemleak_alloc_percpu+0xa0/0x100 [ 3028.581784] pcpu_alloc+0x7bf/0x1060 [ 3028.582193] __percpu_init_rwsem+0x22/0x150 [ 3028.582678] alloc_super+0x222/0x9d0 [ 3028.583088] ? test_single_super+0x10/0x10 [ 3028.583569] sget_fc+0x13e/0x7a0 [ 3028.583942] ? set_bdev_super+0x310/0x310 [ 3028.584405] get_tree_bdev+0x1bb/0x740 [ 3028.584826] ? ext4_reconfigure+0x27f0/0x27f0 [ 3028.585312] vfs_get_tree+0x8e/0x2f0 [ 3028.585722] path_mount+0x131b/0x1f80 [ 3028.586143] ? kasan_quarantine_put+0x87/0x1e0 [ 3028.586637] ? finish_automount+0xa20/0xa20 [ 3028.587085] ? kmem_cache_free+0xe0/0x420 [ 3028.587570] ? putname+0xfe/0x140 [ 3028.587962] __x64_sys_mount+0x27e/0x300 [ 3028.588386] ? path_mount+0x1f80/0x1f80 [ 3028.588836] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3028.589374] do_syscall_64+0x3b/0x90 [ 3028.589789] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3028.590353] RIP: 0033:0x7fc14228f04a [ 3028.590759] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3028.592694] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 3028.593522] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 3028.594250] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 3028.594985] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 3028.595725] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 3028.596461] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 3028.597206] [ 3028.600866] loop2: detected capacity change from 0 to 15 [ 3028.603427] loop6: detected capacity change from 0 to 512 19:36:49 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000060006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3028.608233] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3028.611428] ext4: Unknown parameter '€¾^f’þmijixdfä' [ 3028.618544] loop2: detected capacity change from 0 to 262152 [ 3028.621563] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 3028.622577] EXT4-fs (loop2): group descriptors corrupted! [ 3028.627477] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 3028.629529] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 3028.632833] loop4: detected capacity change from 0 to 512 [ 3028.639301] loop2: detected capacity change from 0 to 15 [ 3028.640580] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3028.640943] ext4: Unknown parameter '€¾^f’þmijixdfä' 19:36:49 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xffffc90000000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 3028.675157] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 3028.715862] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3028.719124] EXT4-fs (loop3): get root inode failed [ 3028.720215] EXT4-fs (loop3): mount failed 19:36:49 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000140)=0xc) lchown(&(0x7f0000000040)='./file0\x00', r3, r1) mount$cgroup2(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x2000, &(0x7f0000000300)={[{@subsystem='rdma'}, {@memory_recursiveprot}, {}, {@memory_recursiveprot}, {@memory_localevents}, {@subsystem='cpuset'}, {}, {}], [{@uid_lt={'uid<', r0}}, {@subj_role={'subj_role', 0x3d, 'ext4\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x4b}}]}) 19:36:49 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000007f00000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:36:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 23) 19:36:49 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 23) [ 3028.727070] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3028.728634] loop2: detected capacity change from 0 to 512 [ 3028.744933] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3028.804514] FAULT_INJECTION: forcing a failure. [ 3028.804514] name failslab, interval 1, probability 0, space 0, times 0 [ 3028.805797] CPU: 1 PID: 15255 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3028.806676] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3028.807899] Call Trace: [ 3028.808183] [ 3028.808422] dump_stack_lvl+0x8b/0xb3 [ 3028.808845] should_fail.cold+0x5/0xa [ 3028.809250] ? create_object.isra.0+0x3a/0xa20 [ 3028.809748] should_failslab+0x5/0x10 [ 3028.810157] kmem_cache_alloc+0x5b/0x480 [ 3028.810611] create_object.isra.0+0x3a/0xa20 [ 3028.811084] ? kasan_unpoison+0x23/0x50 [ 3028.811525] kmem_cache_alloc+0x239/0x480 [ 3028.811983] getname_flags.part.0+0x50/0x4f0 [ 3028.812454] getname+0x8e/0xd0 [ 3028.812798] do_sys_openat2+0xf5/0x4c0 [ 3028.813225] ? build_open_flags+0x6f0/0x6f0 [ 3028.813698] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3028.814299] __x64_sys_openat+0x13f/0x1f0 [ 3028.814740] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 3028.815274] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3028.815822] do_syscall_64+0x3b/0x90 [ 3028.816221] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3028.816778] RIP: 0033:0x7f9ecc29fa04 [ 3028.817174] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3028.819160] RSP: 002b:00007f9ec9861ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3028.819983] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fa04 [ 3028.820740] RDX: 0000000000000002 RSI: 00007f9ec9862000 RDI: 00000000ffffff9c [ 3028.821498] RBP: 00007f9ec9862000 R08: 0000000000000000 R09: ffffffffffffffff [ 3028.822260] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3028.823032] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3028.823824] [ 3028.838713] FAULT_INJECTION: forcing a failure. [ 3028.838713] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3028.841159] CPU: 0 PID: 15259 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3028.842807] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3028.845070] Call Trace: [ 3028.845576] [ 3028.846017] dump_stack_lvl+0x8b/0xb3 [ 3028.846791] should_fail.cold+0x5/0xa [ 3028.847564] strncpy_from_user+0x34/0x3d0 [ 3028.848404] getname_flags.part.0+0x95/0x4f0 [ 3028.849291] getname+0x8e/0xd0 [ 3028.849935] do_sys_openat2+0xf5/0x4c0 [ 3028.850733] ? build_open_flags+0x6f0/0x6f0 [ 3028.851628] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3028.852640] ? xfd_validate_state+0x59/0x180 [ 3028.853542] __x64_sys_openat+0x13f/0x1f0 [ 3028.854360] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 3028.855329] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3028.856356] do_syscall_64+0x3b/0x90 [ 3028.857107] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3028.858136] RIP: 0033:0x7f2939eb4a04 [ 3028.858872] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3028.862471] RSP: 002b:00007f2937476ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3028.863972] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4a04 [ 3028.865372] RDX: 0000000000000002 RSI: 00007f2937477000 RDI: 00000000ffffff9c [ 3028.866765] RBP: 00007f2937477000 R08: 0000000000000000 R09: ffffffffffffffff [ 3028.868164] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3028.869556] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3028.870976] [ 3028.874246] loop1: detected capacity change from 0 to 512 [ 3028.886667] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 3028.910486] loop6: detected capacity change from 0 to 512 [ 3028.947294] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3028.963351] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 3043.306036] loop5: detected capacity change from 0 to 512 [ 3043.310507] loop2: detected capacity change from 0 to 512 19:37:04 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xc1, 0x0) 19:37:04 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000070006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:04 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0xffffffff00000000) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:37:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000028000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:04 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:37:04 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 24) 19:37:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 24) 19:37:04 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 99) [ 3043.329834] loop1: detected capacity change from 0 to 512 [ 3043.333957] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3043.337243] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3043.355934] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 3043.365024] FAULT_INJECTION: forcing a failure. [ 3043.365024] name failslab, interval 1, probability 0, space 0, times 0 [ 3043.367334] CPU: 1 PID: 15286 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3043.368987] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3043.371235] Call Trace: [ 3043.371772] [ 3043.372220] dump_stack_lvl+0x8b/0xb3 [ 3043.372998] should_fail.cold+0x5/0xa [ 3043.373761] ? __alloc_file+0x21/0x230 [ 3043.374545] should_failslab+0x5/0x10 [ 3043.375312] kmem_cache_alloc+0x5b/0x480 [ 3043.376158] __alloc_file+0x21/0x230 [ 3043.376907] alloc_empty_file+0x6d/0x170 [ 3043.377725] path_openat+0xe1/0x2870 [ 3043.378490] ? path_lookupat+0x850/0x850 [ 3043.379313] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3043.380397] ? lock_is_held_type+0xd7/0x130 [ 3043.381277] do_filp_open+0x1aa/0x400 [ 3043.382044] ? may_open_dev+0xf0/0xf0 [ 3043.382809] ? lock_release+0x3b2/0x750 [ 3043.383615] ? alloc_fd+0x2f0/0x670 [ 3043.384350] ? lock_downgrade+0x6d0/0x6d0 [ 3043.385188] ? rwlock_bug.part.0+0x90/0x90 [ 3043.386040] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3043.387142] ? _find_next_bit+0x1e5/0x260 [ 3043.387999] ? _raw_spin_unlock+0x24/0x40 [ 3043.388834] ? alloc_fd+0x2f0/0x670 [ 3043.389584] do_sys_openat2+0x16d/0x4c0 [ 3043.390394] ? build_open_flags+0x6f0/0x6f0 [ 3043.391289] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3043.392416] __x64_sys_openat+0x13f/0x1f0 [ 3043.393238] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 3043.394214] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3043.395244] do_syscall_64+0x3b/0x90 [ 3043.396008] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3043.397043] RIP: 0033:0x7f2939eb4a04 [ 3043.397775] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3043.401408] RSP: 002b:00007f2937476ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3043.402909] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4a04 [ 3043.404334] RDX: 0000000000000002 RSI: 00007f2937477000 RDI: 00000000ffffff9c [ 3043.405742] RBP: 00007f2937477000 R08: 0000000000000000 R09: ffffffffffffffff [ 3043.407152] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3043.408575] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3043.410033] [ 3043.419269] FAULT_INJECTION: forcing a failure. [ 3043.419269] name failslab, interval 1, probability 0, space 0, times 0 [ 3043.420472] CPU: 0 PID: 15292 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3043.421337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3043.422547] Call Trace: [ 3043.422825] [ 3043.423058] dump_stack_lvl+0x8b/0xb3 [ 3043.423492] should_fail.cold+0x5/0xa [ 3043.423781] loop3: detected capacity change from 0 to 512 [ 3043.423895] ? __alloc_file+0x21/0x230 [ 3043.425404] should_failslab+0x5/0x10 [ 3043.425811] kmem_cache_alloc+0x5b/0x480 [ 3043.426256] __alloc_file+0x21/0x230 [ 3043.426659] alloc_empty_file+0x6d/0x170 [ 3043.427088] path_openat+0xe1/0x2870 [ 3043.427508] ? path_lookupat+0x850/0x850 [ 3043.427940] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3043.428535] ? lock_is_held_type+0xd7/0x130 [ 3043.429028] do_filp_open+0x1aa/0x400 [ 3043.429461] ? may_open_dev+0xf0/0xf0 [ 3043.429902] ? lock_release+0x3b2/0x750 [ 3043.430347] ? alloc_fd+0x2f0/0x670 [ 3043.430745] ? lock_downgrade+0x6d0/0x6d0 [ 3043.431220] ? rwlock_bug.part.0+0x90/0x90 [ 3043.431710] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3043.432326] ? _find_next_bit+0x1e5/0x260 [ 3043.432805] ? _raw_spin_unlock+0x24/0x40 [ 3043.433271] ? alloc_fd+0x2f0/0x670 [ 3043.433691] do_sys_openat2+0x16d/0x4c0 [ 3043.434142] ? build_open_flags+0x6f0/0x6f0 [ 3043.434639] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3043.435254] __x64_sys_openat+0x13f/0x1f0 [ 3043.435718] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 3043.436258] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3043.436826] do_syscall_64+0x3b/0x90 [ 3043.437236] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3043.437809] RIP: 0033:0x7f9ecc29fa04 [ 3043.438214] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3043.440257] RSP: 002b:00007f9ec9861ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3043.441088] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fa04 [ 3043.441884] RDX: 0000000000000002 RSI: 00007f9ec9862000 RDI: 00000000ffffff9c [ 3043.442669] RBP: 00007f9ec9862000 R08: 0000000000000000 R09: ffffffffffffffff [ 3043.443462] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3043.444268] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3043.445059] [ 3043.457097] FAULT_INJECTION: forcing a failure. [ 3043.457097] name failslab, interval 1, probability 0, space 0, times 0 [ 3043.459390] CPU: 1 PID: 15293 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3043.461082] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3043.463325] Call Trace: [ 3043.463839] [ 3043.464289] dump_stack_lvl+0x8b/0xb3 [ 3043.465069] should_fail.cold+0x5/0xa [ 3043.465835] ? __list_lru_init+0xc7/0x590 [ 3043.466677] should_failslab+0x5/0x10 [ 3043.467455] __kmalloc+0x72/0x440 [ 3043.468178] __list_lru_init+0xc7/0x590 [ 3043.468982] alloc_super+0x83e/0x9d0 [ 3043.469748] ? test_single_super+0x10/0x10 [ 3043.470597] sget_fc+0x13e/0x7a0 [ 3043.471286] ? set_bdev_super+0x310/0x310 [ 3043.472147] get_tree_bdev+0x1bb/0x740 [ 3043.472935] ? ext4_reconfigure+0x27f0/0x27f0 [ 3043.473856] vfs_get_tree+0x8e/0x2f0 [ 3043.474611] path_mount+0x131b/0x1f80 [ 3043.475386] ? kasan_quarantine_put+0x87/0x1e0 [ 3043.476334] ? finish_automount+0xa20/0xa20 [ 3043.477204] ? kmem_cache_free+0xe0/0x420 [ 3043.478054] ? putname+0xfe/0x140 [ 3043.478765] __x64_sys_mount+0x27e/0x300 [ 3043.479606] ? path_mount+0x1f80/0x1f80 [ 3043.480408] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3043.481450] do_syscall_64+0x3b/0x90 [ 3043.482213] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3043.483253] RIP: 0033:0x7fc14228f04a [ 3043.484016] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3043.487717] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 3043.489220] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 3043.490656] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 3043.492077] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 3043.493503] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 3043.494925] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 3043.496396] 19:37:04 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) creat(&(0x7f0000000040)='./file1\x00', 0x2) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:37:04 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 25) 19:37:04 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000180006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000038000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3043.586463] FAULT_INJECTION: forcing a failure. [ 3043.586463] name failslab, interval 1, probability 0, space 0, times 0 [ 3043.587724] CPU: 0 PID: 15301 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3043.588628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3043.589810] Call Trace: [ 3043.590089] [ 3043.590334] dump_stack_lvl+0x8b/0xb3 [ 3043.590759] should_fail.cold+0x5/0xa [ 3043.591171] ? create_object.isra.0+0x3a/0xa20 [ 3043.591673] should_failslab+0x5/0x10 [ 3043.592093] kmem_cache_alloc+0x5b/0x480 [ 3043.592541] create_object.isra.0+0x3a/0xa20 [ 3043.593012] ? kasan_unpoison+0x23/0x50 [ 3043.593448] kmem_cache_alloc+0x239/0x480 [ 3043.593916] __alloc_file+0x21/0x230 [ 3043.594326] alloc_empty_file+0x6d/0x170 [ 3043.594775] path_openat+0xe1/0x2870 [ 3043.595191] ? path_lookupat+0x850/0x850 [ 3043.595651] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3043.596220] ? lock_is_held_type+0xd7/0x130 [ 3043.596689] do_filp_open+0x1aa/0x400 [ 3043.597096] ? may_open_dev+0xf0/0xf0 [ 3043.597508] ? lock_release+0x3b2/0x750 [ 3043.597927] ? alloc_fd+0x2f0/0x670 [ 3043.598340] ? lock_downgrade+0x6d0/0x6d0 [ 3043.598786] ? rwlock_bug.part.0+0x90/0x90 [ 3043.599261] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3043.599853] ? _find_next_bit+0x1e5/0x260 [ 3043.600319] ? _raw_spin_unlock+0x24/0x40 [ 3043.600758] ? alloc_fd+0x2f0/0x670 [ 3043.601172] do_sys_openat2+0x16d/0x4c0 [ 3043.601600] ? build_open_flags+0x6f0/0x6f0 [ 3043.602084] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3043.602667] __x64_sys_openat+0x13f/0x1f0 [ 3043.603121] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 3043.603644] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3043.604209] do_syscall_64+0x3b/0x90 [ 3043.604604] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3043.605185] RIP: 0033:0x7f2939eb4a04 [ 3043.605571] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3043.607646] RSP: 002b:00007f2937476ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3043.608446] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4a04 [ 3043.609241] RDX: 0000000000000002 RSI: 00007f2937477000 RDI: 00000000ffffff9c [ 3043.610043] RBP: 00007f2937477000 R08: 0000000000000000 R09: ffffffffffffffff [ 3043.610846] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3043.611644] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3043.612451] 19:37:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 25) [ 3043.629586] loop2: detected capacity change from 0 to 512 [ 3043.655535] FAULT_INJECTION: forcing a failure. [ 3043.655535] name failslab, interval 1, probability 0, space 0, times 0 [ 3043.656826] CPU: 0 PID: 15308 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3043.657701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3043.658644] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3043.658878] Call Trace: [ 3043.658885] [ 3043.658891] dump_stack_lvl+0x8b/0xb3 [ 3043.658915] should_fail.cold+0x5/0xa [ 3043.661746] ? create_object.isra.0+0x3a/0xa20 [ 3043.662230] should_failslab+0x5/0x10 [ 3043.662631] kmem_cache_alloc+0x5b/0x480 [ 3043.663073] create_object.isra.0+0x3a/0xa20 [ 3043.663588] ? kasan_unpoison+0x23/0x50 [ 3043.664014] kmem_cache_alloc+0x239/0x480 [ 3043.664464] __alloc_file+0x21/0x230 [ 3043.664858] alloc_empty_file+0x6d/0x170 [ 3043.665294] path_openat+0xe1/0x2870 [ 3043.665699] ? path_lookupat+0x850/0x850 [ 3043.666138] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3043.666693] ? lock_is_held_type+0xd7/0x130 [ 3043.667163] do_filp_open+0x1aa/0x400 [ 3043.667573] ? may_open_dev+0xf0/0xf0 [ 3043.667975] ? lock_release+0x3b2/0x750 [ 3043.668402] ? alloc_fd+0x2f0/0x670 [ 3043.668797] ? lock_downgrade+0x6d0/0x6d0 [ 3043.669251] ? rwlock_bug.part.0+0x90/0x90 [ 3043.669705] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3043.670298] ? _find_next_bit+0x1e5/0x260 [ 3043.670746] ? _raw_spin_unlock+0x24/0x40 [ 3043.671186] ? alloc_fd+0x2f0/0x670 [ 3043.671595] do_sys_openat2+0x16d/0x4c0 [ 3043.672038] ? build_open_flags+0x6f0/0x6f0 [ 3043.672502] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3043.673104] __x64_sys_openat+0x13f/0x1f0 [ 3043.673535] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 3043.674056] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3043.674597] do_syscall_64+0x3b/0x90 [ 3043.674998] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3043.675571] RIP: 0033:0x7f9ecc29fa04 [ 3043.675965] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3043.677986] RSP: 002b:00007f9ec9861ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3043.678775] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fa04 [ 3043.679571] RDX: 0000000000000002 RSI: 00007f9ec9862000 RDI: 00000000ffffff9c [ 3043.680344] RBP: 00007f9ec9862000 R08: 0000000000000000 R09: ffffffffffffffff [ 3043.681129] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3043.681912] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3043.682712] [ 3043.724249] loop4: detected capacity change from 0 to 512 [ 3043.728432] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3043.751738] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 3043.769917] loop6: detected capacity change from 0 to 512 [ 3043.777066] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3043.794084] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. 19:37:16 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 26) 19:37:16 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 26) 19:37:16 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="2000800080001c0006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:16 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xc000, 0x0) r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unlink(0x0) connect$bt_sco(r1, &(0x7f0000000180)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) openat(r1, &(0x7f0000000000)='./file1\x00', 0x82000, 0x50) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x9, 0x49, 0x0, 0x2a}) ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0) recvmsg$unix(r4, &(0x7f00000014c0)={&(0x7f0000000040), 0x6e, &(0x7f0000001400)=[{&(0x7f00000000c0)=""/51, 0x33}, {&(0x7f00000001c0)=""/116, 0x74}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000001300)=""/247, 0xf7}, {&(0x7f0000000240)=""/58, 0x3a}], 0x5, &(0x7f0000001480)=[@cred={{0x1c}}], 0x20}, 0x142) write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220) sendfile(r3, r2, 0x0, 0xfffffdef) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x2) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:37:16 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000048000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:16 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 100) 19:37:16 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000040)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x7ff}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf40010000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:37:16 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xc2, 0x0) [ 3055.697548] FAULT_INJECTION: forcing a failure. [ 3055.697548] name failslab, interval 1, probability 0, space 0, times 0 [ 3055.700026] CPU: 1 PID: 15321 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3055.701752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3055.704122] Call Trace: [ 3055.704658] [ 3055.705128] dump_stack_lvl+0x8b/0xb3 [ 3055.705955] should_fail.cold+0x5/0xa [ 3055.706748] ? security_file_alloc+0x34/0x170 [ 3055.707697] should_failslab+0x5/0x10 [ 3055.708496] kmem_cache_alloc+0x5b/0x480 [ 3055.709360] security_file_alloc+0x34/0x170 [ 3055.710260] __alloc_file+0xb6/0x230 [ 3055.711039] alloc_empty_file+0x6d/0x170 [ 3055.711908] path_openat+0xe1/0x2870 [ 3055.712707] ? path_lookupat+0x850/0x850 [ 3055.713555] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3055.714662] ? lock_is_held_type+0xd7/0x130 [ 3055.715592] do_filp_open+0x1aa/0x400 [ 3055.716396] ? may_open_dev+0xf0/0xf0 [ 3055.717192] ? lock_release+0x3b2/0x750 [ 3055.718014] ? alloc_fd+0x2f0/0x670 [ 3055.718779] ? lock_downgrade+0x6d0/0x6d0 [ 3055.719647] ? rwlock_bug.part.0+0x90/0x90 [ 3055.720524] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3055.721663] ? _find_next_bit+0x1e5/0x260 [ 3055.722524] ? _raw_spin_unlock+0x24/0x40 [ 3055.723391] ? alloc_fd+0x2f0/0x670 [ 3055.724192] do_sys_openat2+0x16d/0x4c0 [ 3055.725033] ? build_open_flags+0x6f0/0x6f0 [ 3055.725939] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3055.727091] __x64_sys_openat+0x13f/0x1f0 [ 3055.727952] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 3055.728951] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3055.730017] do_syscall_64+0x3b/0x90 [ 3055.730798] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3055.731876] RIP: 0033:0x7f9ecc29fa04 [ 3055.732637] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3055.736370] RSP: 002b:00007f9ec9861ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3055.737908] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fa04 [ 3055.739348] RDX: 0000000000000002 RSI: 00007f9ec9862000 RDI: 00000000ffffff9c [ 3055.740838] RBP: 00007f9ec9862000 R08: 0000000000000000 R09: ffffffffffffffff [ 3055.742298] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3055.743821] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3055.745321] [ 3055.754803] loop1: detected capacity change from 0 to 512 [ 3055.755736] FAULT_INJECTION: forcing a failure. [ 3055.755736] name failslab, interval 1, probability 0, space 0, times 0 [ 3055.758053] CPU: 1 PID: 15324 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3055.759751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3055.762023] Call Trace: [ 3055.762549] [ 3055.763000] dump_stack_lvl+0x8b/0xb3 [ 3055.763796] should_fail.cold+0x5/0xa [ 3055.764591] ? security_file_alloc+0x34/0x170 [ 3055.765501] should_failslab+0x5/0x10 [ 3055.766283] kmem_cache_alloc+0x5b/0x480 [ 3055.767122] security_file_alloc+0x34/0x170 [ 3055.768022] __alloc_file+0xb6/0x230 [ 3055.768773] alloc_empty_file+0x6d/0x170 [ 3055.769598] path_openat+0xe1/0x2870 [ 3055.770363] ? path_lookupat+0x850/0x850 [ 3055.771180] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3055.772252] ? lock_is_held_type+0xd7/0x130 [ 3055.773140] do_filp_open+0x1aa/0x400 [ 3055.773913] ? may_open_dev+0xf0/0xf0 [ 3055.774687] ? lock_release+0x3b2/0x750 [ 3055.775483] ? alloc_fd+0x2f0/0x670 [ 3055.776244] ? lock_downgrade+0x6d0/0x6d0 [ 3055.777088] ? rwlock_bug.part.0+0x90/0x90 [ 3055.777944] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3055.779058] ? _find_next_bit+0x1e5/0x260 [ 3055.779910] ? _raw_spin_unlock+0x24/0x40 [ 3055.780756] ? alloc_fd+0x2f0/0x670 [ 3055.781526] do_sys_openat2+0x16d/0x4c0 [ 3055.782397] ? build_open_flags+0x6f0/0x6f0 [ 3055.783430] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3055.784777] __x64_sys_openat+0x13f/0x1f0 [ 3055.785748] ? __ia32_compat_sys_open+0x1c0/0x1c0 19:37:17 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 27) [ 3055.786881] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3055.788247] do_syscall_64+0x3b/0x90 [ 3055.789131] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3055.790366] RIP: 0033:0x7f2939eb4a04 [ 3055.791233] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3055.795494] RSP: 002b:00007f2937476ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3055.797261] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4a04 [ 3055.797627] FAULT_INJECTION: forcing a failure. [ 3055.797627] name failslab, interval 1, probability 0, space 0, times 0 [ 3055.798907] RDX: 0000000000000002 RSI: 00007f2937477000 RDI: 00000000ffffff9c [ 3055.798929] RBP: 00007f2937477000 R08: 0000000000000000 R09: ffffffffffffffff [ 3055.803417] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3055.805070] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3055.806747] [ 3055.807286] CPU: 0 PID: 15332 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3055.808181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3055.809359] Call Trace: [ 3055.809629] [ 3055.809866] dump_stack_lvl+0x8b/0xb3 [ 3055.810285] should_fail.cold+0x5/0xa [ 3055.810704] ? create_object.isra.0+0x3a/0xa20 [ 3055.811191] should_failslab+0x5/0x10 [ 3055.811608] kmem_cache_alloc+0x5b/0x480 [ 3055.812048] create_object.isra.0+0x3a/0xa20 [ 3055.812295] loop5: detected capacity change from 0 to 512 [ 3055.812513] ? kasan_unpoison+0x23/0x50 [ 3055.812534] kmem_cache_alloc+0x239/0x480 [ 3055.814626] security_file_alloc+0x34/0x170 [ 3055.815084] __alloc_file+0xb6/0x230 [ 3055.815481] alloc_empty_file+0x6d/0x170 [ 3055.815935] path_openat+0xe1/0x2870 [ 3055.816339] ? path_lookupat+0x850/0x850 [ 3055.816778] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3055.817361] ? lock_is_held_type+0xd7/0x130 [ 3055.817831] do_filp_open+0x1aa/0x400 [ 3055.818233] ? may_open_dev+0xf0/0xf0 [ 3055.818649] ? lock_release+0x3b2/0x750 [ 3055.819078] ? alloc_fd+0x2f0/0x670 [ 3055.819482] ? lock_downgrade+0x6d0/0x6d0 [ 3055.819939] ? rwlock_bug.part.0+0x90/0x90 [ 3055.819937] loop3: detected capacity change from 0 to 512 [ 3055.820398] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3055.820421] ? _find_next_bit+0x1e5/0x260 [ 3055.820443] ? _raw_spin_unlock+0x24/0x40 [ 3055.823145] ? alloc_fd+0x2f0/0x670 [ 3055.823554] do_sys_openat2+0x16d/0x4c0 [ 3055.823991] ? build_open_flags+0x6f0/0x6f0 [ 3055.824457] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3055.825037] __x64_sys_openat+0x13f/0x1f0 [ 3055.825484] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 3055.825999] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3055.826548] do_syscall_64+0x3b/0x90 [ 3055.826955] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3055.827523] RIP: 0033:0x7f9ecc29fa04 [ 3055.827923] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3055.829879] RSP: 002b:00007f9ec9861ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3055.830680] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc29fa04 [ 3055.831446] RDX: 0000000000000002 RSI: 00007f9ec9862000 RDI: 00000000ffffff9c [ 3055.832220] RBP: 00007f9ec9862000 R08: 0000000000000000 R09: ffffffffffffffff [ 3055.832750] FAULT_INJECTION: forcing a failure. [ 3055.832750] name failslab, interval 1, probability 0, space 0, times 0 [ 3055.832986] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3055.832997] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3055.837006] [ 3055.837261] CPU: 1 PID: 15328 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3055.837861] loop2: detected capacity change from 0 to 512 [ 3055.839141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3055.839163] Call Trace: [ 3055.839173] [ 3055.843400] dump_stack_lvl+0x8b/0xb3 [ 3055.844309] should_fail.cold+0x5/0xa [ 3055.845176] ? create_object.isra.0+0x3a/0xa20 [ 3055.846209] should_failslab+0x5/0x10 [ 3055.847073] kmem_cache_alloc+0x5b/0x480 [ 3055.848024] create_object.isra.0+0x3a/0xa20 [ 3055.849021] ? kasan_unpoison+0x23/0x50 [ 3055.849923] __kmalloc+0x25b/0x440 [ 3055.850747] __list_lru_init+0xc7/0x590 [ 3055.851678] alloc_super+0x83e/0x9d0 [ 3055.852527] ? test_single_super+0x10/0x10 [ 3055.853477] sget_fc+0x13e/0x7a0 [ 3055.854246] ? set_bdev_super+0x310/0x310 [ 3055.855191] get_tree_bdev+0x1bb/0x740 [ 3055.856080] ? ext4_reconfigure+0x27f0/0x27f0 [ 3055.857112] vfs_get_tree+0x8e/0x2f0 [ 3055.857956] path_mount+0x131b/0x1f80 [ 3055.858836] ? kasan_quarantine_put+0x87/0x1e0 [ 3055.859868] ? finish_automount+0xa20/0xa20 [ 3055.860837] ? kmem_cache_free+0xe0/0x420 [ 3055.861781] ? putname+0xfe/0x140 [ 3055.862571] __x64_sys_mount+0x27e/0x300 [ 3055.863484] ? path_mount+0x1f80/0x1f80 [ 3055.864401] ? syscall_enter_from_user_mode+0x27/0x50 [ 3055.865558] do_syscall_64+0x3b/0x90 [ 3055.866433] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3055.867551] RIP: 0033:0x7fc14228f04a [ 3055.868374] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3055.872440] RSP: 002b:00007fc13f802fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 3055.874103] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fc14228f04a [ 3055.875678] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fc13f803000 [ 3055.877230] RBP: 00007fc13f803040 R08: 00007fc13f803040 R09: 0000000020000000 [ 3055.878780] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 3055.880336] R13: 0000000020000100 R14: 00007fc13f803000 R15: 0000000020012c00 [ 3055.881915] [ 3055.905878] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 not in group (block 50331648)! [ 3055.907127] EXT4-fs (loop2): group descriptors corrupted! 19:37:17 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 27) [ 3055.921551] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3055.923939] EXT4-fs (loop3): get root inode failed [ 3055.924503] EXT4-fs (loop3): mount failed [ 3055.930287] loop2: detected capacity change from 0 to 512 [ 3055.941737] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3055.949345] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 not in group (block 50331648)! [ 3055.950527] EXT4-fs (loop2): group descriptors corrupted! [ 3055.952471] FAULT_INJECTION: forcing a failure. [ 3055.952471] name failslab, interval 1, probability 0, space 0, times 0 [ 3055.953722] CPU: 0 PID: 15341 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3055.954621] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3055.955892] Call Trace: [ 3055.956172] [ 3055.956407] dump_stack_lvl+0x8b/0xb3 [ 3055.956834] should_fail.cold+0x5/0xa [ 3055.957255] ? create_object.isra.0+0x3a/0xa20 [ 3055.957748] should_failslab+0x5/0x10 [ 3055.958170] kmem_cache_alloc+0x5b/0x480 [ 3055.958626] create_object.isra.0+0x3a/0xa20 [ 3055.959110] ? kasan_unpoison+0x23/0x50 [ 3055.959549] kmem_cache_alloc+0x239/0x480 [ 3055.960034] security_file_alloc+0x34/0x170 [ 3055.960536] __alloc_file+0xb6/0x230 [ 3055.960951] alloc_empty_file+0x6d/0x170 [ 3055.961411] path_openat+0xe1/0x2870 [ 3055.961838] ? path_lookupat+0x850/0x850 [ 3055.962287] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3055.962880] ? lock_is_held_type+0xd7/0x130 [ 3055.963370] do_filp_open+0x1aa/0x400 [ 3055.963802] ? may_open_dev+0xf0/0xf0 [ 3055.964232] ? lock_release+0x3b2/0x750 [ 3055.964680] ? alloc_fd+0x2f0/0x670 [ 3055.965087] ? lock_downgrade+0x6d0/0x6d0 [ 3055.965557] ? rwlock_bug.part.0+0x90/0x90 [ 3055.966037] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3055.966653] ? _find_next_bit+0x1e5/0x260 [ 3055.967126] ? _raw_spin_unlock+0x24/0x40 [ 3055.967570] ? alloc_fd+0x2f0/0x670 [ 3055.968010] do_sys_openat2+0x16d/0x4c0 [ 3055.968443] ? build_open_flags+0x6f0/0x6f0 [ 3055.968948] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3055.969479] ? xfd_validate_state+0x59/0x180 [ 3055.969979] __x64_sys_openat+0x13f/0x1f0 [ 3055.970432] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 3055.970968] ? syscall_enter_from_user_mode+0x1d/0x50 [ 3055.971541] do_syscall_64+0x3b/0x90 [ 3055.971972] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3055.972551] RIP: 0033:0x7f2939eb4a04 [ 3055.972960] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 3055.974980] RSP: 002b:00007f2937476ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 3055.975832] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939eb4a04 [ 3055.976622] RDX: 0000000000000002 RSI: 00007f2937477000 RDI: 00000000ffffff9c [ 3055.977426] RBP: 00007f2937477000 R08: 0000000000000000 R09: ffffffffffffffff [ 3055.978227] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 3055.979020] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3055.979861] 19:37:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000058000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:17 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000200006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3055.988415] loop6: detected capacity change from 0 to 512 19:37:17 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3055.999186] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3056.023240] loop3: detected capacity change from 0 to 512 [ 3056.028721] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. 19:37:17 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000040)) setresuid(0x0, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000140)=0x52f0091e780ef9b5, 0x4) 19:37:17 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xc3, 0x0) 19:37:17 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="2000800080003a0006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3056.090066] loop4: detected capacity change from 0 to 512 19:37:17 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 28) [ 3056.092074] loop5: detected capacity change from 0 to 512 [ 3056.101849] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3056.103517] EXT4-fs (loop3): get root inode failed [ 3056.104046] EXT4-fs (loop3): mount failed [ 3056.105202] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3056.116250] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem 19:37:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000068000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3056.134753] loop2: detected capacity change from 0 to 512 [ 3056.151996] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 3056.158082] blktrace: Concurrent blktraces are not allowed on sr0 [ 3056.186445] FAULT_INJECTION: forcing a failure. [ 3056.186445] name failslab, interval 1, probability 0, space 0, times 0 [ 3056.187787] CPU: 0 PID: 15364 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3056.188688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3056.189917] Call Trace: [ 3056.190196] [ 3056.190444] dump_stack_lvl+0x8b/0xb3 [ 3056.190868] should_fail.cold+0x5/0xa [ 3056.191293] ? __kernfs_new_node+0xd4/0x8b0 [ 3056.191785] should_failslab+0x5/0x10 [ 3056.192202] kmem_cache_alloc+0x5b/0x480 [ 3056.192649] __kernfs_new_node+0xd4/0x8b0 [ 3056.193108] ? kernfs_path_from_node+0x60/0x60 [ 3056.193604] ? selinux_sb_statfs+0x1ba/0x250 [ 3056.194090] ? find_held_lock+0x2c/0x110 [ 3056.194530] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3056.195145] ? shmem_statfs+0x1b3/0x3e0 [ 3056.195575] kernfs_create_dir_ns+0x9c/0x220 [ 3056.196070] internal_create_group+0x782/0xb20 [ 3056.196580] ? sysfs_remove_group+0x170/0x170 [ 3056.197081] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3056.197637] loop_configure+0xf2f/0x1a10 [ 3056.198101] lo_ioctl+0x932/0x1990 [ 3056.198501] ? __x64_sys_openat+0x13f/0x1f0 [ 3056.198977] ? loop_set_status_old+0x1b0/0x1b0 [ 3056.199475] ? avc_ss_reset+0x180/0x180 [ 3056.199958] ? __lock_acquire+0xbac/0x6120 [ 3056.200468] ? loop_set_status_old+0x1b0/0x1b0 [ 3056.200966] blkdev_ioctl+0x356/0x7f0 [ 3056.201378] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3056.201893] ? selinux_file_ioctl+0xb1/0x260 [ 3056.202376] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3056.202984] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3056.203509] __x64_sys_ioctl+0x196/0x210 [ 3056.203969] do_syscall_64+0x3b/0x90 [ 3056.204385] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3056.204952] RIP: 0033:0x7f9ecc2ec8d7 [ 3056.205353] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3056.207371] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3056.208208] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3056.208978] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3056.209764] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3056.210539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3056.211324] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3056.212117] [ 3056.212405] loop6: detected capacity change from 0 to 512 [ 3056.225729] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:37:17 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xb0c0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3056.260366] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 3056.262440] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3056.306795] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 3056.316001] loop3: detected capacity change from 0 to 88 [ 3056.360522] EXT4-fs (loop3): bad geometry: block count 128 exceeds size of device (22 blocks) [ 3056.375950] loop3: detected capacity change from 0 to 88 [ 3056.381034] EXT4-fs (loop3): bad geometry: block count 128 exceeds size of device (22 blocks) [ 3069.455647] loop3: detected capacity change from 0 to 88 [ 3069.465942] FAULT_INJECTION: forcing a failure. [ 3069.465942] name failslab, interval 1, probability 0, space 0, times 0 [ 3069.467192] CPU: 1 PID: 15382 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3069.468067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3069.469263] Call Trace: [ 3069.469536] [ 3069.469778] dump_stack_lvl+0x8b/0xb3 [ 3069.470193] should_fail.cold+0x5/0xa [ 3069.470601] ? create_object.isra.0+0x3a/0xa20 [ 3069.471091] should_failslab+0x5/0x10 [ 3069.471505] kmem_cache_alloc+0x5b/0x480 [ 3069.471965] create_object.isra.0+0x3a/0xa20 [ 3069.472442] ? kasan_unpoison+0x23/0x50 [ 3069.472869] kmem_cache_alloc+0x239/0x480 [ 3069.473324] __kernfs_new_node+0xd4/0x8b0 [ 3069.473773] ? kernfs_path_from_node+0x60/0x60 [ 3069.474276] ? selinux_sb_statfs+0x1ba/0x250 [ 3069.474742] ? find_held_lock+0x2c/0x110 [ 3069.475180] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3069.475758] ? shmem_statfs+0x1b3/0x3e0 [ 3069.476198] kernfs_create_dir_ns+0x9c/0x220 [ 3069.476678] internal_create_group+0x782/0xb20 [ 3069.477186] ? sysfs_remove_group+0x170/0x170 [ 3069.477667] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3069.478223] loop_configure+0xf2f/0x1a10 [ 3069.478674] lo_ioctl+0x932/0x1990 [ 3069.479061] ? __x64_sys_openat+0x13f/0x1f0 [ 3069.479517] ? loop_set_status_old+0x1b0/0x1b0 [ 3069.480017] ? avc_ss_reset+0x180/0x180 [ 3069.480456] ? __lock_acquire+0xbac/0x6120 [ 3069.480955] ? loop_set_status_old+0x1b0/0x1b0 [ 3069.481455] blkdev_ioctl+0x356/0x7f0 [ 3069.481854] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3069.482366] ? selinux_file_ioctl+0xb1/0x260 [ 3069.482843] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3069.483426] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3069.483936] __x64_sys_ioctl+0x196/0x210 [ 3069.484375] do_syscall_64+0x3b/0x90 [ 3069.484776] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3069.485335] RIP: 0033:0x7f9ecc2ec8d7 [ 3069.485735] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3069.487680] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3069.488499] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3069.489261] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3069.490010] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3069.490767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3069.491534] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3069.492307] [ 3069.498252] loop1: detected capacity change from 0 to 512 [ 3069.503268] EXT4-fs (loop3): bad geometry: block count 128 exceeds size of device (22 blocks) [ 3069.512985] loop3: detected capacity change from 0 to 88 [ 3069.515895] EXT4-fs (loop3): bad geometry: block count 128 exceeds size of device (22 blocks) [ 3069.530201] FAULT_INJECTION: forcing a failure. [ 3069.530201] name failslab, interval 1, probability 0, space 0, times 0 [ 3069.531386] CPU: 1 PID: 15394 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3069.532262] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3069.533449] Call Trace: [ 3069.533721] [ 3069.533959] dump_stack_lvl+0x8b/0xb3 [ 3069.534279] loop5: detected capacity change from 0 to 512 [ 3069.534363] should_fail.cold+0x5/0xa [ 3069.534382] ? __kernfs_new_node+0xd4/0x8b0 [ 3069.534403] should_failslab+0x5/0x10 [ 3069.536760] kmem_cache_alloc+0x5b/0x480 [ 3069.537199] __kernfs_new_node+0xd4/0x8b0 [ 3069.537648] ? kernfs_path_from_node+0x60/0x60 [ 3069.538132] ? selinux_sb_statfs+0x1ba/0x250 [ 3069.538605] ? find_held_lock+0x2c/0x110 [ 3069.539044] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3069.539625] ? shmem_statfs+0x1b3/0x3e0 [ 3069.540063] kernfs_create_dir_ns+0x9c/0x220 [ 3069.540534] internal_create_group+0x782/0xb20 [ 3069.541030] ? sysfs_remove_group+0x170/0x170 [ 3069.541515] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3069.542045] loop_configure+0xf2f/0x1a10 [ 3069.542503] lo_ioctl+0x932/0x1990 [ 3069.542884] ? __x64_sys_openat+0x13f/0x1f0 [ 3069.543355] ? loop_set_status_old+0x1b0/0x1b0 [ 3069.543872] ? avc_ss_reset+0x180/0x180 [ 3069.544313] ? __lock_acquire+0xbac/0x6120 [ 3069.544827] ? loop_set_status_old+0x1b0/0x1b0 [ 3069.545322] blkdev_ioctl+0x356/0x7f0 [ 3069.545726] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3069.546230] ? selinux_file_ioctl+0xb1/0x260 [ 3069.546947] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 19:37:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 28) 19:37:30 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000650006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:30 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000078000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:30 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xc4, 0x0) 19:37:30 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$cgroup(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x2002400, &(0x7f0000000300)={[{@release_agent={'release_agent', 0x3d, './file0'}}], [{@obj_user={'obj_user', 0x3d, '--'}}, {@hash}, {@uid_lt={'uid<', r1}}, {@subj_role={'subj_role', 0x3d, ']])'}}, {@smackfshat}, {@appraise}]}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:37:30 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xb0c1, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:30 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x0, 0x5e, 0x1) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {0xee00}}, './file0\x00'}) r2 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r3 = io_uring_setup(0x2c75, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1}) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000200)=[0xffffffffffffffff, r3, 0xffffffffffffffff], 0x3) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000400)='/proc/bus/input/handlers\x00', 0x0, 0x0) r5 = syz_mount_image$tmpfs(&(0x7f0000000440), &(0x7f0000000480)='./file0\x00', 0x400, 0x5, &(0x7f00000016c0)=[{&(0x7f00000004c0)="0cb05d5e9051bf139e3bafba0911018f508abe38d940ff99b4e3fc258d7f340955150d301f2a59c2b65bd76fac67aefbc9b9fe86f3d70f49dc70db5ff856149e42f972eb7c17b21b29366177fe26f9ab679484f3b0fb2c6d2d24396e82a32edce9c013568029e092c925fb1f680b4d67cab2c49401fbef7d70059e6f7e203bb122d74832b64566857abd760c8337829a77f4f2c90494dffd79", 0x99, 0x8}, {&(0x7f0000000580)="ec8f6425500da7185059d38b3eafeffafc8606d167e1b4d5005be24c56ae698cdcd9af81cba63984fbcbd7a880186f4c63807551e2750c09da4921fa7df2c578cd8d4f63fa32568e5a3789d94b43171b051ecbb9952bea5d77f8e870defbec293a2a2244739834c84648066acb6ff22b5027a071a078adf69979041be4964df548dfb436949bdf1603f893919c25ecfef9006b60332dc5f39d6c2583602a645dbae9f58ba4dea3265982131950a4cc280cf3c126d370b9a8fabe6359273d9f3e78ea4d3d13a06e06cb0f1ad9f593141e18ca317db3a2c57f504c7f6216ae72fec4fcefb3f508df55f7ebce3a4ff1310091a4ecabe96b10da55ddf46d96194f3b14c6ba8ce84cdc4892d14cff47a7d70355cba27702f983d71e7bd820bb0219ea1f41c6ff7b53ff1d56d34d9a87a830e806d42dad8474d0187e2eae56b6b37e7ed1f4d8a63ca6a568ca0d4f5e87c75dc36d9bf7c0d46450ea6f939b265ee6303de382fecb0722cdccf88fe82cbfe858fc8c08e830583fb6f58c73818ef17b9cc5e68c1dcce7e88d1f26fa9d8b04caa841ecb325ab8a6244f50d06af98812becfedbebe5588af62ca5b3e6476790971ff0fd2885e8a722f6e2d6f5fe86b7e73ed8d969525178938357e3aa796c6b28cdf0c83722267e133922eac735a759299d693426fa51a70c647cdb27bb2bcac4a93bb8c383e28b0552bbc5d34bc790639074fa038f68c39b863910b754f3948fc4b7d099b96b8815ba0a6ccb3fcea37684c1c3692222a0e28c4dfd199b412c086ae39de4d6c8fb6bd07022f443ccbbc25a52c04f06e4f3ebf94bd5f43a328d394ef572c3bddd3b1ca41fedb9a402e01aa54953d2c048cd7c7da044431ed9d54de02dc4e95466adbbf8cd28dbdc3edb287534d53c8ab4d691c4b2c0641b02a760c800455cdeff41f4f2686848f41b7dca4375ce3c171fdee1f19f2c97dffadc9846f21da7a47a837553a49d9b5625637dc05a1b1f6cf880dbeb3c2bdd5fc9f6aa138e0079dbf3ca25891cd1e8c65e03b81e15d07c6db7c25e293c1b7e59d1cc4527976a9f862d7e6c0001e801ab1c562e216425ad4e27c12f2cab3ed9ec9b6b5c8c9c68bb2a63d87d4481f773117c3034ce3ca11dd7cd0bf71c851986a53462b7949c8bf5e7d5c56662dc997c7cb1ef9e072ee08c98cbd0dbc0c85bf12f92beedc3ebf6adfaef5003c54f28ca61d14bdd7462bc2d50a52a176437f039b9eca9b71dfb15f549c34150539b1b1c64dadcef38006f8ae9d0b9add84fa1767563e70c107b0803e90f28a7aa42e16ebad2b525df99f41e031ba6e75dbc75b7a67be2da8db110c5fceb832ecc6132c8be3de00cd52a741b73ac9d51424c3385c8150ebb794d620450c53836d177b0ad6b5145926ff91b1d46c3dc5844b0176e73ca29abf90ac9f528f81907533743ca16dafdb84403824ff71023ab12b3e82f683bb3761f1f8caa96f649b71102a03c60a482a9356506ba0da2f75cd5272c71e07ca4fd249673c44355e04519074d4f2efe5eff21c8c285468ee12ae23d0455a8467699dac0f1636f23d12297869ca7b8bff64e61bdef8615be8bd73cd6077dbef661109444fb7698d9bbe421d1022f085c632e79e1643818eaa6ce9d50b5b75e90e347d3d5e54552e43b8a1dfb43e4433126415fd1ca0fe8ddfa22f280361ca0480b031b515cb2fc3e374b064b7519ba86958824e083d10dc96800ce10a451a1938bc1399a13c9812067951f6a270fc4a43d83ef4f8aedb82656fde992dbcbaf13b20d92b555f91d88b7cec0adf80b8af0956c20c846e01406d90aa680cf22c4f27243aa61aa27ca7b86774faf4e3e55cbb874d03b3ff9a316d235f43de00005564e963735dee2aed8c78079a610f2d0e335c313f413e17b06b30a823485a721fa4485978b6849b3c5fbe22ccb3eaf71ff7598fdff6e408b3052fdced5608842231b82ebc9791aeaee3bcf58344918f9ef2a2f4c3661d343a4d0d76a3b57a8646a14f8ca04d64b0dde5108aa37cd31684d2feb75b3627d1123bffc5379ed7377011ee92d567ec5fe38e0bf711a4a98edec258066d87fad5826559c82f7852e06643eb38339d6cd944f19bc9cea2d092b7e83c4c1a924fd993bce40e4c0e19d72abb14efff75373fce1cd0140ca01969d653991a787d45814c36f148a35659f866dcb221d308d42cc9734a66bd8488d60a5ff486e1f7d1dd467cdc8c382351754638632c2333f8fbedc4da3aca5eb4b514be8bd8f525224a58a300c31901583bdf98e2fcdddea3cd9950d0741c5ff9c811eb3898819db6059d7700d9514fba7eb257595b78aaa0437d5e864006f11c02dc5cc51e8f28486bce24b10f784a52a959eec4ec6c0fba52824eae9deb88a85a7c26a36c08d8a1ddaef093346ae8c7578dfe609ab6717d1a1e2465683ef20a5326d507fa71ddd94838a0f1c967998098e4efcb9c5624e1786130b776d85278d8b6992b795e872efb73a1db70d51a18b990fc55699a6ee77e1d4c6eb3b28a525ce99ed101fc9063c50f704c08176e6a2dea96955e30439d0964c0f765f004f1f261cf5ef03a1029a0c359803b7102aea21ec6639e281e8fe3e3bfdec33ea92f9bb92e676824c20f8b515d9373588709b5f04587b73e44c6fac5c58f0ba299b9f735265aff714befe42b3a0b38711e8c48ff4615eeb3341a5dbe04ec0bde4535073a49a45d0f6844d1b090adda2e06f17167c5c0486c6d4335e8362c4b60777750dcb610043daa276acdb2e6c1e635fab80eb4801c129d63ee2d6d135fe855efd74ed77e40919a7a202f4e0142ce37863c94ef03c492037c882bf5a6851e09292f8b87e49f0263592bc56ea76b2c52d8bf89f625cbc6c347fce0843c7eeda830ad9c8fa3b09fb24ff9ba1d11964299b1c26ec821a669d8f057531b776dbcc0fd38e0329cf2d62b191f6ece8916ee42f568464d07829da6e96ea26f134ede4195669a4b028e2077f81390c7ce2ac148705a56ce0e56ed6c01dd983171901371e0e009895ff02473d60331c71e3261fc8220c3f7583e085568a96775a0b8cd09e48698e3dcf7e6850150ca8a81142f2fba8b4fad65c790f86432968adb7828d2cc162ff3aeb56d8eb79bd8f909354cb8b346f9cfa2fdd2d167c0cb9e270321dffe1c93474d11b9d89301553e4674af92d4a23ea832f6fb31dde78ea58e0833da3a629969fd82ecea7f3aacdcf52edf70a2830e507440aebcc5db7a640c82e3d4ad44e62d522ea46890e6fd73c89767a50fbe9c0d2a5a220ccc5e1e1f7540985cece89776c293844311390854e4def73d59e228bbdee327c7a37a4026355169572bac0161c65609bca26d107ddfe868f70b3652efa49cfd17f6056fff8b80b5139559e927d00af75121114de439890e7d9fcb86aee79043b17d4ac4293d1e3753fee3f022e7924e21f63c02f7a111cb6bbbf34d0c8205167668f510a95dbfcd5ebb73a9b7059a999073c5902a0e33ff3298cc5bb7aadd0a24898d6167f4abdf06bff86d44bf2439b2c582fac6d6a811ae18fd62b9360045d4265106413a14b9d4aa0eebd2f5325f30039e882c8fbc1f355b922859a259f030106770d92865a646d18f392e54b1eac627939e5135e2c8ee8cbc09664974cc1846ce5410c3b0fd578c5e961a4dbbe4ac3cfb9c1f6233782e8981c79b3b64a6f0cb4d2ebed9f2d8105cd57a0d4ad15670e368e8e78161a43206a5a2273d8d1941a982f14cfccd90a99497b5f6a0445f4d01b0227195de1a66e604220ade39d3f7b8742cc541e649fbb6700e2391bdbb5cd0ec094d401b613cbc3530f7b575392790a89b16468f6360c2464e5f8ab28d0e8a09ccdec41ef83da91231a81df2f69b7e1bf701ca11a5e022a255abb7cf40d037cb448faa56a8612783efc582b779a26c2d08ab8f93a20634b1d13fb11c855734f0eb87656934745fe9bc51aa863ac372aa1953a4b89eeb4b7b85c70f1fe8a7cbf9507a1e752e599dcb4eec1c37934286e321c56457c2c70b2ff34678034d5f19abfcaa856353c1f9caf6c90138edc293bba12a27a61da28112fbc52e285f162b682a23ddb9637a936b25ee4de99e2c5c5dcce57a75465186fcd2f455d1e5ba38a706b9e4547290683094d040c2512b9b2fdf97b22e2b075f7d8af4ae528cf530b0c901944923a3edef2bdd06c9755ed711124eaea9628cd8bd96f75dcf21eb84a1167b0eaf766e971535f2ec87ca7313f9f9485f79329d97823a11a3054427bccc00308ac89f35aba9413d4bfb80ce2afbe4719de1ba975517a6c757c0e97fde7f24a9bd4b0f5e0981be6334d782ee4c459a394722b7ffe7f9a0c1ec3426be8902c4278793eb27a797332094194472253d615525ed7bee420b100e0045fa58d581aa086d8605ebb46de93956cde773a02fed36bf4f47fdd0d59dec0b6078f1511be820d646db7934a97cae2f1e587f8dac315299740034f9dc898aa038bfb5bfeabef2d84363d31d80532c7911ea3c789cb7ca6ae1ac0eeefe4ae29c356e8e17374f31db2a4ca4892718c669455348426f6fa3046c69808957fc76be6d3a68b7b00893b052eb79227ad4d4847700db7e75fe03489f590b064d1bd6374bc4cc23367b9f1669e028a1c99d184b870cfc9bd9814226d4c455b5b9cce2faf75861ba2449349d0f1e66dc961f5c3c90f87a1879856b3910abd1a447d14915b1e61cf809246e584f60510229a1beb4e2dfa4da70049e393d840dc9fd42eaffe4f98c3d79bd1bbbce5e936221c092c589e86685de2d299c1f8c4aad959d9a45dc151c748bb7429ff3b397e78d3738723623eb9b7a6f8cd9652226e4ca608bce07c62468de265fc7c7cdadf048b895c2337b46a8e1a0235aab0a6ef310d6db3fc66103d875373d3dbea395c9d5c75c1b8a080249b86176e7f8dccdc784ec46eeb86b7ea07c934d6c67e70cebbf464a504c9986c684958318f6b47266057f2aa67a214972753fe267bb3fb14b9b2d6c9888676ffc02de2dcd31613fa62cce3b7ad88c3dbd64eb158b5a88a244d186d3ac60562f82cc72f7edff8bf724739d7d1b6e7c8d1b3ee4941aaf7f32f6da3acdd0d034fa06f15173d79add07e34c3b54b4090a8c60dab09f56d8633fb70b2a8ee680b3147821fb5afd6665b3bb18f92863af09b6d5aa87ea74ab7d85cc6bf8d261c8ca61620eb4fe6547f3ab91885f237ca8f4acee6f91f720c49cd9be27faf4950279fb61da334c4d33a61fa90046c8dbbc9c40d852ea1da95086ceccdc4a2da9173a1123b5abf68c75bc847b57c1c2bc947b691e21e947bdb362117734230b554727e92ae1cf2cb17cace0d96539e6731002597175877dc67cc9c1f2c921f84c90a6a9e63a3faac403ba1eaf967dc9a207167ea73b34b95809e5fa56bef32780ce10ce9d2d17ff81f4db01fa31584540d6d91ddf8b60234ad978be72094811e42c49fb0319322d2363ba858002b0720995ac6830728067edb7b38ec1706486dbc0f5a665e21ce7742b2e18e983ee15863ee26d38c156885a1bdd3249da7535b96c1912206b15b0fb108d21cd9da51e9447d5b27a867d0d3dc59905d5433704065c5dcf2cf2fddb24a4d256c70112fae98e8ea7651ee5ef0a9bd7183179a30c42c423222ef58c863d259b24546a768ff9be23ae9ceb083bea401da401a2904408e07016e38dbec2bcefda56dbd7cfe1131b7b90b7414186f48f1aad29820afc29fe56bb3b21a8d218c0dbcce2d9a451beada48f1f1d677d6977a983f476e29943aa19503708a21cb224d7bd7f32f5e1dfec4cc", 0x1000, 0x9}, {&(0x7f0000001580), 0x0, 0x7}, {&(0x7f00000015c0)="a6d9f92750e792a0f4bdeb3f133fe8c0575bc60330b99e85314f610ad7", 0x1d, 0x5}, {&(0x7f0000001600)="ea04da95ef759bb8fbbef5f57feb31b5107a831fcdd62fa60678a85dc5e6539bbc93487e60301a5d747909435e9345114ff20507a5373fc086b85fec941eca3cc0a44a81add7c421097fb1d10d8be99dd8254a397d49951f19ff97b9c9306d96079e355704f92213a9206ab4c8af8dca6dff121aaab67905d4ce858c42f95bd51d96d83edfbbf2c50d61cfd0d9d6e768584df9749b9987ec6dc54f39d06dd6afa8d8ecaaa9eb3ad605ae6b8c63f2f0e154", 0xb1, 0x7ff}], 0x80, &(0x7f0000001740)={[{@huge_advise}, {@uid={'uid', 0x3d, r1}}, {@huge_within_size}, {@size={'size', 0x3d, [0x2d, 0x33]}}, {@mode={'mode', 0x3d, 0x8}}], [{@obj_type={'obj_type', 0x3d, ']'}}, {@smackfsdef}, {@subj_role={'subj_role', 0x3d, 'user.incfs.id\x00'}}, {@fowner_lt={'fowner<', 0xee01}}, {@smackfsdef={'smackfsdef', 0x3d, 'user.incfs.id\x00'}}]}) kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r3, &(0x7f0000001800)={r4, r5, 0x67}) setxattr$security_capability(&(0x7f0000000040)='./file1\x00', &(0x7f0000000300), &(0x7f00000003c0)=@v3={0x3000000, [{0x7fff, 0x7f}, {0x5, 0x20000000}], r1}, 0x18, 0x1) 19:37:30 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 29) [ 3069.547741] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3069.548271] __x64_sys_ioctl+0x196/0x210 [ 3069.548780] do_syscall_64+0x3b/0x90 [ 3069.549178] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3069.549731] RIP: 0033:0x7f2939f018d7 [ 3069.550122] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3069.552069] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3069.552870] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939f018d7 [ 3069.553622] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3069.554374] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3069.555127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3069.555879] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3069.556639] [ 3069.557660] loop4: detected capacity change from 0 to 512 [ 3069.558832] loop2: detected capacity change from 0 to 512 [ 3069.574094] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 3069.574934] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3069.589896] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:37:30 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xb0c2, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:30 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000088000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:30 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008004800006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3069.618891] loop3: detected capacity change from 0 to 88 [ 3069.669372] loop6: detected capacity change from 0 to 512 [ 3069.671041] EXT4-fs (loop3): bad geometry: block count 128 exceeds size of device (22 blocks) [ 3069.682568] loop3: detected capacity change from 0 to 88 [ 3069.686864] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3069.700607] EXT4-fs (loop3): bad geometry: block count 128 exceeds size of device (22 blocks) 19:37:30 executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) open_tree(0xffffffffffffffff, &(0x7f0000001980)='./file0\x00', 0x81101) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) r2 = open_tree(r0, &(0x7f0000000040)='./file0\x00', 0x81800) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) setresuid(0x0, r1, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) r4 = inotify_init1(0x800) ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f0000000140)=0x0) renameat(r0, &(0x7f0000000180)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00') creat(&(0x7f00000019c0)='./file0\x00', 0x80) ioctl$BTRFS_IOC_DEV_INFO(r3, 0xd000941e, &(0x7f0000000580)={0x0, "a6effac95efe4b3a75a3bb6582fe285f"}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r4, 0x5000943f, &(0x7f0000002100)={{r2}, r5, 0x12, @unused=[0x0, 0x1000, 0x7, 0x3], @devid=r6}) openat(r2, &(0x7f0000000300)='./file0\x00', 0x400000, 0x80) syz_mount_image$msdos(&(0x7f0000000340), &(0x7f0000000380)='./file0\x00', 0xfffffffffffffff8, 0x6, &(0x7f00000018c0)=[{&(0x7f00000003c0)="5cba6b8936f7e832e5ccc0ad02f1a1a2632b6a5c54698aa87bd5578567861f7eee11713aa33136924048a0b16f42d000a0422decffaca96d9f7690fd33e359a4bb668615dfbd1b10e8f44a7d10bd65739f61c888a76b93ba7eb538f764cfe5efc81794dbb8e04d62d54800c5021e49dd2ed49c899815221d079a8d3b1e69e344552122e6016d2a32ae4032c668ca96e624cfbad6", 0x94, 0x4}, {&(0x7f0000000480)="5d15d947fe184f8e1b4912ecd79eb4f35e7362ada6e4ee7bc23f67b3ad41e3539feb56efbf0d88b6c3ee1950d788b525", 0x30, 0x5}, {&(0x7f0000001580)="0bb17dbb12b944d7b61ed03e5033a299cc46c0ab22781fe9ffaf8640744b977cd5887bb6c8b24c5d0c5405c0db5a6de8fcc96f53613241ef14736fe69600e50617c349bfa876c159a533d927c7ef4f430b1d78a11c966b95e5f3cf6dec8b000dfe8d6dcedbb663b303ef82e9fdcda3200e130b3d9150b8afc46c5857689aa1cb614de73289ec1413d81f9ab69cda74a2db243fa511018212246a5d5930e3caf70a88007fdf7f5cd90f37060ea74d0550a85d9a4d3e9022b70c41356d9884586cb248f7086634e876cdba277d3e63187c8f8134e7f2ef37280c3f0fd5f2b301fc408b21fffcf315aec009", 0xea, 0x100000001}, {&(0x7f0000001680)="8084dbdeefc99135b9884517819a22ccd3a8f6d564f2e5ba9418c00f669cf6532665b28ff128874c13bddd1af6b63f11669a1d427ee84be9fbe330b01a7bfde8d257a2ada377b5d7f8b1ca6166383b39fd97b61bebefb3bb38248e7e5b6d271f6463ed5ecd020b057fea01a2f7c50941b2d79ce76ad545075aa231dbc26eb094e2d244a3b9423b6ebeedd84d", 0x8c, 0x18000000000000}, {&(0x7f0000001740)="f5d199afecc4540d549745cf656eb9d5c1db103c580005deff2f8eca4e8dd6da978bf17cd81ff43b32adb937111fc8fd8a7e7ad60f478f333ca70944bbde06b2b53f258f1153eade81920613194e2932f3de778df1dec5e00536edc8a271a56f1f700ff4c5bbca96d8f86b6f61d13b1673c327b54b5679e30caa05ae9d8c756b2be7fb18fdde663a689c90f6055637072b5bb0507a3d8fca3d4f640d9d1293c04f3d619311d52ca8110052fe3e39d135dc5cae96a2c71f2b", 0xb8, 0x9}, {&(0x7f0000001800)="0043620cc6b7be531729265489d41f6b415edb73f09b36798a0debe3321da8c414ebd24955b38c9b6e3d85b4632af786e7195b857ca539adb04be9675c951fa1b00d48fb49195bc04adc54594b9f7327392b64b830b0d2ca6cd09d56ed4626c85f099a02d72ba84411fc77d1aa61ba22bccd67f9dd08d92cf3c99f7c95ed75d3cced0c6778", 0x85, 0x7}], 0x1000003, &(0x7f00000004c0)={[{@dots}, {@nodots}, {@nodots}, {@nodots}, {@nodots}, {@dots}, {@dots}, {@dots}, {@fat=@nfs}], [{@obj_type={'obj_type', 0x3d, '-@\\'}}]}) [ 3069.724623] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. 19:37:30 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000188000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3069.748448] loop2: detected capacity change from 0 to 512 [ 3069.770672] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3069.780607] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3069.797896] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:37:45 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x48002, 0x0) linkat(r2, &(0x7f0000000080)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00', 0x800) openat(r2, &(0x7f0000000040)='./file0\x00', 0x26300, 0x2) syz_mount_image$nfs4(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x2, 0x4, &(0x7f0000001540)=[{&(0x7f0000000300)="cfbda9184074b58753d660c7744cb24b42bf96999cfa0877569b1bccc3aefddb1a6dbbb72a0f50ca61d795521ff2b3d68cb842739407d9ec2cba03b69f2ee7ea96a6f6b883d68bc7b956ea55dd0ac786c9e009d72992993cf162e9f7a868e3d1033924e09281ba8786b13d62155f4ce85c8e23e623f5acb2f088bf34764fa2c9938abb54ca6a708fe24b2f9bffc00752d15c", 0x92, 0x2}, {&(0x7f00000003c0)="f0f1ce5c7685fe199348dc3559bd66a710e38267947ff02d70dccddcbfad8db45490a408be887398ce96df1af68459f373761ea2a86a3b9325c202e8b44da8e320c6458f1fa66bf749812f8fd34391d5af026c62f84714ddcd2f175ab48835340e1c28ac93186814552ed8c08a91ea39f8fe3e7df742db795c168a57774c6063b4f00a927cabf50063824385cea43fc9daf1997cd3ae1a2f2aa99cae19264dde2ccf0cefe832625b9b3c753c13ae9dae275d95c2acda90", 0xb7, 0x1}, {&(0x7f0000000480)="dabe20859ebf832e2e6847a06182b1e729c0be179d4ffc73b67bb3fbf185b38ed2aae9473095b82d5d1b237db710bae17256a786c00657a83abdb65f26889b9e87bb88fda4d8b0b639c561d84f84b3c30b25600139f0528578ce4d82d283afabb9ca150b809aa27f75054588cf44823312dd64d3c7bb735e1b538b117b26dec1e872fe1df6b778e115b75feedec13b3a8c7d6908279cdba199412fb74fd58a9f4600f11632007a6fc4db8a29b7c587076e2c5aafb718782cdda31640028f5af0a6cf97d96b3a5ff128219eb64b86cbbdab116cd0bdef4142babf2f50ef93fdeff2407453c06aa82cfedc068af08a4ba05b13c85785f4cdce9d12a328819e999cad31da5f60997a3faa4eb3fd1670592cc0b01ee8f9eb71cf70eefee13d5b8a283ec5db8ada4c4cd78d23376a2600d57eefaa3f3b6722488eba165e9612bfe9a60e2d5a5d26eeee413fe0b46ee3fc146357dda6dddbaf9f367f19cf3801e21df0b56d0f58aaa1d42389b1f32d15543d37316a077820dfe68bdc03282cabc4f135249b9c984a175d3df1a50fdfdce6976ea433a2991cb7becab3725b3a787a376bf17c6e37649e22daba2c8a0ceda993f14657e3747dc7806b9d35b75806767214bcc2bcffb876a1ecc4ab39f55af814b3e41a45b57b13a49b844ee4a09effd373a1cbd8b160dd96ad3a04405fe0c3d68ec4a242e1b6b9b1bd0acb0b1ee5a41381d46a2ff003190c35e3f2417be90b3083d6a62f19dd58db55b807643e548dbcba8f74a0297a759667d0d47041660b00c9f218b77507aefa6606b8cdd3193f27225c1b7a4c2b4f55abe95653d3d3266d8755368aef20d2c97f4b23b6b0138869ee217863449c5eddce9ec7b930bab3c947b17385aca8a6148a9f3cade4b2c8e210e11bb2370dd90d44a6ff81e03c66a6648bcb215d9fa1c098faa805356878841f292c304771cc6df78f144baabe2c3d4291527ea728b6239aa808af5d8f9d544cbb5c62630e2047f670e2be869c89aa85f2209684ba2bd4bc4050bdb51c39bafc26e3373b6df3f5ba52e33cc262da3a60f00bd4ff4d3b7e2fef6abb90356a621d8fb6b875e23128769894f5c2e36cac81ad2f1ae7097c45e9d8f933430b43fcd7526e7f9b533c49047656bdafc51f4b68cbfb455e19bcb85126ff2460d564faf30a676c77dfb0daf9430d43be5e65df823625730040f81ef2bd8c7ed4726cc31ab83096eb899a1174cdff20cd206cb4299f40605c300e2d4ebd9da8f68c44dc070c8dfe60f9f57ea2aed6a7d4e48847d2ba2157195a5667c75b0495939f260db491e629484c8ee3ff78ae16e8317cdbdcfccf0a0bf71102ec115f4c4c8cdc1cf3b0a0ab2948fddaad4c9b35c4b1cdd485b6c2d48343f5ab23fa990f694b8ebece218fb9e19c1868c6624f2f999bb4a75f2fc97c54f22bbea92dae1eb53c99452cdc5e43389d6f15395b7977a939c85ba974732b363d629cc6ab50edfb39558168446a2ed25daa690a9512ef8e3c1ff7e0f19724fbaff8d7ce535bf75caf9992ed34a4aca53baf69f256665e0423abf3bf954c492331916de4c54f2b286272e6b4ed651677194d2e01e5ff0868e0a2ef99c0e849734364efca7b323e755add26449e3f6adad2c775fd222ddf0f028c0ecf20c402050ef45c855b7caac0130baba3ed356e8269b001501daed769b90cae62ea1cd5491a150d2f232f5f29709a6bfd545f14a76ad4e0a1b3ca9007005623ce66354c53d05d8779e9fa7fe88d94ddb5a068fae25c503a51237b794cd0f1f24a9a43ec59825cb0636e678497111fd3d18c6011ee205f234dbd7858dde17adcd67f5b056beec10abe410bd607468d151605d6d73a5685590da969d68a85e3db7389daefe9fd3266a95a52c70cc7f71b1ec329d391efa4b32ab28f1d5936eaf983f808a4fae1bade585d12f6946e86c982754ec22c555a070679ba110e950ff494e3074c1ff35e3707fb194213acdc79420840849caf8d69662039e20394a645f240e49e83978b189cfd468eb473fc7f18378d3ce2b6e8ed9f929e3a0925f38ee1c96135af7a87a3bfdd9c8249d57c26669280085ee42c8ada2e44fc809625c40a3eb4bc45b598229d3f5cc11c4bdd5e305b659645484e00364f90ce6370d46698d7f7825439c3189555b90f1872dda68431c48b39e7665b29128550b614edfbd0a1966c0800234c34ad0ac5e5bafe6d8d762b844e69c86e575977cf87d41a13ccd8d95a1a3002a953a6b8d3211844b2fc0342bb8b0166f9c8f989ec62c06f564be7407dc5bdad4de0d8d1455af37c17d5e13b40426af7f43ad1d4bb305dc92f3df6a185008ef120b35666b64b64167738fe12d9aaca5d69cd19eba77f33a4bc6bda2c3b3395875cbcc11895929c27937996ed8ada32007e6f025c4bb16066bb156580b16d7324ccb3eebdc79c7b0ca87b46dfd84efca88988bfe50563ecc416e74fdcf44bc3d4f7050c6db9575dbc69634aa88f8f0c2b9545ca1e6bc3a85aac7ff55d6aa439a4d45bb2f951e26f1b7854ce457aeb043b1335442d22c925213f91a0070da64ef4967e5871afc15180eb5030b63dd6dce0c500ff3d11c53cdeccd4c3c37e54abf0425851d85f5c1cb2d0b335d2bcb66b6a53ccce2004a3130b8e4c3fef9b3ee8b2c967307e21fe829441e2abf82f9e24e0fb0b5831ae26d4d0529730e7a72f0374b63645a7db01bd72df3414cddbdc85e7ffc91d2df03c2e3f890113edfbd7dd3006c31fe1f76f764fc28095adbe2ad848b10e4cdf72cc7c95ab8c823ae76c941158db81f9f0b93829e9316427ad06c77a2a466e00cc5cac6fa08b8393ffccad34af85a202f9b23f66071e27d379a3d92d3a173fef704efda3afaa47e82c261a25c7938b58d2dfc02872e30c3140218c274367faec0377d5fdfc41b503f4f573a7faf0d2c777f7464c88d212a966f2d3d9cfc5c354f145e6158a2905ecfbf26eff7d045cc1595da29a0e27395909c7a2ac2791e9203ccf31824ba7abb727f57a8300a985de397781ba8fbf10ca2883a544dbdced803436ec7e64e37817012fc27115a8151d166824415dc9c2b43610f872cc0fad142fb01cd03fb80e6fe70bde2e3ba581f04f0880e03b8c43cf79fd3ed6f9ff4d0c44b8dfcd9aaac113727bd7252889e091396548946b8dc8c27c5264894b2aaf3d294d836767dfd2e9273cf8e72e81ac244b307324a89e9e5c3ec9291601c97049812d56fcd2e14a62060e2b35e9fc30d5810c76911c4597d2c25f279894c9efd60a32467c3dd764bd9eb34559da3224c2897e837d7943218e52f19efc30bad6d82a64bc5c33d7af06f429c6cadedc327cac4f025078d4d2957b071e04444823c88502b74f190485a4fd436b7707d98b3a02abeba9d719ec26a32b308eb944d7a7a75e98c14b30c61e7077783bc3344d9c4185b6d7ce9499b6eede0f887114e527e35246f116218c4008e2013aca1de80c714c62ec84748acb25537631fa09c6869462140e2d7a7cdf0e61b0083d297e6f0bc64c20af46a2f0b2975cd23181bb8fb80e369b2b9c7470f280c61abf90d28b3fe7c0629c7badadc6ad24f7b04bae9c61796ffc25bb8c9a331bfa30da21aa67b8f87c187c678f098ddf57dc4436dca2a1fda2211e9f807f3e5770807316c3e090435c2fada2fe11c4662e709f4832f11f36ee2309fcd7205bff254e81d3bcd08a69cac37a5aab28a9ce5601e21dcba2cba9f2b1fac0bdffbb952ce597d0a1f5a7452a29332635c5c58a6aafde02c68eb2d8a9e8ea8d1de11b16d32b7f8b0c4e9fedaa20935dda2d114450470086893fe2289b4001d38095a95cdd8d8dced53f8486ed55184f7a9507ab8e29ccb43e24dca2cfad93302cb1c0a0d677db80e8fffd151ca4ce3e45a563b3a58ce42baab2a6f745b103285da4207408717b479fd1f8dd509464ed51aa81ebf392296ca5013b5bb7001aabea95b9a4db5f9c323bfda5e15aab89698b069872f2f330282dee2098c517c33e7b018464047f6624c81608ea920daee661fdd1a2e0bbaa2353ed2e13aac30f808b264dbc4d5cf14b6d7e21925a96c2a75816ea84162617f11c3dfde1659ca5c5bdb237d40440fe12f24caf413b0ff79192805ee32ec1af87a7ab28eec1680097e4d4790ae345e103c4500d3555222c0b1b6fd2b91304e5566336b25b49def84363cf56d70e2f243202358ee5781315d468fc9cc76122d5b0965b423cd5075a9ef378d97323950257ee40d0c84ca6c78056d0ddf12e8fbbb2288f5d95d668d5955db61ddbef68c131c8ec385ccf13459ddf4c822ffd7a86616e82243fce66b5f02e5a8d8225beb01179174e9d473c74a57610e82fd6d66962b8d060baf0882606489968487a301dae9838b56cb8755d652f2d99e037360021b480243e85bda92356547d98bd9f4c7cae92d4ef76473ebc2e51d371b3fea7a0e8cef8918e7f524f428c32e4b4f147c259d5367af9e20434ce4a918eb14877dab5944a516359ae7810d1d7ce63a1d7726737ee841e6f0affa9a83aa87a828e14f4e387fb595f1f032c766ff70794d7a126eea07d1fc438a36b0d9dadd9f04defd5cedf809672d4d3d32492c9acf9f376a53ea06c65092e8f64b80243230297c9e6a0187ab03633e46171e6b11cad1bc701c77c08b66ac5afc26efa6e23efef4a71aa14d39dd0e7c63288a85fbc8a485ba0f3091295e7b5308636051babf272ee3656ba1d4bdb6ca15737b0bea6b1565162b5e67d5ebfc66babac4c0dd45e5bc8603e30fb1dbc9dbb094fa2a151b37da0f3ac5d74d3eaaafaced83f712be60cf27eeaed8cef91f22951e7f6afd05030e39e8eb0523c18e8dd55dafe24d8e41a75b17a6dfb91bd217f3653af960e176d3ff1bd7fdc5f12401075e174b88a0dc52a60964b99472def9626f76588056ccefb921675e1921b07771a16fb851d1e86f4df24cf051ac58af655a3e2a1eed803403c84101a8f8e0366533107c08b5c819a22ce2c62d566a01263dec3e68904055c1af3d66e9cdc424f53332af9b502037ffeb323c6e6aead287e1946089d4722f280ff908ce7b3a550c3cf4f0a82923adeb7e22fdf19ef85a8a85fa929b1ae49612f071e06c3135bc2713428df4d62637fe0bf4bbce533552322c9873b76959023b4999aff0f635a7c078c7f9f1bd714ec2217eb2cda88dbd9545b5b652fdbf8860acc8835c96436683a3917cc853ab3e8b4ff48a0da621e3176bd227954f692b2ad67e72670ee2250adcf34e7cc0e3921bf15fc049a08359764f37a3158d78a74bd3585c1e086ea1de8fa681886ad0cb7ca8aa70460e46a49044cfab07664e1e0c9159fc9e81efa5941e73193ea65b3b8d587d673743e0614382bff6b6262cfe9d210524ad2df664abb9e863d681719fa3fa1ef2fcdbce06ec6c32a328e8da42a6d9e30438b1f5219361bc720f9eb37f7c05f8027febb8678755599fc037508e01c574f95e8477eea61aba3cc2b487830024781ce3cf7f7bc3458e6448c682a64465dc80127abe317921c37aa2b65e001cec96c38d0f6298c04b0ec3c296433b5df2c2a801390b9610f5a760657a1ca2fdcc4e9d31035058e9feaf8be7ddc8b159d9a7ca75fa1cecaddc3cbf7d7afbef3f1de6205e30ea92c9f4f71859a4aaf2cce1d8acfee4403036fa464a51864c9085eaac27453d3af3c05dea93969b690aa457adde41d49c2c0240370d39490d9925a37113086099e30adf07d3fab57a4a47654643585b44e7bf6ace48a78278d2f7f1daa9978c2768c4120268baa3712ac10b583814bd533fa", 0x1000, 0x1}, {&(0x7f0000001480)="834e3da44a081615a8bc18bdb5f8fd2c747cd07a10b50221d9a97d162458850f2aae49ba24fc895ae2c824912cd131a59323d8b61eab7f474bef5e519b4790e829186a24aeb0d5d46131d825d5f24d5860015e5553eb7547ed5c54ba6ece6442eb980f0b436f993962c1b88427b5a102f937fbcaade76bf877c2c8ca4521e15b6c", 0x81, 0x8000}], 0xdc36c3f0d8fc197f, &(0x7f00000015c0)={[{'ext4\x00'}, {}, {'ext4\x00'}, {'ext4\x00'}, {'ext4\x00'}, {'ext4\x00'}], [{@smackfshat={'smackfshat', 0x3d, '-$X{'}}, {@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@dont_hash}]}) setresuid(0x0, r0, 0x0) 19:37:45 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="2000800080fffe0006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:45 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000300), 0x40041, &(0x7f0000000380)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@debug={'debug', 0x3d, 0xd03}}, {@cache_mmap}, {@cache_mmap}, {@cache_mmap}], [{@smackfsroot={'smackfsroot', 0x3d, '\\,}}]'}}, {@dont_hash}]}}) setxattr$security_ima(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480), &(0x7f00000004c0)=@v1={0x2, "3cc02c73ea0b6b5067fd1b0b"}, 0xd, 0x3) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:37:45 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xc5, 0x0) 19:37:45 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 30) 19:37:45 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xb0c3, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="2000001c8000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:45 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 29) [ 3084.038451] loop1: detected capacity change from 0 to 512 [ 3084.047885] loop5: detected capacity change from 0 to 512 [ 3084.052201] FAULT_INJECTION: forcing a failure. [ 3084.052201] name failslab, interval 1, probability 0, space 0, times 0 [ 3084.053462] CPU: 0 PID: 15433 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3084.054341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3084.055522] Call Trace: [ 3084.055803] [ 3084.056059] dump_stack_lvl+0x8b/0xb3 [ 3084.056480] should_fail.cold+0x5/0xa [ 3084.056895] ? create_object.isra.0+0x3a/0xa20 [ 3084.057398] should_failslab+0x5/0x10 [ 3084.057815] kmem_cache_alloc+0x5b/0x480 [ 3084.058269] create_object.isra.0+0x3a/0xa20 [ 3084.058740] ? kasan_unpoison+0x23/0x50 [ 3084.059180] kmem_cache_alloc+0x239/0x480 [ 3084.059640] __kernfs_new_node+0xd4/0x8b0 [ 3084.060105] ? kernfs_path_from_node+0x60/0x60 [ 3084.060605] ? selinux_sb_statfs+0x1ba/0x250 [ 3084.061074] ? find_held_lock+0x2c/0x110 [ 3084.061522] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3084.062107] ? shmem_statfs+0x1b3/0x3e0 [ 3084.062528] kernfs_create_dir_ns+0x9c/0x220 [ 3084.063017] internal_create_group+0x782/0xb20 [ 3084.063503] ? sysfs_remove_group+0x170/0x170 [ 3084.063980] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3084.064528] loop_configure+0xf2f/0x1a10 [ 3084.064979] lo_ioctl+0x932/0x1990 [ 3084.065353] ? __x64_sys_openat+0x13f/0x1f0 [ 3084.065817] ? loop_set_status_old+0x1b0/0x1b0 [ 3084.066296] ? avc_ss_reset+0x180/0x180 [ 3084.066752] ? __lock_acquire+0xbac/0x6120 [ 3084.067246] ? loop_set_status_old+0x1b0/0x1b0 [ 3084.067740] blkdev_ioctl+0x356/0x7f0 [ 3084.068151] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3084.068680] ? selinux_file_ioctl+0xb1/0x260 [ 3084.069156] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3084.069757] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3084.070262] __x64_sys_ioctl+0x196/0x210 [ 3084.070698] do_syscall_64+0x3b/0x90 [ 3084.071103] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3084.071652] RIP: 0033:0x7f2939f018d7 [ 3084.072058] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3084.074007] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3084.074819] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939f018d7 [ 3084.075585] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3084.076362] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3084.077120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3084.077885] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3084.078652] [ 3084.081905] FAULT_INJECTION: forcing a failure. [ 3084.081905] name failslab, interval 1, probability 0, space 0, times 0 [ 3084.083184] CPU: 0 PID: 15438 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3084.084081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3084.085294] Call Trace: [ 3084.085570] [ 3084.085810] dump_stack_lvl+0x8b/0xb3 [ 3084.086226] should_fail.cold+0x5/0xa [ 3084.086637] ? __kernfs_new_node+0xd4/0x8b0 [ 3084.087110] should_failslab+0x5/0x10 [ 3084.087525] kmem_cache_alloc+0x5b/0x480 [ 3084.087978] __kernfs_new_node+0xd4/0x8b0 [ 3084.088447] ? kernfs_path_from_node+0x60/0x60 [ 3084.088946] ? find_held_lock+0x2c/0x110 [ 3084.089385] ? lock_release+0x3b2/0x750 [ 3084.089821] ? kernfs_add_one+0x3c6/0x550 [ 3084.090272] ? lock_downgrade+0x6d0/0x6d0 [ 3084.090730] ? lock_is_held_type+0xd7/0x130 [ 3084.091205] kernfs_new_node+0x93/0x120 [ 3084.091645] __kernfs_create_file+0x51/0x350 [ 3084.092137] sysfs_add_file_mode_ns+0x218/0x430 [ 3084.092630] ? component_del+0x4c0/0x4c0 [ 3084.093080] internal_create_group+0x322/0xb20 [ 3084.093575] ? sysfs_remove_group+0x170/0x170 [ 3084.094067] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3084.094618] loop_configure+0xf2f/0x1a10 [ 3084.095081] lo_ioctl+0x932/0x1990 [ 3084.095459] ? __x64_sys_openat+0x13f/0x1f0 [ 3084.095921] ? loop_set_status_old+0x1b0/0x1b0 [ 3084.096419] ? avc_ss_reset+0x180/0x180 [ 3084.096861] ? __lock_acquire+0xbac/0x6120 [ 3084.097359] ? loop_set_status_old+0x1b0/0x1b0 [ 3084.097860] blkdev_ioctl+0x356/0x7f0 [ 3084.098268] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3084.098791] ? selinux_file_ioctl+0xb1/0x260 [ 3084.099268] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3084.099691] loop3: detected capacity change from 0 to 88 [ 3084.099855] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3084.101462] __x64_sys_ioctl+0x196/0x210 [ 3084.101906] do_syscall_64+0x3b/0x90 [ 3084.102235] loop2: detected capacity change from 0 to 512 [ 3084.102314] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3084.103923] RIP: 0033:0x7f9ecc2ec8d7 [ 3084.104329] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3084.106285] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3084.107089] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3084.107842] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3084.108609] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3084.109358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3084.110114] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3084.110884] [ 3084.114289] loop4: detected capacity change from 0 to 512 [ 3084.116650] loop6: detected capacity change from 0 to 512 [ 3084.117407] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3084.121361] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3084.129300] EXT4-fs (loop3): bad geometry: block count 128 exceeds size of device (22 blocks) [ 3084.131246] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 3084.133404] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 3084.148934] loop3: detected capacity change from 0 to 88 [ 3084.149046] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3084.155911] EXT4-fs (loop3): bad geometry: block count 128 exceeds size of device (22 blocks) [ 3084.162784] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:37:45 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="2000800080feff0006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3084.188584] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. 19:37:45 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x20000, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:45 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 30) 19:37:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="2000003a8000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3084.250088] loop3: detected capacity change from 0 to 256 [ 3084.281430] EXT4-fs (loop3): bad geometry: block count 128 exceeds size of device (64 blocks) [ 3084.333627] FAULT_INJECTION: forcing a failure. [ 3084.333627] name failslab, interval 1, probability 0, space 0, times 0 [ 3084.335927] CPU: 1 PID: 15461 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3084.337549] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3084.339762] Call Trace: [ 3084.340295] [ 3084.340738] dump_stack_lvl+0x8b/0xb3 [ 3084.341512] should_fail.cold+0x5/0xa [ 3084.342268] ? __kernfs_new_node+0xd4/0x8b0 [ 3084.343134] should_failslab+0x5/0x10 [ 3084.343907] kmem_cache_alloc+0x5b/0x480 [ 3084.344781] __kernfs_new_node+0xd4/0x8b0 [ 3084.345630] ? kernfs_path_from_node+0x60/0x60 [ 3084.346554] ? find_held_lock+0x2c/0x110 [ 3084.347374] ? lock_release+0x3b2/0x750 [ 3084.348187] ? kernfs_add_one+0x3c6/0x550 [ 3084.349010] ? lock_downgrade+0x6d0/0x6d0 [ 3084.349841] ? lock_is_held_type+0xd7/0x130 [ 3084.350736] kernfs_new_node+0x93/0x120 [ 3084.351570] __kernfs_create_file+0x51/0x350 [ 3084.352482] sysfs_add_file_mode_ns+0x218/0x430 [ 3084.353501] ? component_del+0x4c0/0x4c0 [ 3084.353886] loop5: detected capacity change from 0 to 512 [ 3084.354570] internal_create_group+0x322/0xb20 [ 3084.356406] ? sysfs_remove_group+0x170/0x170 [ 3084.357363] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3084.358046] FAULT_INJECTION: forcing a failure. [ 3084.358046] name failslab, interval 1, probability 0, space 0, times 0 [ 3084.358388] loop_configure+0xf2f/0x1a10 [ 3084.360399] lo_ioctl+0x932/0x1990 [ 3084.361095] ? __x64_sys_openat+0x13f/0x1f0 [ 3084.361963] ? loop_set_status_old+0x1b0/0x1b0 [ 3084.362872] ? avc_ss_reset+0x180/0x180 [ 3084.363696] ? __lock_acquire+0xbac/0x6120 [ 3084.364644] ? loop_set_status_old+0x1b0/0x1b0 [ 3084.365554] blkdev_ioctl+0x356/0x7f0 [ 3084.366322] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3084.367256] ? selinux_file_ioctl+0xb1/0x260 [ 3084.368153] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3084.369258] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3084.370207] __x64_sys_ioctl+0x196/0x210 [ 3084.371027] do_syscall_64+0x3b/0x90 [ 3084.371774] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3084.372824] RIP: 0033:0x7f2939f018d7 [ 3084.373561] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3084.377229] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3084.378732] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939f018d7 [ 3084.380152] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3084.381545] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3084.382943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3084.384510] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3084.386222] [ 3084.386673] CPU: 0 PID: 15465 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3084.387560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3084.388743] Call Trace: [ 3084.389019] [ 3084.389259] dump_stack_lvl+0x8b/0xb3 [ 3084.389671] should_fail.cold+0x5/0xa [ 3084.390078] ? create_object.isra.0+0x3a/0xa20 [ 3084.390566] should_failslab+0x5/0x10 19:37:45 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 31) 19:37:45 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xc6, 0x0) 19:37:45 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000008000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:37:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000658000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3084.390969] kmem_cache_alloc+0x5b/0x480 [ 3084.391610] create_object.isra.0+0x3a/0xa20 [ 3084.392090] ? kasan_unpoison+0x23/0x50 [ 3084.392510] kmem_cache_alloc+0x239/0x480 [ 3084.392954] __kernfs_new_node+0xd4/0x8b0 [ 3084.393398] ? kernfs_path_from_node+0x60/0x60 [ 3084.393881] ? find_held_lock+0x2c/0x110 [ 3084.394304] ? lock_release+0x3b2/0x750 [ 3084.394725] ? kernfs_add_one+0x3c6/0x550 [ 3084.395161] ? lock_downgrade+0x6d0/0x6d0 [ 3084.395596] ? lock_is_held_type+0xd7/0x130 [ 3084.396067] kernfs_new_node+0x93/0x120 [ 3084.396489] __kernfs_create_file+0x51/0x350 [ 3084.396943] sysfs_add_file_mode_ns+0x218/0x430 [ 3084.397421] ? component_del+0x4c0/0x4c0 [ 3084.397847] internal_create_group+0x322/0xb20 [ 3084.398330] ? sysfs_remove_group+0x170/0x170 [ 3084.398798] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3084.399318] loop_configure+0xf2f/0x1a10 [ 3084.399765] lo_ioctl+0x932/0x1990 [ 3084.400148] ? __x64_sys_openat+0x13f/0x1f0 [ 3084.400594] ? loop_set_status_old+0x1b0/0x1b0 [ 3084.401061] ? avc_ss_reset+0x180/0x180 [ 3084.401495] ? __lock_acquire+0xbac/0x6120 [ 3084.401971] ? loop_set_status_old+0x1b0/0x1b0 [ 3084.402442] blkdev_ioctl+0x356/0x7f0 [ 3084.402831] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3084.403313] ? selinux_file_ioctl+0xb1/0x260 [ 3084.403773] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 19:37:45 executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) r3 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x48002, 0x0) linkat(r4, &(0x7f0000000080)='./file0\x00', r3, &(0x7f0000000140)='./file0\x00', 0x800) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r5, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {r5, r2}}, './file0\x00'}) openat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x441, 0xe0) syz_io_uring_setup(0x1dcd, &(0x7f0000000300)={0x0, 0x5b19, 0x10, 0x0, 0x1c4, 0x0, r6}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000380)) syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r10, r9, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x8}, 0x0) syz_io_uring_submit(r7, r9, &(0x7f00000003c0)=@IORING_OP_WRITE={0x17, 0x9, 0x2004, @fd_index, 0x812a, &(0x7f0000000580)="3a906730e3523fc38b908f6aac1c269e9009a4e78df349ed38492dd742b11143c6ef282d9c96e3dea7228bef4ec229583dd21f38cfb34379ef1585a0c24e123cea8175f02e71baa7bf20d16171c752e36bad869016083c1c8a057b59ce3b52f579c49e56155bbffb5e958519a132a2751268a71838650e8323f636be8a491d823c665129ba4a5e65ccacc6711ab383ab1f262c03bcac6a59ae110b3be62cf4fd90c8254dd924d90f6d591dd435c726b7410e7115af8e43e754de2c01cd3642600bdcc5547fb3b99554ea8762e6885fb8eee1c00d967c0238aa5fe76d120536238271846ea7848cda58795d83a0f368e0fabc95ef75ebe752843b1ad2b0035faa4d7dd64eeccc91479e152de7ce6cce3912006dac656d5a10046fad939bbae588fccfabbb0ebc3e04403fa141c401194e0932dbc4af4152b937772e8a3a071003920d0e48339d75a76dd30d7d5c06c44a223593eacd23a17e4fa8d18cd9a895be2abfecc8a34d44e3cf611c36a44d5f88d46b7c0dcae0d204064d8d8f1f2f677505e04121e99aa059ed6ab417cb50fad50562a4b73ea925b90771c69517081eb70fed8bcfca0587b3a11e1e2e2a0fc5d061b20c53ec337d4e9ed66298bc1d46cb740cc92b764e56062bc50c7278e9b0cba96e8165ec3bc3e73b56ad270acebdc5d24d26f313e157832abfc24264793a879ab734017a759a9b1683fd4890709fe3124c60f62a569f29db060d848858648c57a8f56d931f11a584a3520f4b4485febf5e93a847b23c8ee9c8c33835cb7b9917a7946bd253a42a936f9ce654d083a32dd97ba740b1b6778c68b0fc4dc04197aca40b406dd16d02b8f9071917e37afeda8a65763c0de62d0fdf127ea8004626c7cea779bcec3a7d2cfd395fe8b6912677fc9818a4aebe7a27923ddb514987a548241911d52c138f6e720b7766dd8de4577b53d328f851e5dad8d3385d6aeb8964967ea1d8062112b81d77ec6a7c043e95000821afab2fdce323ef03cb5e9358331c24019185d279fd618497bb966bec31fb973caf4ba08f9402c7c7da8e79ddecff51e3a07d3a069436faa86e5976ca50c0050e26538407f43457330fb727e0f2836210846e3df4080708dbbacbb86f681dfd75214cb5658f0c063897aafd73df7f6c29254aebe6edd035d53d6beefe0b9c153bf05f2efca3f0f23ddabcb17e60c3c9f19227043ab3a63a6100ac6a8f1482f2f80cff190c18e5e1d585e51d8dff4736cbe4971deb9cbc72ae388e8843f6738ab535faf17bbcce3efd6001059a5853c14859f767f6f1551d77e2614c1ab3566c4caf4ad480627cef687d2a27af19ea6521f6ca77a18dac65ade0f2281549515f21ee1ce9f174d5531c3ac905d9aa110dd30282b0352a70b20f3233d49839753e0e9b31debfe4b2794fe8b56b714fd6b2d6e6d504a7015a98ded0f94589ca77cf1be82831dc24b36425b7342ad87c5c14f142a4a223de56cd135055829cecbcaed85eda7469ba147980c46a9662ddea82eab0e434f0bb3c331106556fcfc10673800b7dcd15a6af13994f78f289b5409e8fb08afa447fa13983ad79a0c3cac1b9f3473251df41c12ac3b96439c1380af086181ea49db06af42c1a0ae3ddec93f07e7d202506b35ff5a77ab427a0ea8ade5d09da2484ea58b492cee4a53274d4fa01fa106ef35ea2526a3724f8f8bebe97da1e1d4d8c7a6a95074cf829023a7f61a22eddf78680a02a0dad2719f0e4f1ca1b0e299a16eead343bd3cbf07cd64329b181c0fcd7c7684c0458bad81cbc5387133aafc14d31f029df2d759ac2eca2a9dace37bbdf80d493f549bb83aa1f4818a7220a3aeaf99c9fcea2bc73bfd9857ec39d71808546cd5a9872e3aeb6b811bd405e315472ca3fab35173057c85d752732355074c9f383040e9f80325ccf12ea13fe4583624ca15882f3c6434249bb4ec4e33591ee79d7d4483ad45a92462cd13e61852659e6499de48f71d3a2de357f11d3cd8334a9b6a38cd7177ec35d58bd15c8690613d7e935331369b2323cffc6cebc37d6c875dd968e4e7f6205f63dc68d29fe4b229a98035217a2b30d7bb1b7a4da382965715c3f1bec6a85294a714a45394bc99443f34f629b366a10636ea70016ffa456e42cab953cd86649cf978b83a8e8b6ed2de4e02f65a5d58b73299f375e0e2f24c92159a7095424b3ad51c4a0a545d9488be58173e871d1ccfb7f6a07c40cfbafbf4cb8da98a7951dd1e65880454da6abf6f9dd8dcb467ce72cf61f59723cf13924438f93eb82a1a69e0f4b0d083af875238b61d407e509fdd39e2ed33c2f22a815b0c610b61d9ec09e5dad906885586f4546eb249ebc70474ef5053018d6eee16d5fca614f25d3b18d612030f608be3f71ddc8aae247e73fc9d0d9c893967facc3eb8384ab06f26873da8f7659b67c5669ae604308ef432cc7af300dbf7add8ce4c45cbcb75063eb186b37cfc27ed5d9d066895a25d04771bc3aefc8655f527df4399bc916c3d6549a42cbb0da3b838faf98bf7979e10ada1eca99869417dc14907f4f17535e9d944a0a04be54ac9baa8e5e28a69f33565f330ef4f27e9dcc59e9b5f32f9a0162b6bdc69b78305e22e95df4888ba589236c60fb98da4041256e1342fd3648a462383ab40a5a093389232a4d22bc0885458d4948ea1a45c3197849b780aa908a902946ec4650dd771a1b44b57f68cc29dd77451c214a01e90b9f3da0de5d084c7329590c3563626d49b9201894e191a6ee3126b49455816ad1b2c276ec682a15a3b652b3e4d70e16f8cb4d1c6e764aef483c23c19f72abeaa5f52d3df69a186282895999ed9293e6d3c3d681a9eb2e8bf34121977c0b9d46b37f9073f36071a493a4ca7950b8326c722a66296cae32c9f61354611188e8b103f96c45270df9dce70117e457c384df3a76ad93d266b9066b194602afdef67e110d06ce791510255da0d07e532e3d4731104c38188f650511c62565c6b177d5b406160889c4640bd2f304ec7e41c2f72f5353f37163db1e2fd562daeb69693857534483f42c102d39f2df0de88f601e0ca55ecb2a681c62578ba8b0f30a5cd826d968fd8f170f6247ae5e9e9c6798a89401991b2daaa484349f207866a7a053a66dfdafac8064324d8c4072c29c9079dff53d244af34e341277558086200730bf0e7b142c2494e9afe79ad15208f8045aeb3c1862955788a9d07f5fca066982c74123a0e3f911023c80a341c872135c85245c591dd5a859e35d75a442e34fb1183615e9ae17b4253169eee3d86a3e64076ca7cc882ffd3c09aeb048f2173e616b1f3a0a4f89b71df283857ed1715dcc57e1738f289fe6589619dbc047b98d8fc42649e7012e523c5aac09f015a1edfb64639fd58203a56ee6f0be9e7312599e0cbfd2a20bc5c179b27ae066993f1504e2e6b16d299460678d6c00d3ff662d2c78f55b52fbc56a7e191551432924687ec283cef08935a033cfa8a9f678dda9be17a8449651764e07bd6f532bd36fdb2a77d0bb1f6bb505a9c096d52a8c0760aaf229acbecfdb7ede5d59649cd06497214c03c3fa7cf94e7160f504bb1b54f103a3988b1b766be1cab202ddb4c22c73b23be85ab882749fff336234379749dde40e489a48c148ea4c1036105a7b50fa487c66528360f806fd61552a8d568455e45a35aa9e67a0927fc662489edb85fd122542a0e4f67e14aa5f131b01896fb7104be85567f09a437afc61932b78792500b92b50b59634f7494fae0e1a78fd52f0f4d1a9c6e37bdf8d70fdd41561f7f29315ba53a509c5cc2d92f87c8f448fbd2711e9b42b833ab9bd085deb54023cae5e3cc52d73e160ca7c453e7a18f5a1f91d85d88c58b4ed417327d39528383bd4d8116b9bb6fa2c947edd1f493e943ca8327dbb54b04c7ce23e9c9fa4bdbaec266c5051f5d626ec3ed669050a58a62d3dbefbb40152128b5b9520bf94a123b4fc86053cb3b9c51bf01569d27b445c6380191f38970738e6a7ec8c73d5f6d428c3bcd94c6ce53c107cfdc365b6977a8280b956f87a7ea8f5e1b6e5fc267c954e88b0cf964e0d33be293c5045c112a54408c55348e384dd0780512a0255e3749ccb3d34a841733c98f327d77205d50fc82a3e37cf15fecd4a5a29b23d92e685b7625a5d9c9e32f6e0b8e83c2046c72ca0595db250c4a32ec0e2beb117764e01a15c15088578ddca699250d7e31d320e90cc738586ac2fa2349c24284e2f90b9e29c5e8024ae0e5c5a5c2763e571083b91dae098e30ea77bbca546f8bd85e37eaa418b182f297e45ace370ab9c73a324e7199e62aba3f09b916b57ebbb49337c0eabff42caa48b87b2bf2b3dc9b60c7fcc72142e49d3042f1322ad85bdfd4fb4378ef7eadb5803bc3d906883619e61fe34d2b5e6850a3cc1bbeeda56270187fb12a4cdbd19f2f778f76642abeab742d087522c485ab1c4781588db3f2dfa843f18f643adae0065f97d07b3b45f3aed2d5280da86cff103bc27e4035de8cc81260910a6a5895376f7d348bc7edccbe96adb9bbc8f083a05d2895f7e4b84bf214c2ab27e9f5334ba21436b42d2cc19ffbeb9b1a7fd5eec68770ee38fb26a0e96ab3391869ed53b43649a7debd23668a78d0cd3912f2aeb918a3be8cc2538fbd3ff2d24ef9aeb89176d47e9383f754dca733cd15274cd5bacb8fe6aebcd96f176e0d24655648f1f8450660db09566d43ed4762b30d8ce225979c825e6fed2f1ee4853a5837fcaffce31c491ffcdcefc928b5c6a0bb33f8ca5809f7b2c07271f594d24a12206db5c3128ff9158e0607fa8b438d19f81bf6c0583d48d86023f8bdbf6cd0d5768fb1376df682bf2aeba7257e8bf32167c45b5394ca06a932789550e15f00f5926f3b42e133824a769137f4704a7c3669f2008fc6bd98a2db8a4596138f28b6a52dd156ec3fcc5b0c40d96656655ef06c682d711c2a194954428b08e9b8af7e6503fd129016a35bb01b8401e5ed672c856b3d4088ebec32f29651dee5fef66312dcd5ce272422424ed6bff2773588bd73f5f8fb7d850059a50b6c44f6ccf52dad8edaa25164b4f41cfebc9ff06ad45ccdb11bfc1b9ed8a36fec4f68d2171d4ac5586dd7eb4d5f089cc6fda2d7f22343d678d727b8ad60a8abd53b27b3ccde8833bdcbdd151640f27c97bcb434167c304cea9ccf8c293577d142993fcb65f38136a264af4b842ffca50b84c0aa769e23ca13c00438a0216b0afab0a268e76b61df2d5497176dd09edf5c5ea5443e8a5f5df312f75e902127acf6b9a7b59a8748180921780f3d11c351770e62ae88a1ed3c404a28d834cd804ddbf92d57e5c989db4c7e8d18fc95548f47e15dde01c647db541438d51e56e92a3cd3967286f7d1752aa2accdcd67b410cf54e87cafaacf53967d22f6bd2c170a8ad8d4c5125d62b2b7319b0fb4392d86769b582081e765038c4562134f9da01acde8175339733e4a11754235b36d95d6d666c849af40203d6401867ba9ca215c2c743da5aa411ce29f0a5dfc2740f4aff0b1d25b70d1f5d50968876cfbc50dcbdbbf1ac1687bc2793ed2e1d5ecf43ece3e8686872e29011e28c80c3bddd29fd9d42a7945e4ced6207a00b31071b01e37fab3d9582f9826a5c7e7ac911f2091015151f3879e50bacd13c6258757b5bf2db4f134eb42a48f541ed979a5480581e75a34bddf8f6e187cfd87b81f6ae3e86bf50167a95b17315e369003571f95d7cd24a8d2bcef0768b706a6f57c6758dd7a623143e0eecd61c375aa695a5660433e6665686795565ffd34ed5962b3182867d3f", 0x1000, 0x1}, 0x0) [ 3084.404355] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3084.404977] __x64_sys_ioctl+0x196/0x210 [ 3084.405435] do_syscall_64+0x3b/0x90 [ 3084.405829] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3084.406374] RIP: 0033:0x7f9ecc2ec8d7 [ 3084.406763] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3084.408678] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3084.409465] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3084.410152] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3084.410837] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3084.411525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3084.412211] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3084.412912] [ 3084.432074] loop2: detected capacity change from 0 to 512 [ 3084.437313] loop4: detected capacity change from 0 to 512 [ 3084.440655] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3084.449541] loop6: detected capacity change from 0 to 512 [ 3084.450480] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3084.453005] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3084.474208] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:37:45 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40002, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3084.478483] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3084.493130] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 3084.545481] loop3: detected capacity change from 0 to 512 [ 3084.554229] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3084.557651] EXT4-fs (loop3): get root inode failed [ 3084.558181] EXT4-fs (loop3): mount failed [ 3084.588273] loop3: detected capacity change from 0 to 512 [ 3084.608687] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3084.611868] EXT4-fs (loop3): get root inode failed [ 3084.612929] EXT4-fs (loop3): mount failed 19:38:00 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000020000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:00 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 31) 19:38:00 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) r1 = open_tree(r0, &(0x7f0000000140)='./file0\x00', 0x80000) r2 = openat$cgroup_subtree(r1, &(0x7f0000000300), 0x2, 0x0) vmsplice(r2, &(0x7f00000008c0)=[{&(0x7f0000000380)="981b1b5d372447bfc50d", 0xa}, {&(0x7f00000003c0)="1c2d02d507c9daadbe86e248a9b7c67ddd3e4131fbcf10baca75bb34d070e3410ca0dd78bfa528fbdd5f6b530e30d4fba7b1226b1835176a4888cb8f48141ab1ba1735d26e750dd2f5f6ef0bdfc0ba5d1a0b4184c37a81e23b1ce895e1d47475726662b7f37babb797116a575cc8a3d3f4cc8810e808718fa3151cc4ac7a8129eb3b008100b4782deee8cb30f13091359df58763edc7531329a912f592d2a8599011080f60574c6113", 0xa9}, {&(0x7f0000000480)="f81ed3703a5452ea89606cbbac5d29fb", 0x10}, {&(0x7f00000004c0)="34d44ab2e74da9cf286d32397916470b9f2244860b436f4915c08bfc05302b8556522c87150cb5aaa722b2a66167f0722009925e19a6e71fd41f96697e3c9044159030272498b3d5276891ddc66342f186a23f40acf6727ea25d4b505048bcd27033564415ff805c52b3264bd8cba8ae", 0x70}, {&(0x7f0000000540)="66ead98e7501d1c5c7c3a007a56f942e9e9030676ee7d71f37746734bfc49cf5ee3a80da0171c5e6d743ff02eab358a49e11f89b0a0dcfc06999d42105d337c021c751e6579ce90f336f5d59c9e738e3e6adf69b97eee61e45c1966c8ac6c59dfab3efec3ebb6ae03a6a5d408ece498773e6faf6ba7e0ae81310d28dadcf74d9daef8076585b5ae174c6917e97c8051bdf3d5d54376e2569615d0520bf40214e8fdd42d4bfbecc4d3cd76a572715e873f3649dff3d2c2385643027586c34548b984ebc5d6f5dbf48a6ea9fe8b62bbaf95ec88fe2a84b480aa1d5cfa48e5f2071042896fb3ab5c52513dd53a2351baf3909a6b1ad9ec58d138976cef9d7bf", 0xfe}, {&(0x7f0000000640)="9ad3128444bc54e9f1c93fda7cff0d259d38a02221cd77dc0cce384e3f779fc7baac8e9f922f96e4450ee9dedbf29fcaf6045a88c0f7a72f81fbc67fc7f199d699e10855d5838af43909b86212731539e16c7ae135fc556341a0325570985b4effe30d05e076b1ad8ed6b11d44defb6f6928fdbe33b15aeb192b179da9da8b0c37607cd8f69bf27ef4e446022035d790cd6b2c2def6cc539d08e34518b958e2cc746cfe4da84412e0ed7", 0xaa}, {&(0x7f0000000700)="7b22cf8f91bb01aea6987d2d07fc8cc50a6fd6e12cf01367d5367af703cfb1fd455d9af8a509be839789599e087358f0800de3e728fc9d54a9710528c43fd962aad35952d26524a7e7fe9f2a245f42586035444d16fac25e518919b9a253502aecbed8b6507eb9a6f662b550e23b60e40f5d26cb84577442b737f6199d124dde709ec3606d81b607240d5c4888ff70811a324bc16883fde60b48f8773ecd37b21e36afd51a3d5a08fbce", 0xaa}, {&(0x7f00000007c0)="b77a5f10daff1270e17cb3fac318044946a1e99f37eb7e6652f5dcffae2615c39576ba3acd36ef442a6f8319899eeb1b15cbf54e789c04d26b8aa8b7048b5316ea193ae1579fe2b4c3c917ffa035962a581b8a6e7c3b2262debdcaf9ca02c47a614c0f4776d5bf7ccf766c8ee002db6e95cbd54d7e55d1d7e66e1e4fe8464c84b19f26d7204c1b6ffd6419640b50ea1c9f3c5d0c5f4b413c5f6ac3be0bce0a48837ffbb139b09c269224f1f424d50a814c742acc539ae24d5426e6e3b5ba40120f87a4b5840d9514c0db79ee9d4c553998671add6d25b5ad2da3bd4c590cc5be2b71", 0xe2}], 0x8, 0x7) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 3099.009118] loop1: detected capacity change from 0 to 512 [ 3099.012357] FAULT_INJECTION: forcing a failure. [ 3099.012357] name failslab, interval 1, probability 0, space 0, times 0 [ 3099.013570] CPU: 1 PID: 15494 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3099.014469] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3099.015676] Call Trace: [ 3099.015947] [ 3099.016183] dump_stack_lvl+0x8b/0xb3 [ 3099.016598] should_fail.cold+0x5/0xa [ 3099.017000] ? __kernfs_new_node+0xd4/0x8b0 [ 3099.017452] should_failslab+0x5/0x10 [ 3099.017849] kmem_cache_alloc+0x5b/0x480 [ 3099.018278] __kernfs_new_node+0xd4/0x8b0 [ 3099.018710] ? kernfs_add_one+0x3c6/0x550 [ 3099.019150] ? kernfs_path_from_node+0x60/0x60 [ 3099.019630] ? lock_is_held_type+0xd7/0x130 [ 3099.020107] ? up_write+0x148/0x460 [ 3099.020528] ? kernfs_activate+0x1c4/0x240 [ 3099.020982] kernfs_new_node+0x93/0x120 [ 3099.021405] __kernfs_create_file+0x51/0x350 [ 3099.021867] sysfs_add_file_mode_ns+0x218/0x430 [ 3099.022354] ? component_del+0x4c0/0x4c0 [ 3099.022780] internal_create_group+0x322/0xb20 [ 3099.023261] ? sysfs_remove_group+0x170/0x170 [ 3099.023728] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3099.024265] loop_configure+0xf2f/0x1a10 [ 3099.024715] lo_ioctl+0x932/0x1990 [ 3099.025084] ? __x64_sys_openat+0x13f/0x1f0 [ 3099.025532] ? loop_set_status_old+0x1b0/0x1b0 [ 3099.025997] ? avc_ss_reset+0x180/0x180 [ 3099.026428] ? __lock_acquire+0xbac/0x6120 [ 3099.026916] ? loop_set_status_old+0x1b0/0x1b0 [ 3099.027395] blkdev_ioctl+0x356/0x7f0 [ 3099.027789] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3099.028284] ? selinux_file_ioctl+0xb1/0x260 [ 3099.028752] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3099.029333] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3099.029824] __x64_sys_ioctl+0x196/0x210 [ 3099.030251] do_syscall_64+0x3b/0x90 [ 3099.030641] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3099.031181] RIP: 0033:0x7f9ecc2ec8d7 [ 3099.031560] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3099.033465] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3099.034285] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3099.035018] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3099.035770] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3099.036508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3099.037241] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3099.037999] [ 3099.044620] loop3: detected capacity change from 0 to 512 19:38:00 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40003, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:00 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000fe8000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:00 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 32) 19:38:00 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xc7, 0x0) 19:38:00 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x1c, 0x1a, 0x1, 0x0, 0x0, "", [@typed={0xa, 0x0, 0x0, 0x0, @binary="d8c9310200"}]}, 0x1c}], 0x1}, 0x0) sendmsg$AUDIT_MAKE_EQUIV(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x28, 0x3f7, 0x100, 0x70bd29, 0x25dfdbfd, {0x7, 0x7, './file0', './file0'}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x40048c1}, 0x4041) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) [ 3099.058431] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3099.060079] EXT4-fs (loop3): get root inode failed [ 3099.060647] EXT4-fs (loop3): mount failed [ 3099.069836] loop2: detected capacity change from 0 to 512 [ 3099.072579] FAULT_INJECTION: forcing a failure. [ 3099.072579] name failslab, interval 1, probability 0, space 0, times 0 [ 3099.075049] CPU: 0 PID: 15506 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3099.076809] loop3: detected capacity change from 0 to 512 [ 3099.076813] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3099.079763] Call Trace: [ 3099.080309] [ 3099.080779] dump_stack_lvl+0x8b/0xb3 [ 3099.081597] should_fail.cold+0x5/0xa [ 3099.082408] ? create_object.isra.0+0x3a/0xa20 [ 3099.083261] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3099.083380] should_failslab+0x5/0x10 [ 3099.084779] EXT4-fs (loop3): get root inode failed [ 3099.085316] kmem_cache_alloc+0x5b/0x480 [ 3099.085849] EXT4-fs (loop3): mount failed [ 3099.086676] create_object.isra.0+0x3a/0xa20 [ 3099.088011] ? kasan_unpoison+0x23/0x50 [ 3099.088868] kmem_cache_alloc+0x239/0x480 [ 3099.089763] __kernfs_new_node+0xd4/0x8b0 [ 3099.090656] ? kernfs_path_from_node+0x60/0x60 [ 3099.091627] ? find_held_lock+0x2c/0x110 [ 3099.092497] ? lock_release+0x3b2/0x750 [ 3099.093340] ? kernfs_add_one+0x3c6/0x550 [ 3099.094227] ? lock_downgrade+0x6d0/0x6d0 [ 3099.095113] ? lock_is_held_type+0xd7/0x130 [ 3099.096044] kernfs_new_node+0x93/0x120 [ 3099.096125] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 3099.096928] __kernfs_create_file+0x51/0x350 [ 3099.098637] sysfs_add_file_mode_ns+0x218/0x430 [ 3099.099626] ? component_del+0x4c0/0x4c0 [ 3099.100504] internal_create_group+0x322/0xb20 [ 3099.101478] ? sysfs_remove_group+0x170/0x170 [ 3099.102435] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3099.103504] loop_configure+0xf2f/0x1a10 [ 3099.104403] lo_ioctl+0x932/0x1990 [ 3099.105150] ? __x64_sys_openat+0x13f/0x1f0 [ 3099.106062] ? loop_set_status_old+0x1b0/0x1b0 [ 3099.107018] ? avc_ss_reset+0x180/0x180 [ 3099.107888] ? __lock_acquire+0xbac/0x6120 [ 3099.108887] ? loop_set_status_old+0x1b0/0x1b0 [ 3099.109852] blkdev_ioctl+0x356/0x7f0 [ 3099.110651] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3099.111643] ? selinux_file_ioctl+0xb1/0x260 [ 3099.112584] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3099.113751] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3099.114747] __x64_sys_ioctl+0x196/0x210 [ 3099.115621] do_syscall_64+0x3b/0x90 [ 3099.116431] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3099.117526] RIP: 0033:0x7f2939f018d7 [ 3099.118304] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3099.122140] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3099.123747] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939f018d7 [ 3099.124834] loop6: detected capacity change from 0 to 512 [ 3099.125254] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3099.125273] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3099.128829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3099.130244] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3099.130352] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3099.132663] [ 3099.148070] loop5: detected capacity change from 0 to 512 [ 3099.152179] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 3099.154688] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. 19:38:00 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000002000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3099.170608] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:38:00 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40004, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:00 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000083000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:00 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 33) [ 3099.226413] loop4: detected capacity change from 0 to 512 [ 3099.228223] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3099.242784] loop3: detected capacity change from 0 to 512 [ 3099.250061] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:38:00 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) [ 3099.284703] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3099.287291] EXT4-fs (loop3): get root inode failed [ 3099.287805] EXT4-fs (loop3): mount failed 19:38:00 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000020006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3099.324797] FAULT_INJECTION: forcing a failure. [ 3099.324797] name failslab, interval 1, probability 0, space 0, times 0 [ 3099.326027] CPU: 1 PID: 15527 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3099.326882] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3099.328080] Call Trace: [ 3099.328364] [ 3099.328597] dump_stack_lvl+0x8b/0xb3 [ 3099.329004] should_fail.cold+0x5/0xa [ 3099.329404] ? create_object.isra.0+0x3a/0xa20 [ 3099.329898] should_failslab+0x5/0x10 [ 3099.330300] kmem_cache_alloc+0x5b/0x480 [ 3099.330737] create_object.isra.0+0x3a/0xa20 [ 3099.331197] ? kasan_unpoison+0x23/0x50 [ 3099.331618] kmem_cache_alloc+0x239/0x480 [ 3099.332060] __kernfs_new_node+0xd4/0x8b0 [ 3099.332506] ? kernfs_add_one+0x3c6/0x550 [ 3099.332944] ? kernfs_path_from_node+0x60/0x60 [ 3099.333436] ? lock_is_held_type+0xd7/0x130 [ 3099.333897] ? up_write+0x148/0x460 [ 3099.334286] ? kernfs_activate+0x1c4/0x240 [ 3099.334740] kernfs_new_node+0x93/0x120 [ 3099.335162] __kernfs_create_file+0x51/0x350 [ 3099.335619] sysfs_add_file_mode_ns+0x218/0x430 [ 3099.336100] ? component_del+0x4c0/0x4c0 [ 3099.336545] internal_create_group+0x322/0xb20 [ 3099.337021] ? sysfs_remove_group+0x170/0x170 [ 3099.337487] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3099.338011] loop_configure+0xf2f/0x1a10 [ 3099.338448] lo_ioctl+0x932/0x1990 [ 3099.338818] ? __x64_sys_openat+0x13f/0x1f0 [ 3099.339263] ? loop_set_status_old+0x1b0/0x1b0 [ 3099.339730] ? avc_ss_reset+0x180/0x180 [ 3099.340165] ? __lock_acquire+0xbac/0x6120 [ 3099.340654] ? loop_set_status_old+0x1b0/0x1b0 [ 3099.341128] blkdev_ioctl+0x356/0x7f0 [ 3099.341522] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3099.342011] ? selinux_file_ioctl+0xb1/0x260 [ 3099.342488] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3099.343060] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3099.343106] loop2: detected capacity change from 0 to 512 [ 3099.343550] __x64_sys_ioctl+0x196/0x210 [ 3099.343576] do_syscall_64+0x3b/0x90 [ 3099.345576] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3099.346130] RIP: 0033:0x7f9ecc2ec8d7 [ 3099.346513] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3099.348395] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3099.349182] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3099.349931] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3099.350657] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3099.351392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3099.352143] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3099.352888] 19:38:00 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 32) 19:38:00 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008002000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3099.395925] loop6: detected capacity change from 0 to 512 19:38:00 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40005, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:00 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000030006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3099.422491] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3099.430220] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3099.474211] FAULT_INJECTION: forcing a failure. [ 3099.474211] name failslab, interval 1, probability 0, space 0, times 0 [ 3099.475514] CPU: 1 PID: 15544 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 19:38:00 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000380)=[{&(0x7f0000000200)="e4f334ffa171685905c33b4accea662b480b99b19addbd8f24117e0d27400e33ac3e950b78dc8d4f1a380b5c95f8c56c63e2d5c97fc9b4e5bd7b1e3068be347ca758d97697a62b0ab7e0febd3b0328c67afa2df30c3fa56059b5b64eb0dd0a10cddd2a9287d1d4fe67eeb8479dedd1df9ddcdf", 0x0, 0x3}, {&(0x7f00000000c0)="ef04ed19a590922efb1d81c941572840cb897252dc070d117e9aa335c6d261bbfb1c5eadbe10c30dcd02507cb29ed2437303483c54c99189e728"}, {&(0x7f0000000280)="2e5281d104978e1b41a9c799bf804f1e7acd620f0f2d167a55ff70f0f830659a14124f6119c141782e4e7f2201a144787a1335a26760a044d69301fb8f27d5ba8120f06df98b75f5b64cc75f", 0x0, 0x401}, {&(0x7f0000000140)="6f228b9ba5c62bbe47b2f6af23c04a67e84cfcf33ef92bbc68303bdc966c204c85d80d674f2ca9ecd848f38885672b1c6a6968", 0x0, 0x1f}], 0x1a00010, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) [ 3099.476396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3099.477878] Call Trace: [ 3099.478149] [ 3099.478382] dump_stack_lvl+0x8b/0xb3 [ 3099.478797] should_fail.cold+0x5/0xa [ 3099.479196] ? create_object.isra.0+0x3a/0xa20 [ 3099.479692] should_failslab+0x5/0x10 [ 3099.480110] kmem_cache_alloc+0x5b/0x480 [ 3099.480559] create_object.isra.0+0x3a/0xa20 [ 3099.481031] ? kasan_unpoison+0x23/0x50 [ 3099.481461] kmem_cache_alloc+0x239/0x480 [ 3099.481912] __kernfs_new_node+0xd4/0x8b0 [ 3099.482369] ? kernfs_path_from_node+0x60/0x60 [ 3099.482848] ? find_held_lock+0x2c/0x110 [ 3099.483283] ? lock_release+0x3b2/0x750 [ 3099.483713] ? mark_held_locks+0x9e/0xe0 [ 3099.484139] ? asm_sysvec_call_function_single+0x12/0x20 [ 3099.484721] kernfs_new_node+0x93/0x120 [ 3099.485146] __kernfs_create_file+0x51/0x350 [ 3099.485604] sysfs_add_file_mode_ns+0x218/0x430 [ 3099.486091] ? component_del+0x4c0/0x4c0 [ 3099.486525] internal_create_group+0x322/0xb20 [ 3099.487004] ? sysfs_remove_group+0x170/0x170 19:38:00 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000040006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3099.487483] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3099.488145] loop_configure+0xf2f/0x1a10 [ 3099.488594] lo_ioctl+0x932/0x1990 [ 3099.488963] ? __x64_sys_openat+0x13f/0x1f0 [ 3099.489418] ? loop_set_status_old+0x1b0/0x1b0 [ 3099.489899] ? avc_ss_reset+0x180/0x180 [ 3099.490332] ? __lock_acquire+0xbac/0x6120 [ 3099.490818] ? loop_set_status_old+0x1b0/0x1b0 [ 3099.491291] blkdev_ioctl+0x356/0x7f0 [ 3099.491685] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3099.492177] ? selinux_file_ioctl+0xb1/0x260 [ 3099.492659] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3099.493233] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3099.493719] __x64_sys_ioctl+0x196/0x210 [ 3099.494155] do_syscall_64+0x3b/0x90 [ 3099.494556] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3099.495095] RIP: 0033:0x7f2939f018d7 [ 3099.495483] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3099.497369] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3099.498146] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939f018d7 [ 3099.498891] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3099.499626] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3099.500368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3099.501108] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3099.501868] [ 3099.513433] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. 19:38:00 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008003000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:00 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40007, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3099.552143] loop1: detected capacity change from 0 to 512 [ 3099.565050] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 3099.584002] loop1: detected capacity change from 0 to 512 [ 3099.602338] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 3099.610098] loop3: detected capacity change from 0 to 512 [ 3099.626072] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3099.630280] EXT4-fs (loop3): get root inode failed [ 3099.631389] EXT4-fs (loop3): mount failed [ 3099.637012] loop4: detected capacity change from 0 to 512 [ 3099.645939] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3099.663592] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 3099.666833] loop3: detected capacity change from 0 to 512 [ 3099.688227] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3099.691072] EXT4-fs (loop3): get root inode failed [ 3099.692190] EXT4-fs (loop3): mount failed 19:38:14 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 33) 19:38:14 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008004000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:14 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40008, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:14 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 34) 19:38:14 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xc8, 0x0) 19:38:14 executing program 2: r0 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r1 = io_uring_setup(0x2c75, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1}) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000200)=[0xffffffffffffffff, r1, 0xffffffffffffffff], 0x3) syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES16, @ANYRES16=r1, @ANYRESDEC, @ANYRES16=r1, @ANYRESDEC]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) mount(&(0x7f0000000300)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380)='pstore\x00', 0x200010, &(0x7f00000003c0)='ext3\x00') setresuid(0x0, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:38:14 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000050006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:14 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x95e}, {&(0x7f0000000380)="07a40000ffd9", 0x6, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="e4ed4e6cecb002eca87e543258f406ef9547730292ad1c0e4157fd5cca5584923f55f245ee2be37144434fd8e35b8458e2ceefe1be441f174950ce536171a166f7fc3be393e2dd1b3316c6686f3ace7b7db2fc49ae2932e422138de5ae996bf9c46a7da52307503f3b411c8017394e8fddaf74a3343207d2ac8b6eea3160f357c2c4c4c2e1ca3e7f8d209cc26cdd81ff4643df86e03cef2273ca596ca5c2a283f2d0dd6a49e75549b8a2d6d7bcbddf54abe6bb7cf1f11393eb65bdfe16b0217c91b12f7c6baf62e78c414d302c6c113a11cc65a8a63874d5215053eafd8601eede56ca468cf22d0368da"]) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) bind(r1, &(0x7f0000000300)=@nl=@kern={0x10, 0x0, 0x0, 0x8000000}, 0x80) [ 3112.902722] FAULT_INJECTION: forcing a failure. [ 3112.902722] name failslab, interval 1, probability 0, space 0, times 0 [ 3112.905008] CPU: 0 PID: 15566 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3112.906627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3112.908845] Call Trace: [ 3112.909349] [ 3112.909787] dump_stack_lvl+0x8b/0xb3 [ 3112.910550] should_fail.cold+0x5/0xa [ 3112.911308] ? __kernfs_new_node+0xd4/0x8b0 [ 3112.912167] should_failslab+0x5/0x10 [ 3112.912942] kmem_cache_alloc+0x5b/0x480 [ 3112.913757] __kernfs_new_node+0xd4/0x8b0 [ 3112.914582] ? kernfs_path_from_node+0x60/0x60 [ 3112.915482] ? find_held_lock+0x2c/0x110 [ 3112.916291] ? lock_release+0x3b2/0x750 [ 3112.917083] ? kernfs_add_one+0x3c6/0x550 [ 3112.917905] ? lock_downgrade+0x6d0/0x6d0 [ 3112.918729] ? lock_is_held_type+0xd7/0x130 [ 3112.919599] kernfs_new_node+0x93/0x120 [ 3112.920403] __kernfs_create_file+0x51/0x350 [ 3112.921290] sysfs_add_file_mode_ns+0x218/0x430 [ 3112.922207] ? component_del+0x4c0/0x4c0 [ 3112.923015] internal_create_group+0x322/0xb20 [ 3112.923922] ? sysfs_remove_group+0x170/0x170 [ 3112.924830] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3112.925825] loop_configure+0xf2f/0x1a10 [ 3112.926659] lo_ioctl+0x932/0x1990 [ 3112.927355] ? __x64_sys_openat+0x13f/0x1f0 [ 3112.928204] ? loop_set_status_old+0x1b0/0x1b0 [ 3112.929100] ? avc_ss_reset+0x180/0x180 [ 3112.929916] ? __lock_acquire+0xbac/0x6120 [ 3112.930831] ? loop_set_status_old+0x1b0/0x1b0 [ 3112.931734] blkdev_ioctl+0x356/0x7f0 [ 3112.932497] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3112.933423] ? selinux_file_ioctl+0xb1/0x260 [ 3112.934301] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3112.935385] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3112.936334] __x64_sys_ioctl+0x196/0x210 [ 3112.937157] do_syscall_64+0x3b/0x90 [ 3112.937900] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3112.938918] RIP: 0033:0x7f9ecc2ec8d7 [ 3112.939640] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3112.943228] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3112.944718] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3112.946108] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3112.947493] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3112.948884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3112.950270] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3112.951682] [ 3112.962138] FAULT_INJECTION: forcing a failure. [ 3112.962138] name failslab, interval 1, probability 0, space 0, times 0 [ 3112.964585] CPU: 1 PID: 15576 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3112.966223] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3112.966594] loop5: detected capacity change from 0 to 512 [ 3112.968458] Call Trace: [ 3112.968467] [ 3112.968476] dump_stack_lvl+0x8b/0xb3 [ 3112.968514] should_fail.cold+0x5/0xa [ 3112.968544] ? create_object.isra.0+0x3a/0xa20 [ 3112.968579] should_failslab+0x5/0x10 [ 3112.968610] kmem_cache_alloc+0x5b/0x480 [ 3112.968655] create_object.isra.0+0x3a/0xa20 [ 3112.968685] ? kasan_unpoison+0x23/0x50 [ 3112.968720] kmem_cache_alloc+0x239/0x480 [ 3112.968764] __kernfs_new_node+0xd4/0x8b0 [ 3112.968803] ? kernfs_add_one+0x3c6/0x550 [ 3112.968840] ? kernfs_path_from_node+0x60/0x60 [ 3112.968884] ? lock_is_held_type+0xd7/0x130 [ 3112.968932] ? up_write+0x148/0x460 [ 3112.975129] loop3: detected capacity change from 0 to 512 [ 3112.975694] ? kernfs_activate+0x1c4/0x240 [ 3112.979194] loop1: detected capacity change from 0 to 512 [ 3112.979766] kernfs_new_node+0x93/0x120 [ 3112.984660] ext4: Unknown parameter 'äíNlì°ì¨~T2Xôï•Gs’­AWý\ÊU„’?UòEî+ãqDCOØã[„XâÎïá¾DIPÎSaq¡f÷ü;ã“âÝ3Æho:Î{}²üI®)2ä"å®™kùÄj}¥#P?;A€9Nݯt£42Ò¬‹nê1`óWÂÄÄÂáÊ> œÂlÝÿFC߆à<ï"sÊYl¥Â¢ƒòÐÝjIçUI¸¢Ö×¼½ßT«æ»|ññ“ëe½þ°!|‘±/|k¯bçŒAM0' [ 3112.985043] __kernfs_create_file+0x51/0x350 [ 3112.990093] sysfs_add_file_mode_ns+0x218/0x430 [ 3112.991031] ? component_del+0x4c0/0x4c0 [ 3112.991852] internal_create_group+0x322/0xb20 [ 3112.992782] ? sysfs_remove_group+0x170/0x170 [ 3112.993683] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3112.994690] loop_configure+0xf2f/0x1a10 [ 3112.995531] lo_ioctl+0x932/0x1990 [ 3112.996230] ? __x64_sys_openat+0x13f/0x1f0 [ 3112.997094] ? loop_set_status_old+0x1b0/0x1b0 [ 3112.997988] ? avc_ss_reset+0x180/0x180 [ 3112.998811] ? __lock_acquire+0xbac/0x6120 [ 3112.999746] ? loop_set_status_old+0x1b0/0x1b0 [ 3113.000694] blkdev_ioctl+0x356/0x7f0 [ 3113.001455] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3113.002415] ? selinux_file_ioctl+0xb1/0x260 [ 3113.003306] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3113.004433] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3113.005369] __x64_sys_ioctl+0x196/0x210 [ 3113.006205] do_syscall_64+0x3b/0x90 [ 3113.006951] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3113.008012] RIP: 0033:0x7f2939f018d7 [ 3113.008758] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3113.012453] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3113.013957] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939f018d7 [ 3113.015362] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3113.016788] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3113.018188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3113.019588] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3113.021019] [ 3113.031999] loop2: detected capacity change from 0 to 512 [ 3113.037092] loop1: detected capacity change from 0 to 512 [ 3113.041694] ext3: Unknown parameter 'ÿÿÿÿÿÿ' [ 3113.044643] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3113.046465] ext4: Unknown parameter 'äíNlì°ì¨~T2Xôï•Gs’­AWý\ÊU„’?UòEî+ãqDCOØã[„XâÎïá¾DIPÎSaq¡f÷ü;ã“âÝ3Æho:Î{}²üI®)2ä"å®™kùÄj}¥#P?;A€9Nݯt£42Ò¬‹nê1`óWÂÄÄÂáÊ> œÂlÝÿFC߆à<ï"sÊYl¥Â¢ƒòÐÝjIçUI¸¢Ö×¼½ßT«æ»|ññ“ëe½þ°!|‘±/|k¯bçŒAM0' [ 3113.086345] loop6: detected capacity change from 0 to 512 [ 3113.100421] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem 19:38:14 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000060006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:14 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008005000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3113.142450] loop4: detected capacity change from 0 to 512 [ 3113.145877] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3113.151687] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3113.159324] EXT4-fs (loop3): get root inode failed [ 3113.160455] EXT4-fs (loop3): mount failed [ 3113.168060] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 3113.180977] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. 19:38:14 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008006000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3113.235510] loop3: detected capacity change from 0 to 512 [ 3113.264199] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3113.268734] EXT4-fs (loop3): get root inode failed [ 3113.270103] EXT4-fs (loop3): mount failed 19:38:28 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xc9, 0x0) 19:38:28 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setxattr$incfs_size(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f0000000140)=0x7, 0x8, 0x0) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:38:28 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008007000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:28 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000070006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3126.799531] FAULT_INJECTION: forcing a failure. [ 3126.799531] name failslab, interval 1, probability 0, space 0, times 0 [ 3126.801944] CPU: 1 PID: 15612 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3126.803274] loop5: detected capacity change from 0 to 512 [ 3126.803687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3126.806653] Call Trace: [ 3126.807191] [ 3126.807662] dump_stack_lvl+0x8b/0xb3 [ 3126.808483] should_fail.cold+0x5/0xa 19:38:28 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x48002, 0x0) fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, &(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', r0) linkat(r2, &(0x7f0000000080)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00', 0x800) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000300), 0x100000, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@loose}, {@cachetag={'cachetag', 0x3d, 'user.incfs.id\x00'}}, {}, {@loose}], [{@appraise}, {@fsname={'fsname', 0x3d, '/'}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}]}}) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) llistxattr(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)=""/105, 0x69) 19:38:28 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 34) 19:38:28 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 35) 19:38:28 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40009, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3126.809469] ? create_object.isra.0+0x3a/0xa20 [ 3126.810468] should_failslab+0x5/0x10 [ 3126.811283] kmem_cache_alloc+0x5b/0x480 [ 3126.812159] create_object.isra.0+0x3a/0xa20 [ 3126.813099] ? kasan_unpoison+0x23/0x50 [ 3126.813949] kmem_cache_alloc+0x239/0x480 [ 3126.814842] __kernfs_new_node+0xd4/0x8b0 [ 3126.815733] ? kernfs_path_from_node+0x60/0x60 [ 3126.816710] ? find_held_lock+0x2c/0x110 [ 3126.817573] ? lock_release+0x3b2/0x750 [ 3126.818415] ? kernfs_add_one+0x3c6/0x550 [ 3126.819300] ? lock_downgrade+0x6d0/0x6d0 [ 3126.820189] ? lock_is_held_type+0xd7/0x130 [ 3126.821136] kernfs_new_node+0x93/0x120 [ 3126.821994] __kernfs_create_file+0x51/0x350 [ 3126.822926] sysfs_add_file_mode_ns+0x218/0x430 [ 3126.823908] ? component_del+0x4c0/0x4c0 [ 3126.824781] internal_create_group+0x322/0xb20 [ 3126.825753] ? sysfs_remove_group+0x170/0x170 [ 3126.826708] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3126.827776] loop_configure+0xf2f/0x1a10 [ 3126.828684] lo_ioctl+0x932/0x1990 [ 3126.829438] ? __x64_sys_openat+0x13f/0x1f0 [ 3126.830351] ? loop_set_status_old+0x1b0/0x1b0 [ 3126.831313] ? avc_ss_reset+0x180/0x180 [ 3126.832186] ? __lock_acquire+0xbac/0x6120 [ 3126.833189] ? loop_set_status_old+0x1b0/0x1b0 [ 3126.834149] blkdev_ioctl+0x356/0x7f0 [ 3126.834968] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3126.835959] ? selinux_file_ioctl+0xb1/0x260 [ 3126.836927] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3126.838094] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3126.839111] __x64_sys_ioctl+0x196/0x210 [ 3126.839981] do_syscall_64+0x3b/0x90 [ 3126.840795] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3126.841889] RIP: 0033:0x7f9ecc2ec8d7 [ 3126.842678] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3126.846518] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3126.848129] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3126.849618] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3126.851133] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3126.852617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3126.854117] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3126.855657] [ 3126.860927] loop2: detected capacity change from 0 to 512 [ 3126.864784] FAULT_INJECTION: forcing a failure. [ 3126.864784] name failslab, interval 1, probability 0, space 0, times 0 [ 3126.866019] CPU: 0 PID: 15620 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3126.866885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3126.868081] Call Trace: [ 3126.868351] [ 3126.868594] dump_stack_lvl+0x8b/0xb3 [ 3126.869013] should_fail.cold+0x5/0xa [ 3126.869426] ? __kernfs_new_node+0xd4/0x8b0 [ 3126.869886] should_failslab+0x5/0x10 [ 3126.870295] kmem_cache_alloc+0x5b/0x480 [ 3126.870886] __kernfs_new_node+0xd4/0x8b0 [ 3126.871346] ? kernfs_add_one+0x3c6/0x550 [ 3126.871794] ? kernfs_path_from_node+0x60/0x60 [ 3126.872280] ? lock_is_held_type+0xd7/0x130 [ 3126.872761] ? up_write+0x148/0x460 [ 3126.873140] ? kernfs_activate+0x1c4/0x240 [ 3126.873595] kernfs_new_node+0x93/0x120 [ 3126.874018] __kernfs_create_file+0x51/0x350 [ 3126.874476] sysfs_add_file_mode_ns+0x218/0x430 [ 3126.874961] ? component_del+0x4c0/0x4c0 [ 3126.875399] internal_create_group+0x322/0xb20 [ 3126.875889] ? sysfs_remove_group+0x170/0x170 [ 3126.876366] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3126.876910] loop_configure+0xf2f/0x1a10 [ 3126.877355] lo_ioctl+0x932/0x1990 [ 3126.877731] ? loop_set_status_old+0x1b0/0x1b0 [ 3126.878206] ? avc_ss_reset+0x180/0x180 [ 3126.878637] ? __lock_acquire+0xbac/0x6120 [ 3126.879090] ? lock_is_held_type+0xd7/0x130 [ 3126.879583] ? loop_set_status_old+0x1b0/0x1b0 [ 3126.880061] blkdev_ioctl+0x356/0x7f0 [ 3126.880459] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3126.880980] ? selinux_file_ioctl+0xb1/0x260 [ 3126.881445] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3126.882056] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3126.882556] __x64_sys_ioctl+0x196/0x210 [ 3126.883015] do_syscall_64+0x3b/0x90 [ 3126.883415] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3126.883973] RIP: 0033:0x7f2939f018d7 [ 3126.884357] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3126.886331] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3126.887124] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939f018d7 [ 3126.887870] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3126.888616] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3126.889364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3126.890098] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3126.890843] [ 3126.891335] loop6: detected capacity change from 0 to 512 [ 3126.896899] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3126.908565] loop1: detected capacity change from 0 to 512 [ 3126.909569] loop3: detected capacity change from 0 to 512 [ 3126.911765] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3126.915052] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 3126.932917] loop4: detected capacity change from 0 to 512 [ 3126.938095] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem 19:38:28 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000080006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:28 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008008000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3126.946990] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3126.953917] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 3126.958263] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated 19:38:28 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 36) [ 3126.967416] EXT4-fs (loop3): get root inode failed [ 3126.967946] EXT4-fs (loop3): mount failed [ 3126.981314] loop3: detected capacity change from 0 to 512 [ 3126.993793] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3126.995121] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 3126.999270] EXT4-fs (loop3): get root inode failed [ 3126.999826] EXT4-fs (loop3): mount failed [ 3127.004070] FAULT_INJECTION: forcing a failure. [ 3127.004070] name failslab, interval 1, probability 0, space 0, times 0 [ 3127.004090] CPU: 0 PID: 15640 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3127.004105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3127.004115] Call Trace: [ 3127.004120] [ 3127.004125] dump_stack_lvl+0x8b/0xb3 [ 3127.004156] should_fail.cold+0x5/0xa [ 3127.004173] ? __kernfs_new_node+0xd4/0x8b0 [ 3127.004196] should_failslab+0x5/0x10 [ 3127.004215] kmem_cache_alloc+0x5b/0x480 [ 3127.004242] __kernfs_new_node+0xd4/0x8b0 [ 3127.004264] ? kernfs_add_one+0x3c6/0x550 [ 3127.004285] ? kernfs_path_from_node+0x60/0x60 [ 3127.004311] ? lock_is_held_type+0xd7/0x130 [ 3127.004339] ? up_write+0x148/0x460 [ 3127.004353] ? kernfs_activate+0x1c4/0x240 [ 3127.004380] kernfs_new_node+0x93/0x120 [ 3127.004406] __kernfs_create_file+0x51/0x350 [ 3127.004423] sysfs_add_file_mode_ns+0x218/0x430 [ 3127.004441] ? component_del+0x4c0/0x4c0 [ 3127.004462] internal_create_group+0x322/0xb20 [ 3127.004484] ? sysfs_remove_group+0x170/0x170 [ 3127.004505] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3127.004532] loop_configure+0xf2f/0x1a10 [ 3127.004566] lo_ioctl+0x932/0x1990 [ 3127.004579] ? __x64_sys_openat+0x13f/0x1f0 [ 3127.004597] ? loop_set_status_old+0x1b0/0x1b0 [ 3127.004615] ? avc_ss_reset+0x180/0x180 [ 3127.004648] ? __lock_acquire+0xbac/0x6120 [ 3127.004710] ? loop_set_status_old+0x1b0/0x1b0 [ 3127.004725] blkdev_ioctl+0x356/0x7f0 [ 3127.004739] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3127.004753] ? selinux_file_ioctl+0xb1/0x260 [ 3127.004774] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3127.004796] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3127.004812] __x64_sys_ioctl+0x196/0x210 [ 3127.004836] do_syscall_64+0x3b/0x90 [ 3127.004854] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3127.004876] RIP: 0033:0x7f9ecc2ec8d7 [ 3127.004887] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3127.004900] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3127.004915] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3127.004924] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3127.004933] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3127.004945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3127.004954] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3127.004977] 19:38:28 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xca, 0x0) [ 3127.044594] loop6: detected capacity change from 0 to 512 19:38:28 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000180006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:28 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008018000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:28 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) setxattr$security_evm(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f0000000140)=@v2={0x5, 0x2, 0xf, 0x6895, 0x16, "4430534ea08fd33e8c00432e94a1256fe6c86eaf963f"}, 0x1f, 0x2) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) [ 3127.094362] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3127.105848] loop5: detected capacity change from 0 to 512 19:38:28 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4000a, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3127.133463] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 3127.134923] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. 19:38:28 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 35) [ 3127.174033] loop2: detected capacity change from 0 to 512 19:38:28 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="2000800080001c0006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3127.204208] loop3: detected capacity change from 0 to 512 [ 3127.213865] FAULT_INJECTION: forcing a failure. [ 3127.213865] name failslab, interval 1, probability 0, space 0, times 0 [ 3127.215201] CPU: 0 PID: 15659 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3127.216070] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3127.217266] Call Trace: [ 3127.217537] [ 3127.217788] dump_stack_lvl+0x8b/0xb3 [ 3127.218204] should_fail.cold+0x5/0xa [ 3127.218614] ? create_object.isra.0+0x3a/0xa20 [ 3127.219103] should_failslab+0x5/0x10 [ 3127.219515] kmem_cache_alloc+0x5b/0x480 [ 3127.219956] create_object.isra.0+0x3a/0xa20 [ 3127.220429] ? kasan_unpoison+0x23/0x50 [ 3127.220880] kmem_cache_alloc+0x239/0x480 [ 3127.221326] __kernfs_new_node+0xd4/0x8b0 [ 3127.221768] ? kernfs_add_one+0x3c6/0x550 [ 3127.222222] ? kernfs_path_from_node+0x60/0x60 [ 3127.222715] ? lock_is_held_type+0xd7/0x130 [ 3127.223185] ? up_write+0x148/0x460 [ 3127.223564] ? kernfs_activate+0x1c4/0x240 [ 3127.224027] kernfs_new_node+0x93/0x120 [ 3127.224453] __kernfs_create_file+0x51/0x350 [ 3127.224930] sysfs_add_file_mode_ns+0x218/0x430 [ 3127.225429] ? component_del+0x4c0/0x4c0 [ 3127.225861] internal_create_group+0x322/0xb20 [ 3127.226344] ? sysfs_remove_group+0x170/0x170 [ 3127.226822] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3127.227358] loop_configure+0xf2f/0x1a10 [ 3127.227799] lo_ioctl+0x932/0x1990 [ 3127.228176] ? __x64_sys_openat+0x13f/0x1f0 [ 3127.228642] ? loop_set_status_old+0x1b0/0x1b0 [ 3127.229118] ? avc_ss_reset+0x180/0x180 [ 3127.229556] ? __lock_acquire+0xbac/0x6120 [ 3127.230044] ? loop_set_status_old+0x1b0/0x1b0 [ 3127.230524] blkdev_ioctl+0x356/0x7f0 [ 3127.230923] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3127.231427] ? selinux_file_ioctl+0xb1/0x260 [ 3127.231898] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3127.232473] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3127.232981] __x64_sys_ioctl+0x196/0x210 [ 3127.233422] do_syscall_64+0x3b/0x90 [ 3127.233820] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3127.234377] RIP: 0033:0x7f2939f018d7 [ 3127.234761] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3127.236690] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3127.237474] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939f018d7 [ 3127.238219] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3127.238963] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3127.239704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3127.240449] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3127.241221] [ 3127.244962] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3127.252333] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3127.255978] EXT4-fs (loop3): get root inode failed [ 3127.257133] EXT4-fs (loop3): mount failed [ 3127.333325] loop4: detected capacity change from 0 to 512 [ 3127.337407] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3127.352849] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:38:41 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 37) 19:38:41 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xcb, 0x0) 19:38:41 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000140), &(0x7f0000000300)='./file0\x00', 0x6, 0x2, &(0x7f00000004c0)=[{&(0x7f0000000380)="e9595c2951149a007092fde08d91cb", 0xf, 0x4}, {&(0x7f00000003c0)="a2243b42676b09e2d1a7cb3a189a5ca04bf5521a50cf7d7ca08fa3fe49d80da7f1a0489195d40d25b2f51b6da436bd5d8a124526fd05e08c2426d4b39e01f78c9d6f8168e01651154ad3512f8754ad8ddbfe00804c9321c68fae0f51da7aedd89018c393d03cff7c60d4895c6df0ce7722328a1a02b3de916362b8fa2dde4288c6325b74e622408da82e486c479487fda22d32558f41f5eda4bc2e830835a9727013597c52c9b193475df087484eb118defd5440acd5871194b18bdc189308b1a47c6672642ff2d0cff20ec5fbf2", 0xce, 0x2}], 0x1002408, &(0x7f0000000500)={[{@gid={'gid', 0x3d, 0xee01}}, {@huge_advise}, {@huge_always}, {@huge_never}, {}, {@huge_advise}, {@nr_blocks={'nr_blocks', 0x3d, [0x33, 0x35, 0x33, 0x38]}}, {@nr_blocks={'nr_blocks', 0x3d, [0x78, 0x25]}}], [{@subj_type={'subj_type', 0x3d, '^S'}}, {@fowner_eq={'fowner', 0x3d, 0xee01}}]}) 19:38:41 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="2000800080003a0006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:41 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="20000000801c000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:41 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x48002, 0x0) linkat(r2, &(0x7f0000000080)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00', 0x800) bind$unix(r2, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:38:41 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 36) 19:38:41 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4000b, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3140.727246] loop5: detected capacity change from 0 to 512 [ 3140.733185] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3140.752528] loop1: detected capacity change from 0 to 512 [ 3140.757965] FAULT_INJECTION: forcing a failure. [ 3140.757965] name failslab, interval 1, probability 0, space 0, times 0 [ 3140.759435] CPU: 1 PID: 15683 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3140.760429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3140.761777] Call Trace: [ 3140.762077] [ 3140.762344] dump_stack_lvl+0x8b/0xb3 [ 3140.762814] should_fail.cold+0x5/0xa [ 3140.763265] ? create_object.isra.0+0x3a/0xa20 [ 3140.763807] should_failslab+0x5/0x10 [ 3140.764258] kmem_cache_alloc+0x5b/0x480 [ 3140.764746] create_object.isra.0+0x3a/0xa20 [ 3140.765283] ? kasan_unpoison+0x23/0x50 [ 3140.765764] kmem_cache_alloc+0x239/0x480 [ 3140.766267] __kernfs_new_node+0xd4/0x8b0 [ 3140.766763] ? kernfs_add_one+0x3c6/0x550 [ 3140.767266] ? kernfs_path_from_node+0x60/0x60 [ 3140.767821] ? lock_is_held_type+0xd7/0x130 [ 3140.768348] ? up_write+0x148/0x460 [ 3140.768781] ? kernfs_activate+0x1c4/0x240 [ 3140.769339] kernfs_new_node+0x93/0x120 [ 3140.769825] __kernfs_create_file+0x51/0x350 [ 3140.770405] sysfs_add_file_mode_ns+0x218/0x430 [ 3140.771011] ? component_del+0x4c0/0x4c0 [ 3140.771534] internal_create_group+0x322/0xb20 [ 3140.772111] ? sysfs_remove_group+0x170/0x170 [ 3140.772689] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3140.773269] loop3: detected capacity change from 0 to 512 [ 3140.773327] loop_configure+0xf2f/0x1a10 [ 3140.775066] lo_ioctl+0x932/0x1990 [ 3140.775511] ? __x64_sys_openat+0x13f/0x1f0 [ 3140.776044] ? loop_set_status_old+0x1b0/0x1b0 [ 3140.776581] ? avc_ss_reset+0x180/0x180 [ 3140.776910] loop2: detected capacity change from 0 to 512 [ 3140.777108] ? __lock_acquire+0xbac/0x6120 [ 3140.778824] ? loop_set_status_old+0x1b0/0x1b0 [ 3140.779355] blkdev_ioctl+0x356/0x7f0 [ 3140.779796] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3140.780348] ? selinux_file_ioctl+0xb1/0x260 [ 3140.780880] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3140.781533] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3140.782090] __x64_sys_ioctl+0x196/0x210 [ 3140.782576] do_syscall_64+0x3b/0x90 [ 3140.783019] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3140.783629] RIP: 0033:0x7f9ecc2ec8d7 [ 3140.784059] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3140.786258] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3140.787163] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3140.788002] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3140.788888] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3140.789752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3140.790627] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3140.791501] [ 3140.792610] FAULT_INJECTION: forcing a failure. [ 3140.792610] name failslab, interval 1, probability 0, space 0, times 0 [ 3140.793993] CPU: 1 PID: 15688 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3140.794997] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3140.796286] Call Trace: [ 3140.796577] [ 3140.796837] dump_stack_lvl+0x8b/0xb3 [ 3140.797285] should_fail.cold+0x5/0xa [ 3140.797739] ? __kernfs_new_node+0xd4/0x8b0 [ 3140.798265] should_failslab+0x5/0x10 [ 3140.798727] kmem_cache_alloc+0x5b/0x480 [ 3140.799231] __kernfs_new_node+0xd4/0x8b0 [ 3140.799766] ? kernfs_add_one+0x3c6/0x550 [ 3140.800286] ? kernfs_path_from_node+0x60/0x60 [ 3140.800832] ? lock_is_held_type+0xd7/0x130 [ 3140.801366] ? up_write+0x148/0x460 [ 3140.801795] ? kernfs_activate+0x1c4/0x240 [ 3140.802309] kernfs_new_node+0x93/0x120 [ 3140.802803] __kernfs_create_file+0x51/0x350 [ 3140.803324] sysfs_add_file_mode_ns+0x218/0x430 [ 3140.803877] ? component_del+0x4c0/0x4c0 [ 3140.804371] internal_create_group+0x322/0xb20 [ 3140.804925] ? sysfs_remove_group+0x170/0x170 [ 3140.805458] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3140.806056] loop_configure+0xf2f/0x1a10 [ 3140.806540] lo_ioctl+0x932/0x1990 [ 3140.806942] ? __x64_sys_openat+0x13f/0x1f0 [ 3140.807425] ? loop_set_status_old+0x1b0/0x1b0 [ 3140.807938] ? avc_ss_reset+0x180/0x180 [ 3140.808407] ? __lock_acquire+0xbac/0x6120 [ 3140.808949] ? loop_set_status_old+0x1b0/0x1b0 [ 3140.809471] blkdev_ioctl+0x356/0x7f0 [ 3140.809902] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3140.810446] ? selinux_file_ioctl+0xb1/0x260 [ 3140.810962] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3140.811585] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3140.812120] __x64_sys_ioctl+0x196/0x210 [ 3140.812594] do_syscall_64+0x3b/0x90 [ 3140.813037] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3140.813628] RIP: 0033:0x7f2939f018d7 [ 3140.814050] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3140.816108] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3140.816970] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939f018d7 [ 3140.817788] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3140.818592] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3140.819382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3140.820178] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3140.821002] [ 3140.830307] loop6: detected capacity change from 0 to 512 [ 3140.834051] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated 19:38:42 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000650006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3140.840180] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3140.843043] EXT4-fs (loop3): get root inode failed [ 3140.844255] EXT4-fs (loop3): mount failed [ 3140.853844] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3140.869165] loop3: detected capacity change from 0 to 512 19:38:42 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="20000000803a000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3140.900463] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 3140.901026] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3140.904346] EXT4-fs (loop3): get root inode failed [ 3140.905493] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 3140.907156] EXT4-fs (loop3): mount failed [ 3140.924356] loop4: detected capacity change from 0 to 512 [ 3140.942309] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3140.975930] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:38:56 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000fe0006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:56 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xcc, 0x0) 19:38:56 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 37) 19:38:56 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 38) 19:38:56 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="2000000080000000060000006600000020000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100fbff53ef011001000000d901000000000000000b000000000200"/90, 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:38:56 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='incremental-fs\x00', 0x80400, 0x0) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:38:56 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008065000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:56 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4000d, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3155.660959] loop1: detected capacity change from 0 to 512 [ 3155.662223] loop3: detected capacity change from 0 to 512 [ 3155.663316] FAULT_INJECTION: forcing a failure. [ 3155.663316] name failslab, interval 1, probability 0, space 0, times 0 [ 3155.663411] loop5: detected capacity change from 0 to 512 [ 3155.664720] CPU: 0 PID: 15728 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3155.665887] loop2: detected capacity change from 0 to 512 [ 3155.666250] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3155.666263] Call Trace: [ 3155.666268] [ 3155.666275] dump_stack_lvl+0x8b/0xb3 [ 3155.669227] should_fail.cold+0x5/0xa [ 3155.669697] ? __kernfs_new_node+0xd4/0x8b0 [ 3155.670215] should_failslab+0x5/0x10 [ 3155.670684] kmem_cache_alloc+0x5b/0x480 [ 3155.671181] __kernfs_new_node+0xd4/0x8b0 [ 3155.671696] ? kernfs_add_one+0x3c6/0x550 [ 3155.672184] ? kernfs_path_from_node+0x60/0x60 [ 3155.672747] ? lock_is_held_type+0xd7/0x130 [ 3155.673275] ? up_write+0x148/0x460 [ 3155.673717] ? kernfs_activate+0x1c4/0x240 [ 3155.674240] kernfs_new_node+0x93/0x120 [ 3155.674746] __kernfs_create_file+0x51/0x350 [ 3155.675284] sysfs_add_file_mode_ns+0x218/0x430 [ 3155.675845] ? component_del+0x4c0/0x4c0 [ 3155.676356] internal_create_group+0x322/0xb20 [ 3155.676919] ? sysfs_remove_group+0x170/0x170 [ 3155.677477] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3155.678095] loop_configure+0xf2f/0x1a10 [ 3155.678604] lo_ioctl+0x932/0x1990 [ 3155.679036] ? __x64_sys_openat+0x13f/0x1f0 [ 3155.679554] ? loop_set_status_old+0x1b0/0x1b0 [ 3155.680110] ? avc_ss_reset+0x180/0x180 [ 3155.680617] ? __lock_acquire+0xbac/0x6120 [ 3155.681191] ? loop_set_status_old+0x1b0/0x1b0 [ 3155.681737] blkdev_ioctl+0x356/0x7f0 [ 3155.682192] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3155.682771] ? selinux_file_ioctl+0xb1/0x260 [ 3155.683312] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3155.683987] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3155.684557] __x64_sys_ioctl+0x196/0x210 [ 3155.685055] do_syscall_64+0x3b/0x90 [ 3155.685500] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3155.686114] RIP: 0033:0x7f9ecc2ec8d7 [ 3155.686558] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3155.688727] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3155.689659] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3155.690521] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3155.691378] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3155.692232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3155.693101] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3155.693982] [ 3155.694093] FAULT_INJECTION: forcing a failure. [ 3155.694093] name failslab, interval 1, probability 0, space 0, times 0 [ 3155.695561] CPU: 1 PID: 15721 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3155.696472] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3155.697689] Call Trace: [ 3155.697970] [ 3155.698211] dump_stack_lvl+0x8b/0xb3 [ 3155.698642] should_fail.cold+0x5/0xa [ 3155.699054] ? create_object.isra.0+0x3a/0xa20 [ 3155.699564] should_failslab+0x5/0x10 [ 3155.699985] kmem_cache_alloc+0x5b/0x480 [ 3155.700450] create_object.isra.0+0x3a/0xa20 [ 3155.700932] ? kasan_unpoison+0x23/0x50 [ 3155.701393] kmem_cache_alloc+0x239/0x480 [ 3155.701853] __kernfs_new_node+0xd4/0x8b0 [ 3155.702298] ? kernfs_add_one+0x3c6/0x550 [ 3155.702747] ? kernfs_path_from_node+0x60/0x60 [ 3155.703245] ? lock_is_held_type+0xd7/0x130 [ 3155.703730] ? up_write+0x148/0x460 [ 3155.704125] ? kernfs_activate+0x1c4/0x240 [ 3155.704435] loop6: detected capacity change from 0 to 512 [ 3155.704581] kernfs_new_node+0x93/0x120 [ 3155.705655] __kernfs_create_file+0x51/0x350 [ 3155.706136] sysfs_add_file_mode_ns+0x218/0x430 [ 3155.706654] ? component_del+0x4c0/0x4c0 [ 3155.707096] internal_create_group+0x322/0xb20 [ 3155.707597] ? sysfs_remove_group+0x170/0x170 [ 3155.708093] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3155.708647] loop_configure+0xf2f/0x1a10 [ 3155.709109] lo_ioctl+0x932/0x1990 [ 3155.709495] ? __x64_sys_openat+0x13f/0x1f0 [ 3155.709974] ? loop_set_status_old+0x1b0/0x1b0 [ 3155.710471] ? avc_ss_reset+0x180/0x180 [ 3155.710920] ? __lock_acquire+0xbac/0x6120 19:38:56 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="2000000080fe000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:56 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000306000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3155.711427] ? loop_set_status_old+0x1b0/0x1b0 [ 3155.712103] blkdev_ioctl+0x356/0x7f0 [ 3155.712511] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3155.713013] ? selinux_file_ioctl+0xb1/0x260 [ 3155.713504] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3155.714089] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3155.714597] __x64_sys_ioctl+0x196/0x210 [ 3155.715042] do_syscall_64+0x3b/0x90 [ 3155.715454] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3155.716022] RIP: 0033:0x7f2939f018d7 [ 3155.716425] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3155.718401] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3155.719215] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939f018d7 [ 3155.719967] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3155.720736] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3155.721524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3155.722294] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3155.723055] [ 3155.723656] EXT4-fs (loop1): invalid first ino: 0 [ 3155.725269] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3155.732283] loop1: detected capacity change from 0 to 512 [ 3155.737241] EXT4-fs (loop1): invalid first ino: 0 [ 3155.738373] loop4: detected capacity change from 0 to 512 [ 3155.740358] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3155.742118] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3155.744442] EXT4-fs (loop3): get root inode failed [ 3155.745033] EXT4-fs (loop3): mount failed [ 3155.753601] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3155.755487] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 3155.766528] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3155.767630] loop3: detected capacity change from 0 to 512 [ 3155.777797] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:38:57 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000800406000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:57 executing program 1: syz_emit_ethernet(0x4a, &(0x7f00000001c0)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '8^W', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0) accept4(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x800) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:38:57 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 38) [ 3155.800871] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3155.802825] EXT4-fs (loop3): get root inode failed [ 3155.803410] EXT4-fs (loop3): mount failed 19:38:57 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 39) [ 3155.846103] loop1: detected capacity change from 0 to 512 [ 3155.881638] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 3155.891230] loop2: detected capacity change from 0 to 512 [ 3155.899804] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3155.913730] FAULT_INJECTION: forcing a failure. [ 3155.913730] name failslab, interval 1, probability 0, space 0, times 0 [ 3155.915040] CPU: 1 PID: 15761 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3155.915927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3155.917168] Call Trace: [ 3155.917448] [ 3155.917682] dump_stack_lvl+0x8b/0xb3 [ 3155.918100] should_fail.cold+0x5/0xa [ 3155.918514] ? __kernfs_new_node+0xd4/0x8b0 [ 3155.918990] should_failslab+0x5/0x10 [ 3155.919417] kmem_cache_alloc+0x5b/0x480 [ 3155.919864] __kernfs_new_node+0xd4/0x8b0 [ 3155.920309] ? kernfs_add_one+0x3c6/0x550 [ 3155.920763] ? kernfs_path_from_node+0x60/0x60 [ 3155.921262] ? lock_is_held_type+0xd7/0x130 [ 3155.921737] ? up_write+0x148/0x460 [ 3155.922135] ? kernfs_activate+0x1c4/0x240 [ 3155.922595] kernfs_new_node+0x93/0x120 [ 3155.923041] __kernfs_create_file+0x51/0x350 [ 3155.923515] sysfs_add_file_mode_ns+0x218/0x430 [ 3155.924023] ? component_del+0x4c0/0x4c0 [ 3155.924472] internal_create_group+0x322/0xb20 [ 3155.924977] ? sysfs_remove_group+0x170/0x170 [ 3155.925467] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3155.926022] loop_configure+0xf2f/0x1a10 [ 3155.926473] lo_ioctl+0x932/0x1990 [ 3155.926849] ? __x64_sys_openat+0x13f/0x1f0 [ 3155.927313] ? loop_set_status_old+0x1b0/0x1b0 [ 3155.927811] ? avc_ss_reset+0x180/0x180 [ 3155.928260] ? __lock_acquire+0xbac/0x6120 [ 3155.928762] ? loop_set_status_old+0x1b0/0x1b0 [ 3155.929263] blkdev_ioctl+0x356/0x7f0 [ 3155.929679] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3155.930175] ? selinux_file_ioctl+0xb1/0x260 [ 3155.930659] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3155.931254] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3155.931769] __x64_sys_ioctl+0x196/0x210 [ 3155.932213] do_syscall_64+0x3b/0x90 [ 3155.932624] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3155.933200] RIP: 0033:0x7f2939f018d7 [ 3155.933603] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3155.935546] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3155.936365] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939f018d7 [ 3155.937141] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3155.937889] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3155.938631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3155.939377] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3155.940145] 19:38:57 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xcd, 0x0) 19:38:57 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000030006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:57 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) sendmmsg(r0, &(0x7f0000009a80)=[{{&(0x7f0000001740)=@hci={0x1f, 0x5865, 0x2}, 0x80, 0x0}}], 0x1, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:38:57 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4000f, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:57 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000506000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3155.960717] FAULT_INJECTION: forcing a failure. [ 3155.960717] name failslab, interval 1, probability 0, space 0, times 0 [ 3155.961990] CPU: 1 PID: 15760 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3155.962883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3155.964099] Call Trace: [ 3155.964379] [ 3155.964615] dump_stack_lvl+0x8b/0xb3 [ 3155.965048] should_fail.cold+0x5/0xa [ 3155.965463] ? create_object.isra.0+0x3a/0xa20 [ 3155.965964] should_failslab+0x5/0x10 [ 3155.966395] kmem_cache_alloc+0x5b/0x480 [ 3155.966850] create_object.isra.0+0x3a/0xa20 [ 3155.967331] ? kasan_unpoison+0x23/0x50 [ 3155.967767] kmem_cache_alloc+0x239/0x480 [ 3155.968237] __kernfs_new_node+0xd4/0x8b0 [ 3155.968692] ? kernfs_add_one+0x3c6/0x550 [ 3155.969155] ? kernfs_path_from_node+0x60/0x60 [ 3155.969658] ? lock_is_held_type+0xd7/0x130 [ 3155.970138] ? up_write+0x148/0x460 [ 3155.970525] ? kernfs_activate+0x1c4/0x240 [ 3155.970984] kernfs_new_node+0x93/0x120 [ 3155.971429] __kernfs_create_file+0x51/0x350 [ 3155.971909] sysfs_add_file_mode_ns+0x218/0x430 [ 3155.972403] ? component_del+0x4c0/0x4c0 [ 3155.972844] internal_create_group+0x322/0xb20 [ 3155.973348] ? sysfs_remove_group+0x170/0x170 [ 3155.973835] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3155.974380] loop_configure+0xf2f/0x1a10 [ 3155.974836] lo_ioctl+0x932/0x1990 [ 3155.975225] ? __x64_sys_openat+0x13f/0x1f0 [ 3155.975696] ? loop_set_status_old+0x1b0/0x1b0 [ 3155.976183] ? avc_ss_reset+0x180/0x180 [ 3155.976630] ? __lock_acquire+0xbac/0x6120 [ 3155.977144] ? loop_set_status_old+0x1b0/0x1b0 [ 3155.977636] blkdev_ioctl+0x356/0x7f0 [ 3155.978052] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3155.978557] ? selinux_file_ioctl+0xb1/0x260 [ 3155.979050] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3155.979646] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3155.980159] __x64_sys_ioctl+0x196/0x210 [ 3155.980604] do_syscall_64+0x3b/0x90 [ 3155.981014] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3155.981582] RIP: 0033:0x7f9ecc2ec8d7 [ 3155.981996] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3155.983961] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3155.984790] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3155.985562] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3155.986324] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3155.987088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3155.987864] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3155.988636] 19:38:57 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x48002, 0x0) linkat(r2, &(0x7f0000000080)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00', 0x800) r3 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder-control\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, r3, {0x81}}, './file0\x00'}) [ 3156.024142] loop6: detected capacity change from 0 to 512 [ 3156.026084] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem 19:38:57 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008080040006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3156.030478] loop3: detected capacity change from 0 to 512 [ 3156.032952] loop5: detected capacity change from 0 to 512 [ 3156.041278] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3156.042800] EXT4-fs (loop3): get root inode failed [ 3156.043367] EXT4-fs (loop3): mount failed [ 3156.054696] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 3156.055188] loop2: detected capacity change from 0 to 512 [ 3156.059377] loop3: detected capacity change from 0 to 512 19:38:57 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000606000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3156.063706] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3156.067885] loop4: detected capacity change from 0 to 512 [ 3156.077510] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3156.085868] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3156.089053] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3156.092669] EXT4-fs (loop3): get root inode failed [ 3156.093757] EXT4-fs (loop3): mount failed [ 3156.109699] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:38:57 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000050006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:57 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40010, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:38:57 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 40) [ 3156.185675] loop3: detected capacity change from 0 to 512 19:38:57 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000060006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3156.216549] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3156.221279] EXT4-fs (loop3): get root inode failed [ 3156.221801] EXT4-fs (loop3): mount failed [ 3156.225301] FAULT_INJECTION: forcing a failure. [ 3156.225301] name failslab, interval 1, probability 0, space 0, times 0 [ 3156.227576] CPU: 0 PID: 15790 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3156.229242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3156.231477] Call Trace: [ 3156.231991] [ 3156.232437] dump_stack_lvl+0x8b/0xb3 [ 3156.233225] should_fail.cold+0x5/0xa [ 3156.233973] ? __kernfs_new_node+0xd4/0x8b0 [ 3156.234824] should_failslab+0x5/0x10 [ 3156.235594] kmem_cache_alloc+0x5b/0x480 [ 3156.236427] __kernfs_new_node+0xd4/0x8b0 [ 3156.237289] ? kernfs_add_one+0x3c6/0x550 [ 3156.238119] ? kernfs_path_from_node+0x60/0x60 [ 3156.239038] ? lock_is_held_type+0xd7/0x130 [ 3156.239898] ? up_write+0x148/0x460 [ 3156.240627] ? kernfs_activate+0x1c4/0x240 [ 3156.241494] kernfs_new_node+0x93/0x120 [ 3156.242291] __kernfs_create_file+0x51/0x350 [ 3156.243171] sysfs_add_file_mode_ns+0x218/0x430 [ 3156.244102] ? component_del+0x4c0/0x4c0 [ 3156.244924] internal_create_group+0x322/0xb20 [ 3156.245852] ? sysfs_remove_group+0x170/0x170 [ 3156.246757] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3156.247773] loop_configure+0xf2f/0x1a10 [ 3156.248619] lo_ioctl+0x932/0x1990 [ 3156.249344] ? __x64_sys_openat+0x13f/0x1f0 [ 3156.250221] ? loop_set_status_old+0x1b0/0x1b0 [ 3156.251123] ? avc_ss_reset+0x180/0x180 [ 3156.251948] ? __lock_acquire+0xbac/0x6120 [ 3156.252875] ? loop_set_status_old+0x1b0/0x1b0 [ 3156.253790] blkdev_ioctl+0x356/0x7f0 [ 3156.254553] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3156.255491] ? selinux_file_ioctl+0xb1/0x260 [ 3156.256380] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3156.257502] ? blkdev_common_ioctl+0x16d0/0x16d0 19:38:57 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000000706000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3156.258450] __x64_sys_ioctl+0x196/0x210 [ 3156.259436] do_syscall_64+0x3b/0x90 [ 3156.260194] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3156.261240] RIP: 0033:0x7f9ecc2ec8d7 [ 3156.261974] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3156.265634] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3156.267152] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3156.268571] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3156.270007] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3156.271419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3156.272825] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3156.274273] [ 3156.284125] loop3: detected capacity change from 0 to 512 [ 3156.295116] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3156.296835] EXT4-fs (loop3): get root inode failed [ 3156.297586] EXT4-fs (loop3): mount failed [ 3156.359469] loop6: detected capacity change from 0 to 512 19:38:57 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 39) 19:38:57 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) setxattr$trusted_overlay_opaque(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f0000000140), 0x2, 0x5) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:38:57 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000001806000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3156.398309] FAULT_INJECTION: forcing a failure. [ 3156.398309] name failslab, interval 1, probability 0, space 0, times 0 [ 3156.399580] CPU: 1 PID: 15803 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3156.400487] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3156.401726] Call Trace: [ 3156.402007] [ 3156.402254] dump_stack_lvl+0x8b/0xb3 [ 3156.402685] should_fail.cold+0x5/0xa [ 3156.403098] ? create_object.isra.0+0x3a/0xa20 [ 3156.403617] should_failslab+0x5/0x10 [ 3156.404038] kmem_cache_alloc+0x5b/0x480 [ 3156.404235] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3156.404505] create_object.isra.0+0x3a/0xa20 [ 3156.406445] ? kasan_unpoison+0x23/0x50 [ 3156.406870] kmem_cache_alloc+0x239/0x480 [ 3156.407339] __kernfs_new_node+0xd4/0x8b0 [ 3156.407800] ? kernfs_add_one+0x3c6/0x550 [ 3156.408260] ? kernfs_path_from_node+0x60/0x60 [ 3156.408775] ? lock_is_held_type+0xd7/0x130 [ 3156.409275] ? up_write+0x148/0x460 [ 3156.409672] ? kernfs_activate+0x1c4/0x240 [ 3156.410149] kernfs_new_node+0x93/0x120 [ 3156.410591] __kernfs_create_file+0x51/0x350 [ 3156.411074] sysfs_add_file_mode_ns+0x218/0x430 [ 3156.411587] ? component_del+0x4c0/0x4c0 [ 3156.412044] internal_create_group+0x322/0xb20 [ 3156.412557] ? sysfs_remove_group+0x170/0x170 [ 3156.413056] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3156.413612] loop_configure+0xf2f/0x1a10 [ 3156.414074] lo_ioctl+0x932/0x1990 [ 3156.414470] ? __x64_sys_openat+0x13f/0x1f0 [ 3156.414947] ? loop_set_status_old+0x1b0/0x1b0 [ 3156.415441] ? avc_ss_reset+0x180/0x180 [ 3156.415894] ? __lock_acquire+0xbac/0x6120 [ 3156.416416] ? blkdev_ioctl+0x13d/0x7f0 [ 3156.416855] ? loop_set_status_old+0x1b0/0x1b0 [ 3156.417376] blkdev_ioctl+0x356/0x7f0 [ 3156.417792] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3156.418305] ? selinux_file_ioctl+0xb1/0x260 [ 3156.418787] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3156.419399] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3156.419918] __x64_sys_ioctl+0x196/0x210 [ 3156.420381] do_syscall_64+0x3b/0x90 [ 3156.420793] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3156.421374] RIP: 0033:0x7f2939f018d7 [ 3156.421778] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3156.423749] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3156.424580] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939f018d7 [ 3156.425368] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3156.426138] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3156.426903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3156.427673] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3156.428467] [ 3156.429633] loop2: detected capacity change from 0 to 512 [ 3156.444673] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3156.475182] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 3156.520482] loop4: detected capacity change from 0 to 512 [ 3156.524907] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3156.534556] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. 19:39:11 executing program 1: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) statx(r0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0) setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[@ANYBLOB='B']) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x48002, 0x0) r3 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x48002, 0x0) linkat(r4, &(0x7f0000000080)='./file0\x00', r3, &(0x7f0000000140)='./file0\x00', 0x800) ioctl$BLKIOMIN(r4, 0x1278, &(0x7f0000000300)) linkat(r2, &(0x7f0000000080)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00', 0x800) r5 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x48002, 0x0) linkat(r6, &(0x7f0000000080)='./file0\x00', r5, &(0x7f0000000140)='./file0\x00', 0x800) unlinkat(r6, &(0x7f0000000380)='./file0\x00', 0x0) inotify_add_watch(r2, &(0x7f0000000140)='./file0\x00', 0x30000500) setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 19:39:11 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000070006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:39:11 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000001c06000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3170.222316] loop1: detected capacity change from 0 to 512 19:39:11 executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) name_to_handle_at(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@ocfs2_parent={0x18, 0x2, {{0x7f, 0x9, 0xff}, {0x61, 0x5, 0xffffff5a}}}, &(0x7f0000000140), 0x400) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000180)='./file0\x00', 0x42) r2 = syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r3 = io_uring_setup(0x2c75, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1}) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000200)=[0xffffffffffffffff, r3, 0xffffffffffffffff], 0x3) ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000580)={0x0, 0x0, 0x7, 0x0, '\x00', [{0x2, 0x401, 0x8000, 0x200, 0x6, 0x6}, {0xfff, 0x9d, 0xffffffff, 0x1340, 0x3, 0x154eaa50}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}) 19:39:11 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 40) [ 3170.235791] loop2: detected capacity change from 0 to 512 19:39:11 executing program 5: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)) openat(r0, &(0x7f00000000c0)='./file1\x00', 0xce, 0x0) 19:39:11 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 41) 19:39:11 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40011, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3170.251393] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 3170.259343] loop5: detected capacity change from 0 to 512 [ 3170.290077] FAULT_INJECTION: forcing a failure. [ 3170.290077] name failslab, interval 1, probability 0, space 0, times 0 [ 3170.292462] CPU: 1 PID: 15834 Comm: syz-executor.4 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3170.294121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3170.296370] Call Trace: [ 3170.296882] [ 3170.297350] dump_stack_lvl+0x8b/0xb3 [ 3170.298137] should_fail.cold+0x5/0xa [ 3170.298906] ? __kernfs_new_node+0xd4/0x8b0 [ 3170.299119] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 3170.299772] should_failslab+0x5/0x10 [ 3170.302018] kmem_cache_alloc+0x5b/0x480 [ 3170.302870] __kernfs_new_node+0xd4/0x8b0 [ 3170.303720] ? kernfs_add_one+0x3c6/0x550 [ 3170.304572] ? kernfs_path_from_node+0x60/0x60 [ 3170.305511] ? lock_is_held_type+0xd7/0x130 [ 3170.306405] ? up_write+0x148/0x460 [ 3170.307115] ? kernfs_activate+0x1c4/0x240 [ 3170.307990] kernfs_new_node+0x93/0x120 [ 3170.308810] __kernfs_create_file+0x51/0x350 [ 3170.309705] sysfs_add_file_mode_ns+0x218/0x430 [ 3170.310653] ? component_del+0x4c0/0x4c0 [ 3170.311482] internal_create_group+0x322/0xb20 [ 3170.312382] ? sysfs_remove_group+0x170/0x170 [ 3170.313302] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3170.314288] loop_configure+0xf2f/0x1a10 [ 3170.315110] lo_ioctl+0x932/0x1990 [ 3170.315822] ? __x64_sys_openat+0x13f/0x1f0 [ 3170.316671] ? loop_set_status_old+0x1b0/0x1b0 [ 3170.317598] ? avc_ss_reset+0x180/0x180 [ 3170.318432] ? __lock_acquire+0xbac/0x6120 [ 3170.319369] ? loop_set_status_old+0x1b0/0x1b0 [ 3170.320254] blkdev_ioctl+0x356/0x7f0 [ 3170.321017] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3170.321951] ? selinux_file_ioctl+0xb1/0x260 [ 3170.322837] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3170.323935] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3170.324865] __x64_sys_ioctl+0x196/0x210 [ 3170.325697] do_syscall_64+0x3b/0x90 [ 3170.326444] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3170.327485] RIP: 0033:0x7f2939f018d7 [ 3170.328231] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3170.331791] RSP: 002b:00007f2937476f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3170.333308] RAX: ffffffffffffffda RBX: 00007f2939f4b970 RCX: 00007f2939f018d7 [ 3170.334708] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3170.336103] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3170.337521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3170.338926] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3170.340352] [ 3170.344623] loop3: detected capacity change from 0 to 512 19:39:11 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000002006000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:39:11 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000180006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3170.366971] FAULT_INJECTION: forcing a failure. [ 3170.366971] name failslab, interval 1, probability 0, space 0, times 0 [ 3170.369314] CPU: 1 PID: 15835 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3170.370962] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3170.373156] Call Trace: [ 3170.373676] [ 3170.374120] dump_stack_lvl+0x8b/0xb3 [ 3170.374896] should_fail.cold+0x5/0xa [ 3170.375665] ? create_object.isra.0+0x3a/0xa20 [ 3170.376597] should_failslab+0x5/0x10 [ 3170.377395] kmem_cache_alloc+0x5b/0x480 [ 3170.378235] create_object.isra.0+0x3a/0xa20 [ 3170.379113] ? kasan_unpoison+0x23/0x50 [ 3170.379915] kmem_cache_alloc+0x239/0x480 [ 3170.380757] __kernfs_new_node+0xd4/0x8b0 [ 3170.381605] ? kernfs_add_one+0x3c6/0x550 [ 3170.382442] ? kernfs_path_from_node+0x60/0x60 [ 3170.383368] ? lock_is_held_type+0xd7/0x130 [ 3170.384247] ? up_write+0x148/0x460 [ 3170.384976] ? kernfs_activate+0x1c4/0x240 [ 3170.385843] kernfs_new_node+0x93/0x120 [ 3170.386656] __kernfs_create_file+0x51/0x350 [ 3170.387532] sysfs_add_file_mode_ns+0x218/0x430 [ 3170.388457] ? component_del+0x4c0/0x4c0 [ 3170.389290] internal_create_group+0x322/0xb20 [ 3170.390223] ? sysfs_remove_group+0x170/0x170 [ 3170.391123] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 3170.392147] loop_configure+0xf2f/0x1a10 [ 3170.392990] lo_ioctl+0x932/0x1990 [ 3170.393763] ? __x64_sys_openat+0x13f/0x1f0 [ 3170.394596] ? loop_set_status_old+0x1b0/0x1b0 [ 3170.395498] ? avc_ss_reset+0x180/0x180 [ 3170.396311] ? __lock_acquire+0xbac/0x6120 [ 3170.397216] ? loop_set_status_old+0x1b0/0x1b0 [ 3170.398120] blkdev_ioctl+0x356/0x7f0 [ 3170.398854] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3170.399770] ? selinux_file_ioctl+0xb1/0x260 [ 3170.400634] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3170.401712] ? blkdev_common_ioctl+0x16d0/0x16d0 [ 3170.402626] __x64_sys_ioctl+0x196/0x210 [ 3170.403424] do_syscall_64+0x3b/0x90 [ 3170.404149] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3170.405149] RIP: 0033:0x7f9ecc2ec8d7 [ 3170.405873] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3170.409386] RSP: 002b:00007f9ec9861f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3170.410850] RAX: ffffffffffffffda RBX: 00007f9ecc336970 RCX: 00007f9ecc2ec8d7 [ 3170.412213] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 3170.413580] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 3170.414944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3170.416302] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 3170.417708] [ 3170.427479] loop4: detected capacity change from 0 to 512 [ 3170.429939] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 3170.436744] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3170.439039] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 3170.445667] EXT4-fs (loop3): get root inode failed [ 3170.445688] EXT4-fs (loop3): mount failed [ 3170.457974] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 3170.467621] loop3: detected capacity change from 0 to 512 [ 3170.510320] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3170.521298] loop6: detected capacity change from 0 to 512 [ 3170.524448] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 3170.529325] EXT4-fs (loop3): get root inode failed [ 3170.530328] EXT4-fs (loop3): mount failed [ 3170.570817] [ 3170.571155] ====================================================== [ 3170.572281] WARNING: possible circular locking dependency detected [ 3170.573419] 5.18.0-rc2-next-20220414 #1 Not tainted [ 3170.574291] ------------------------------------------------------ [ 3170.575366] kworker/0:0/15458 is trying to acquire lock: [ 3170.576298] ffff8880104fc0e0 (&type->s_umount_key#42){++++}-{3:3}, at: deactivate_super+0xa5/0xd0 [ 3170.577891] [ 3170.577891] but task is already holding lock: [ 3170.578901] ffff88804787fdb0 ((delayed_mntput_work).work){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 3170.580553] [ 3170.580553] which lock already depends on the new lock. [ 3170.580553] [ 3170.582183] [ 3170.582183] the existing dependency chain (in reverse order) is: [ 3170.584264] [ 3170.584264] -> #2 ((delayed_mntput_work).work){+.+.}-{0:0}: [ 3170.585519] process_one_work+0x9a0/0x16a0 [ 3170.586348] worker_thread+0x637/0x1250 [ 3170.587127] kthread+0x2f2/0x3b0 [ 3170.587800] ret_from_fork+0x22/0x30 [ 3170.588537] [ 3170.588537] -> #1 ((wq_completion)events){+.+.}-{0:0}: [ 3170.589716] flush_workqueue+0x144/0x11a0 [ 3170.590556] ext4_put_super+0x9d/0x1050 [ 3170.591359] generic_shutdown_super+0x14f/0x410 [ 3170.591728] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 3170.592286] kill_block_super+0x9d/0xf0 [ 3170.592312] deactivate_locked_super+0x99/0x160 [ 3170.595565] deactivate_super+0xad/0xd0 [ 3170.596410] cleanup_mnt+0x39a/0x510 [ 3170.597190] task_work_run+0xe2/0x1a0 [ 3170.597991] exit_to_user_mode_prepare+0x199/0x1a0 [ 3170.598952] syscall_exit_to_user_mode+0x19/0x40 [ 3170.599877] do_syscall_64+0x48/0x90 [ 3170.600636] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3170.601653] [ 3170.601653] -> #0 (&type->s_umount_key#42){++++}-{3:3}: [ 3170.602827] __lock_acquire+0x2c2f/0x6120 [ 3170.603625] lock_acquire+0x1a2/0x530 [ 3170.604365] down_write+0x90/0x150 [ 3170.605056] deactivate_super+0xa5/0xd0 [ 3170.605837] cleanup_mnt+0x39a/0x510 [ 3170.606562] delayed_mntput+0x62/0x80 [ 3170.607304] process_one_work+0xa1c/0x16a0 [ 3170.608125] worker_thread+0x637/0x1250 [ 3170.608894] kthread+0x2f2/0x3b0 [ 3170.609567] ret_from_fork+0x22/0x30 [ 3170.610291] [ 3170.610291] other info that might help us debug this: [ 3170.610291] [ 3170.611664] Chain exists of: [ 3170.611664] &type->s_umount_key#42 --> (wq_completion)events --> (delayed_mntput_work).work [ 3170.611664] [ 3170.613933] Possible unsafe locking scenario: [ 3170.613933] [ 3170.614937] CPU0 CPU1 [ 3170.615706] ---- ---- [ 3170.616470] lock((delayed_mntput_work).work); [ 3170.617270] lock((wq_completion)events); [ 3170.618399] lock((delayed_mntput_work).work); [ 3170.619599] lock(&type->s_umount_key#42); [ 3170.620331] [ 3170.620331] *** DEADLOCK *** [ 3170.620331] [ 3170.621340] 2 locks held by kworker/0:0/15458: [ 3170.622096] #0: ffff888007858d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 3170.623794] #1: ffff88804787fdb0 ((delayed_mntput_work).work){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 3170.625574] [ 3170.625574] stack backtrace: [ 3170.626341] CPU: 0 PID: 15458 Comm: kworker/0:0 Not tainted 5.18.0-rc2-next-20220414 #1 [ 3170.627762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 3170.629726] Workqueue: events delayed_mntput [ 3170.630485] Call Trace: [ 3170.630933] [ 3170.631308] dump_stack_lvl+0x8b/0xb3 [ 3170.631959] check_noncircular+0x25f/0x2e0 [ 3170.632679] ? print_circular_bug+0x450/0x450 [ 3170.633457] __lock_acquire+0x2c2f/0x6120 [ 3170.634161] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3170.635045] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 3170.635965] lock_acquire+0x1a2/0x530 [ 3170.636607] ? deactivate_super+0xa5/0xd0 [ 3170.637316] ? lock_release+0x750/0x750 [ 3170.637987] ? lock_is_held_type+0xd7/0x130 [ 3170.638720] ? lock_is_held_type+0xd7/0x130 [ 3170.639458] down_write+0x90/0x150 [ 3170.640054] ? deactivate_super+0xa5/0xd0 [ 3170.640752] ? down_write_killable+0x170/0x170 [ 3170.641533] ? dput+0x35/0xe10 [ 3170.642081] deactivate_super+0xa5/0xd0 [ 3170.642742] cleanup_mnt+0x39a/0x510 [ 3170.643369] delayed_mntput+0x62/0x80 [ 3170.643997] process_one_work+0xa1c/0x16a0 [ 3170.644705] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 3170.645492] ? rwlock_bug.part.0+0x90/0x90 [ 3170.646207] ? _raw_spin_lock_irq+0x41/0x50 [ 3170.646938] worker_thread+0x637/0x1250 [ 3170.647610] ? process_one_work+0x16a0/0x16a0 [ 3170.648369] kthread+0x2f2/0x3b0 [ 3170.648931] ? kthread_complete_and_exit+0x40/0x40 [ 3170.649753] ret_from_fork+0x22/0x30 [ 3170.650437] 19:39:11 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000800000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0xfffffffffffffffb}, {&(0x7f0000000140)="020000000300008004be06dd93c880d55fe44f3421b8d97a16fde8d8c8c54ef3a10f801f34f3f94dd65a2856385addbd69e8eb0621706a28663aae598c0b13a354237729011366301292fec888c18aa4077cff0c116ac2765bbb408a6287adf217ce8f0df365f608f8fac9e280272bca4356ef34294ae3c4575ffbc81eaa1797587c497d091c534aced76ae31d643876cc1d4af30bb8f593fe", 0x99, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x2, &(0x7f0000012c00)=ANY=[]) setresuid(0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0) 19:39:11 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000100)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080004d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 41) 19:39:11 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000280)="2000000080001c0006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:39:11 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="200080008000003a06000000660000000f0000000000000001000000010000000040000000400000410fc7c2426ac2f9daf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012c00)=ANY=[]) 19:39:11 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000880004d9f4655fdaf4655fdaf4785f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000012c00)=ANY=[]) (fail_nth: 42) 19:39:11 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40026, 0x2, &(0x7f0000000200)=[{&(0x7f0000000280)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000012c00)=ANY=[]) [ 3170.698911] loop3: detected capacity change from 0 to 512 [ 3170.719611] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3170.723802] EXT4-fs (loop3): get root inode failed [ 3170.724624] EXT4-fs (loop3): mount failed [ 3170.730184] loop3: detected capacity change from 0 to 512 [ 3170.743567] EXT4-fs error (device loop3): __ext4_fill_super:5311: inode #2: comm syz-executor.3: iget: root inode unallocated [ 3170.745804] EXT4-fs (loop3): get root inode failed [ 3170.746667] EXT4-fs (loop3): mount failed VM DIAGNOSIS: 19:39:12 Registers: info registers vcpu 0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff823f070c RDI=ffffffff873ca420 RBP=ffffffff873ca3e0 RSP=ffff88804787f3c0 R8 =0000000000000054 R9 =0000000000000031 R10=ffffffff823d7deb R11=000000000000000a R12=0000000000000020 R13=fffffbfff0e794cf R14=fffffbfff0e79486 R15=dffffc0000000000 RIP=ffffffff823f0761 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000555555fc0c98 CR3=0000000046182000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=000000000003ffff RBX=ffff88800e2b7538 RCX=ffffc90006a00000 RDX=0000000000040000 RSI=ffffffff81acca5f RDI=0000000000000003 RBP=ffff888048472a70 RSP=ffff88800e2b73d8 R8 =00000000ffffffff R9 =0000000000000000 R10=ffffffff81acca50 R11=0000000000000000 R12=0000000000007fe2 R13=0000000000000000 R14=0000000000000000 R15=ffff88800e2b7544 RIP=ffffffff814426ac RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f3af004e700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff64be932a0 CR3=0000000049e7a000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000